1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "enterprise_device_mgr_proxy.h"
17
18 #include <iservice_registry.h>
19 #include <string_ex.h>
20
21 #include "admin_type.h"
22 #include "edm_constants.h"
23 #include "edm_errors.h"
24 #include "edm_load_manager.h"
25 #include "edm_log.h"
26 #include "edm_sys_manager.h"
27 #include "func_code.h"
28 #include "parameters.h"
29 #include "system_ability_definition.h"
30
31 namespace OHOS {
32 namespace EDM {
33 std::shared_ptr<EnterpriseDeviceMgrProxy> EnterpriseDeviceMgrProxy::instance_ = nullptr;
34 std::mutex EnterpriseDeviceMgrProxy::mutexLock_;
35 const std::u16string DESCRIPTOR = u"ohos.edm.IEnterpriseDeviceMgr";
36 const uint32_t GET_ENABLE_ADMIN = 5;
37
GetInstance()38 std::shared_ptr<EnterpriseDeviceMgrProxy> EnterpriseDeviceMgrProxy::GetInstance()
39 {
40 if (instance_ == nullptr) {
41 std::lock_guard<std::mutex> lock(mutexLock_);
42 if (instance_ == nullptr) {
43 std::shared_ptr<EnterpriseDeviceMgrProxy> temp = std::make_shared<EnterpriseDeviceMgrProxy>();
44 instance_ = temp;
45 }
46 }
47 return instance_;
48 }
49
DestroyInstance()50 void EnterpriseDeviceMgrProxy::DestroyInstance()
51 {
52 std::lock_guard<std::mutex> lock(mutexLock_);
53 if (instance_ != nullptr) {
54 instance_.reset();
55 }
56 }
57
IsEdmEnabled()58 bool EnterpriseDeviceMgrProxy::IsEdmEnabled()
59 {
60 std::string edmParaValue = system::GetParameter("persist.edm.edm_enable", "false");
61 EDMLOGD("EnterpriseDeviceMgrProxy::GetParameter %{public}s", edmParaValue.c_str());
62 return edmParaValue == "true";
63 }
64
EnableAdmin(AppExecFwk::ElementName & admin,EntInfo & entInfo,AdminType type,int32_t userId)65 ErrCode EnterpriseDeviceMgrProxy::EnableAdmin(AppExecFwk::ElementName &admin, EntInfo &entInfo, AdminType type,
66 int32_t userId)
67 {
68 EDMLOGD("EnterpriseDeviceMgrProxy::EnableAdmin");
69 sptr<IRemoteObject> remote = LoadAndGetEdmService();
70 if (!remote) {
71 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
72 }
73 MessageParcel data;
74 MessageParcel reply;
75 MessageOption option;
76 data.WriteInterfaceToken(DESCRIPTOR);
77 data.WriteParcelable(&admin);
78 entInfo.Marshalling(data);
79 data.WriteInt32(static_cast<int32_t>(type));
80 data.WriteInt32(userId);
81 ErrCode res = remote->SendRequest(EdmInterfaceCode::ADD_DEVICE_ADMIN, data, reply, option);
82 if (FAILED(res)) {
83 EDMLOGE("EnterpriseDeviceMgrProxy:EnableAdmin send request fail. %{public}d", res);
84 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
85 }
86 int32_t resCode = ERR_INVALID_VALUE;
87 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
88 EDMLOGW("EnterpriseDeviceMgrProxy:EnableAdmin get result code fail. %{public}d", resCode);
89 return resCode;
90 }
91 return ERR_OK;
92 }
93
ReplaceSuperAdmin(AppExecFwk::ElementName & oldAdmin,AppExecFwk::ElementName & newAdmin,bool keepPolicy)94 ErrCode EnterpriseDeviceMgrProxy::ReplaceSuperAdmin(AppExecFwk::ElementName &oldAdmin,
95 AppExecFwk::ElementName &newAdmin, bool keepPolicy)
96 {
97 EDMLOGI("EnterpriseDeviceMgrProxy::ReplaceSuperAdmin");
98 if (!IsEdmEnabled()) {
99 return EdmReturnErrCode::ADMIN_INACTIVE;
100 }
101 sptr<IRemoteObject> remote = LoadAndGetEdmService();
102 if (!remote) {
103 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
104 }
105 MessageParcel data;
106 MessageParcel reply;
107 MessageOption option;
108 data.WriteInterfaceToken(DESCRIPTOR);
109 data.WriteParcelable(&oldAdmin);
110 data.WriteParcelable(&newAdmin);
111 data.WriteBool(keepPolicy);
112 return remote->SendRequest(EdmInterfaceCode::REPLACE_SUPER_ADMIN, data, reply, option);
113 }
114
DisableAdmin(AppExecFwk::ElementName & admin,int32_t userId)115 ErrCode EnterpriseDeviceMgrProxy::DisableAdmin(AppExecFwk::ElementName &admin, int32_t userId)
116 {
117 EDMLOGD("EnterpriseDeviceMgrProxy::DisableAdmin");
118 if (!IsEdmEnabled()) {
119 return EdmReturnErrCode::DISABLE_ADMIN_FAILED;
120 }
121 sptr<IRemoteObject> remote = LoadAndGetEdmService();
122 if (!remote) {
123 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
124 }
125 MessageParcel data;
126 MessageParcel reply;
127 MessageOption option;
128 data.WriteInterfaceToken(DESCRIPTOR);
129 data.WriteParcelable(&admin);
130 data.WriteInt32(userId);
131 ErrCode res = remote->SendRequest(EdmInterfaceCode::REMOVE_DEVICE_ADMIN, data, reply, option);
132 if (FAILED(res)) {
133 EDMLOGE("EnterpriseDeviceMgrProxy:DisableAdmin send request fail. %{public}d", res);
134 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
135 }
136 int32_t resCode = ERR_INVALID_VALUE;
137 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
138 EDMLOGW("EnterpriseDeviceMgrProxy:DisableAdmin get result code fail. %{public}d", resCode);
139 return resCode;
140 }
141 return ERR_OK;
142 }
143
DisableSuperAdmin(const std::string & bundleName)144 ErrCode EnterpriseDeviceMgrProxy::DisableSuperAdmin(const std::string &bundleName)
145 {
146 EDMLOGD("EnterpriseDeviceMgrProxy::DisableSuperAdmin");
147 if (!IsEdmEnabled()) {
148 return EdmReturnErrCode::DISABLE_ADMIN_FAILED;
149 }
150 sptr<IRemoteObject> remote = LoadAndGetEdmService();
151 if (!remote) {
152 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
153 }
154 MessageParcel data;
155 MessageParcel reply;
156 MessageOption option;
157 data.WriteInterfaceToken(DESCRIPTOR);
158 data.WriteString(bundleName);
159 ErrCode res = remote->SendRequest(EdmInterfaceCode::REMOVE_SUPER_ADMIN, data, reply, option);
160 if (FAILED(res)) {
161 EDMLOGE("EnterpriseDeviceMgrProxy:DisableSuperAdmin send request fail. %{public}d", res);
162 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
163 }
164 int32_t resCode = ERR_INVALID_VALUE;
165 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
166 EDMLOGW("EnterpriseDeviceMgrProxy:DisableSuperAdmin get result code fail. %{public}d", resCode);
167 return resCode;
168 }
169 return ERR_OK;
170 }
171
DisableSuperAdmin(MessageParcel & data)172 ErrCode EnterpriseDeviceMgrProxy::DisableSuperAdmin(MessageParcel &data)
173 {
174 EDMLOGD("EnterpriseDeviceMgrProxy::DisableSuperAdmin");
175 if (!IsEdmEnabled()) {
176 return EdmReturnErrCode::DISABLE_ADMIN_FAILED;
177 }
178 sptr<IRemoteObject> remote = LoadAndGetEdmService();
179 if (!remote) {
180 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
181 }
182 MessageParcel reply;
183 MessageOption option;
184 ErrCode res = remote->SendRequest(EdmInterfaceCode::REMOVE_SUPER_ADMIN, data, reply, option);
185 if (FAILED(res)) {
186 EDMLOGE("EnterpriseDeviceMgrProxy:DisableSuperAdmin send request fail. %{public}d", res);
187 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
188 }
189 int32_t resCode = ERR_INVALID_VALUE;
190 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
191 EDMLOGW("EnterpriseDeviceMgrProxy:DisableSuperAdmin get result code fail. %{public}d", resCode);
192 return resCode;
193 }
194 return ERR_OK;
195 }
196
GetEnabledAdmin(AdminType type,std::vector<std::string> & enabledAdminList)197 ErrCode EnterpriseDeviceMgrProxy::GetEnabledAdmin(AdminType type, std::vector<std::string> &enabledAdminList)
198 {
199 EDMLOGD("EnterpriseDeviceMgrProxy::GetEnabledAdmin");
200 if (!IsEdmEnabled()) {
201 return EdmReturnErrCode::ADMIN_INACTIVE;
202 }
203 sptr<IRemoteObject> remote = LoadAndGetEdmService();
204 if (!remote) {
205 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
206 }
207 MessageParcel data;
208 MessageParcel reply;
209 MessageOption option;
210 data.WriteInterfaceToken(DESCRIPTOR);
211 data.WriteInt32(static_cast<int32_t>(type));
212 ErrCode res = remote->SendRequest(EdmInterfaceCode::GET_ENABLED_ADMIN, data, reply, option);
213 if (FAILED(res)) {
214 EDMLOGE("EnterpriseDeviceMgrProxy:GetEnabledAdmin send request fail. %{public}d", res);
215 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
216 }
217 int32_t resCode = ERR_INVALID_VALUE;
218 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
219 EDMLOGW("EnterpriseDeviceMgrProxy:GetEnabledAdmin get result code fail. %{public}d", resCode);
220 return resCode;
221 }
222 reply.ReadStringVector(&enabledAdminList);
223 return ERR_OK;
224 }
225
GetEnterpriseInfo(AppExecFwk::ElementName & admin,EntInfo & entInfo)226 ErrCode EnterpriseDeviceMgrProxy::GetEnterpriseInfo(AppExecFwk::ElementName &admin, EntInfo &entInfo)
227 {
228 EDMLOGD("EnterpriseDeviceMgrProxy::GetEnterpriseInfo");
229 if (!IsEdmEnabled()) {
230 return EdmReturnErrCode::ADMIN_INACTIVE;
231 }
232 sptr<IRemoteObject> remote = LoadAndGetEdmService();
233 if (!remote) {
234 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
235 }
236 MessageParcel data;
237 MessageParcel reply;
238 MessageOption option;
239 data.WriteInterfaceToken(DESCRIPTOR);
240 data.WriteParcelable(&admin);
241 ErrCode res = remote->SendRequest(EdmInterfaceCode::GET_ENT_INFO, data, reply, option);
242 if (FAILED(res)) {
243 EDMLOGE("EnterpriseDeviceMgrProxy:GetEnterpriseInfo send request fail. %{public}d", res);
244 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
245 }
246 int32_t resCode = ERR_INVALID_VALUE;
247 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
248 EDMLOGW("EnterpriseDeviceMgrProxy:GetEnterpriseInfo get result code fail. %{public}d", resCode);
249 return resCode;
250 }
251 if (!EntInfo::Unmarshalling(reply, entInfo)) {
252 EDMLOGE("EnterpriseDeviceMgrProxy::GetEnterpriseInfo read parcel fail");
253 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
254 }
255 return ERR_OK;
256 }
257
SetEnterpriseInfo(MessageParcel & data)258 ErrCode EnterpriseDeviceMgrProxy::SetEnterpriseInfo(MessageParcel &data)
259 {
260 EDMLOGD("EnterpriseDeviceMgrProxy::SetEnterpriseInfo");
261 if (!IsEdmEnabled()) {
262 return EdmReturnErrCode::ADMIN_INACTIVE;
263 }
264 sptr<IRemoteObject> remote = LoadAndGetEdmService();
265 if (!remote) {
266 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
267 }
268 MessageParcel reply;
269 MessageOption option;
270 ErrCode res = remote->SendRequest(EdmInterfaceCode::SET_ENT_INFO, data, reply, option);
271 if (FAILED(res)) {
272 EDMLOGE("EnterpriseDeviceMgrProxy:SetEnterpriseInfo send request fail. %{public}d", res);
273 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
274 }
275 int32_t resCode = ERR_INVALID_VALUE;
276 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
277 EDMLOGW("EnterpriseDeviceMgrProxy:SetEnterpriseInfo get result code fail. %{public}d", resCode);
278 return resCode;
279 }
280 return ERR_OK;
281 }
282
HandleManagedEvent(const AppExecFwk::ElementName & admin,const std::vector<uint32_t> & events,bool subscribe)283 ErrCode EnterpriseDeviceMgrProxy::HandleManagedEvent(const AppExecFwk::ElementName &admin,
284 const std::vector<uint32_t> &events, bool subscribe)
285 {
286 EDMLOGD("EnterpriseDeviceMgrProxy::SubscribeManagedEvent: %{public}d", subscribe);
287 if (!IsEdmEnabled()) {
288 return EdmReturnErrCode::ADMIN_INACTIVE;
289 }
290 sptr<IRemoteObject> remote = LoadAndGetEdmService();
291 if (!remote) {
292 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
293 }
294 MessageParcel data;
295 MessageParcel reply;
296 MessageOption option;
297 data.WriteInterfaceToken(DESCRIPTOR);
298 data.WriteParcelable(&admin);
299 data.WriteUInt32Vector(events);
300 uint32_t policyCode = EdmInterfaceCode::SUBSCRIBE_MANAGED_EVENT;
301 if (!subscribe) {
302 policyCode = EdmInterfaceCode::UNSUBSCRIBE_MANAGED_EVENT;
303 }
304 ErrCode res = remote->SendRequest(policyCode, data, reply, option);
305 if (FAILED(res)) {
306 EDMLOGE("EnterpriseDeviceMgrProxy:SubscribeManagedEvent send request fail. %{public}d", res);
307 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
308 }
309 int32_t retCode = ERR_INVALID_VALUE;
310 reply.ReadInt32(retCode);
311 return retCode;
312 }
313
HandleManagedEvent(MessageParcel & data,bool subscribe)314 ErrCode EnterpriseDeviceMgrProxy::HandleManagedEvent(MessageParcel &data, bool subscribe)
315 {
316 EDMLOGD("EnterpriseDeviceMgrProxy::SubscribeManagedEvent: %{public}d", subscribe);
317 if (!IsEdmEnabled()) {
318 return EdmReturnErrCode::ADMIN_INACTIVE;
319 }
320 sptr<IRemoteObject> remote = LoadAndGetEdmService();
321 if (!remote) {
322 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
323 }
324 MessageParcel reply;
325 MessageOption option;
326 uint32_t policyCode = EdmInterfaceCode::SUBSCRIBE_MANAGED_EVENT;
327 if (!subscribe) {
328 policyCode = EdmInterfaceCode::UNSUBSCRIBE_MANAGED_EVENT;
329 }
330 ErrCode res = remote->SendRequest(policyCode, data, reply, option);
331 if (FAILED(res)) {
332 EDMLOGE("EnterpriseDeviceMgrProxy:SubscribeManagedEvent send request fail. %{public}d", res);
333 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
334 }
335 int32_t retCode = ERR_INVALID_VALUE;
336 reply.ReadInt32(retCode);
337 return retCode;
338 }
339
IsSuperAdmin(MessageParcel & data,bool & result)340 ErrCode EnterpriseDeviceMgrProxy::IsSuperAdmin(MessageParcel &data, bool &result)
341 {
342 EDMLOGD("EnterpriseDeviceMgrProxy::IsSuperAdmin");
343 result = false;
344 if (!IsEdmEnabled()) {
345 return ERR_OK;
346 }
347 sptr<IRemoteObject> remote = LoadAndGetEdmService();
348 if (!remote) {
349 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
350 }
351 MessageParcel reply;
352 MessageOption option;
353 ErrCode res = remote->SendRequest(EdmInterfaceCode::IS_SUPER_ADMIN, data, reply, option);
354 if (FAILED(res)) {
355 EDMLOGE("EnterpriseDeviceMgrProxy:IsSuperAdmin send request fail. %{public}d", res);
356 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
357 }
358 int32_t resCode = ERR_INVALID_VALUE;
359 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
360 EDMLOGW("EnterpriseDeviceMgrProxy:SetEnterpriseInfo get result code fail. %{public}d", resCode);
361 return resCode;
362 }
363 reply.ReadBool(result);
364 EDMLOGD("EnterpriseDeviceMgrProxy::IsSuperAdmin ret %{public}d", result);
365 return ERR_OK;
366 }
367
IsAdminEnabled(AppExecFwk::ElementName & admin,int32_t userId,bool & result)368 ErrCode EnterpriseDeviceMgrProxy::IsAdminEnabled(AppExecFwk::ElementName &admin, int32_t userId, bool &result)
369 {
370 EDMLOGD("EnterpriseDeviceMgrProxy::IsAdminEnabled");
371 result = false;
372 if (!IsEdmEnabled()) {
373 return ERR_OK;
374 }
375 sptr<IRemoteObject> remote = LoadAndGetEdmService();
376 if (!remote) {
377 return false;
378 }
379 MessageParcel data;
380 MessageParcel reply;
381 MessageOption option;
382 data.WriteInterfaceToken(DESCRIPTOR);
383 data.WriteParcelable(&admin);
384 data.WriteInt32(userId);
385 ErrCode res = remote->SendRequest(EdmInterfaceCode::IS_ADMIN_ENABLED, data, reply, option);
386 if (FAILED(res)) {
387 EDMLOGE("EnterpriseDeviceMgrProxy:IsAdminEnabled send request fail. %{public}d", res);
388 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
389 }
390 int32_t resCode = ERR_INVALID_VALUE;
391 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
392 EDMLOGW("EnterpriseDeviceMgrProxy:IsAdminEnabled get result code fail. %{public}d", resCode);
393 return resCode;
394 }
395 reply.ReadBool(result);
396 EDMLOGD("EnterpriseDeviceMgrProxy::IsAdminEnabled ret %{public}d", result);
397 return ERR_OK;
398 }
399
IsPolicyDisabled(const AppExecFwk::ElementName * admin,int policyCode,bool & result,std::string permissionTag)400 int32_t EnterpriseDeviceMgrProxy::IsPolicyDisabled(const AppExecFwk::ElementName *admin, int policyCode, bool &result,
401 std::string permissionTag)
402 {
403 MessageParcel data;
404 data.WriteInterfaceToken(DESCRIPTOR);
405 data.WriteInt32(WITHOUT_USERID);
406 data.WriteString(permissionTag);
407 if (admin != nullptr) {
408 data.WriteInt32(HAS_ADMIN);
409 data.WriteParcelable(admin);
410 } else {
411 if (!IsEdmEnabled()) {
412 result = false;
413 return ERR_OK;
414 }
415 data.WriteInt32(WITHOUT_ADMIN);
416 }
417 return IsPolicyDisabled(data, policyCode, result);
418 }
419
IsPolicyDisabled(MessageParcel & data,uint32_t policyCode,bool & result)420 int32_t EnterpriseDeviceMgrProxy::IsPolicyDisabled(MessageParcel &data, uint32_t policyCode, bool &result)
421 {
422 if (CheckDataInEdmDisabled(data)) {
423 result = false;
424 return ERR_OK;
425 }
426 MessageParcel reply;
427 GetPolicy(policyCode, data, reply);
428 int32_t ret = ERR_INVALID_VALUE;
429 bool isSuccess = reply.ReadInt32(ret) && (ret == ERR_OK);
430 if (!isSuccess) {
431 EDMLOGE("IsPolicyDisabled:GetPolicy fail. %{public}d", ret);
432 return ret;
433 }
434 reply.ReadBool(result);
435 return ERR_OK;
436 }
437
HandleDevicePolicy(int32_t policyCode,MessageParcel & data)438 int32_t EnterpriseDeviceMgrProxy::HandleDevicePolicy(int32_t policyCode, MessageParcel &data)
439 {
440 MessageParcel reply;
441 return HandleDevicePolicy(policyCode, data, reply);
442 }
443
CheckDataInEdmDisabled(MessageParcel & data)444 bool EnterpriseDeviceMgrProxy::CheckDataInEdmDisabled(MessageParcel &data)
445 {
446 data.ReadInterfaceToken();
447 data.ReadInt32();
448 data.ReadString();
449 auto isAdmin = data.ReadInt32();
450 data.RewindRead(0);
451 if (isAdmin == WITHOUT_ADMIN && !IsEdmEnabled()) {
452 return true;
453 }
454 return false;
455 }
456
HandleDevicePolicy(int32_t policyCode,MessageParcel & data,MessageParcel & reply)457 int32_t EnterpriseDeviceMgrProxy::HandleDevicePolicy(int32_t policyCode, MessageParcel &data, MessageParcel &reply)
458 {
459 EDMLOGD("EnterpriseDeviceMgrProxy::HandleDevicePolicy");
460 if (!IsEdmEnabled()) {
461 return EdmReturnErrCode::ADMIN_INACTIVE;
462 }
463 sptr<IRemoteObject> remote = LoadAndGetEdmService();
464 if (!remote) {
465 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
466 }
467 MessageOption option;
468 EDMLOGD("EnterpriseDeviceMgrProxy::handleDevicePolicy::sendRequest %{public}d", policyCode);
469 ErrCode res = remote->SendRequest(policyCode, data, reply, option);
470 if (FAILED(res)) {
471 EDMLOGE("EnterpriseDeviceMgrProxy:HandleDevicePolicy send request fail. %{public}d", res);
472 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
473 }
474 int32_t ret = ERR_INVALID_VALUE;
475 reply.ReadInt32(ret);
476 return ret;
477 }
478
AuthorizeAdmin(MessageParcel & data)479 ErrCode EnterpriseDeviceMgrProxy::AuthorizeAdmin(MessageParcel &data)
480 {
481 EDMLOGD("EnterpriseDeviceMgrProxy::AuthorizeAdmin");
482 if (!IsEdmEnabled()) {
483 return EdmReturnErrCode::ADMIN_INACTIVE;
484 }
485 sptr<IRemoteObject> remote = LoadAndGetEdmService();
486 if (!remote) {
487 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
488 }
489 MessageParcel reply;
490 MessageOption option;
491 ErrCode res = remote->SendRequest(EdmInterfaceCode::AUTHORIZE_ADMIN, data, reply, option);
492 if (FAILED(res)) {
493 EDMLOGE("EnterpriseDeviceMgrProxy:AuthorizeAdmin send request fail. %{public}d", res);
494 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
495 }
496 int32_t resCode = ERR_INVALID_VALUE;
497 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
498 EDMLOGW("EnterpriseDeviceMgrProxy:AuthorizeAdmin get result code fail. %{public}d", resCode);
499 return resCode;
500 }
501 return ERR_OK;
502 }
503
GetSuperAdmin(std::string & bundleName,std::string & abilityName)504 ErrCode EnterpriseDeviceMgrProxy::GetSuperAdmin(std::string &bundleName, std::string &abilityName)
505 {
506 EDMLOGD("EnterpriseDeviceMgrProxy::GetSuperAdmin");
507 if (!IsEdmEnabled()) {
508 return ERR_OK;
509 }
510 sptr<IRemoteObject> remote = LoadAndGetEdmService();
511 if (!remote) {
512 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
513 }
514 MessageParcel data;
515 MessageParcel reply;
516 MessageOption option;
517 data.WriteInterfaceToken(DESCRIPTOR);
518 ErrCode res = remote->SendRequest(EdmInterfaceCode::GET_SUPER_ADMIN_WANT_INFO, data, reply, option);
519 if (FAILED(res)) {
520 EDMLOGE("EnterpriseDeviceMgrProxy:GetSuperAdmin send request fail. %{public}d", res);
521 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
522 }
523 int32_t resCode = ERR_INVALID_VALUE;
524 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
525 EDMLOGW("EnterpriseDeviceMgrProxy:GetSuperAdmin get result code fail. %{public}d", resCode);
526 return resCode;
527 }
528 reply.ReadString(bundleName);
529 reply.ReadString(abilityName);
530 return ERR_OK;
531 }
532
SetDelegatedPolicies(MessageParcel & data)533 ErrCode EnterpriseDeviceMgrProxy::SetDelegatedPolicies(MessageParcel &data)
534 {
535 EDMLOGD("EnterpriseDeviceMgrProxy::SetDelegatedPolicies");
536 if (!IsEdmEnabled()) {
537 return EdmReturnErrCode::ADMIN_INACTIVE;
538 }
539 sptr<IRemoteObject> remote = LoadAndGetEdmService();
540 if (!remote) {
541 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
542 }
543 MessageParcel reply;
544 MessageOption option;
545 ErrCode res = remote->SendRequest(EdmInterfaceCode::SET_DELEGATED_POLICIES, data, reply, option);
546 if (FAILED(res)) {
547 EDMLOGE("EnterpriseDeviceMgrProxy:SetDelegatedPolicies get result code fail. %{public}d", res);
548 return res;
549 }
550 return ERR_OK;
551 }
552
GetDelegatedPolicies(MessageParcel & data,uint32_t code,std::vector<std::string> & result)553 ErrCode EnterpriseDeviceMgrProxy::GetDelegatedPolicies(MessageParcel &data,
554 uint32_t code, std::vector<std::string> &result)
555 {
556 EDMLOGD("EnterpriseDeviceMgrProxy::GetDelegatedPolicies");
557 if (!IsEdmEnabled()) {
558 return EdmReturnErrCode::ADMIN_INACTIVE;
559 }
560 sptr<IRemoteObject> remote = LoadAndGetEdmService();
561 if (!remote) {
562 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
563 }
564 MessageParcel reply;
565 MessageOption option;
566 ErrCode res = remote->SendRequest(code, data, reply, option);
567 if (FAILED(res)) {
568 EDMLOGE("EnterpriseDeviceMgrProxy:GetDelegatedPolicies get result code fail. %{public}d", res);
569 return res;
570 }
571 uint32_t size = reply.ReadUint32();
572 if (size > EdmConstants::POLICIES_MAX_SIZE) {
573 EDMLOGE("EnterpriseDeviceMgrProxy:GetDelegatedPolicies get result size is too large.");
574 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
575 }
576 reply.ReadStringVector(&result);
577 return ERR_OK;
578 }
579
GetAdmins(MessageParcel & data,std::vector<std::shared_ptr<AAFwk::Want>> & wants)580 ErrCode EnterpriseDeviceMgrProxy::GetAdmins(MessageParcel &data, std::vector<std::shared_ptr<AAFwk::Want>> &wants)
581 {
582 EDMLOGD("EnterpriseDeviceMgrProxy::GetAdmins");
583 if (!IsEdmEnabled()) {
584 return ERR_OK;
585 }
586 sptr<IRemoteObject> remote = LoadAndGetEdmService();
587 if (!remote) {
588 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
589 }
590 MessageParcel reply;
591 MessageOption option;
592 ErrCode res = remote->SendRequest(EdmInterfaceCode::GET_ADMINS, data, reply, option);
593 if (FAILED(res)) {
594 EDMLOGE("EnterpriseDeviceMgrProxy:GetAdmins send request fail. %{public}d", res);
595 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
596 }
597 int32_t resCode = ERR_INVALID_VALUE;
598 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
599 EDMLOGW("EnterpriseDeviceMgrProxy:GetAdmins get result code fail. %{public}d", resCode);
600 return resCode;
601 }
602
603 uint32_t size = reply.ReadUint32();
604 if (size > EdmConstants::DEFAULT_LOOP_MAX_SIZE) {
605 EDMLOGE("EnterpriseDeviceMgrProxy:GetAdmins size error. size: %{public}d", size);
606 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
607 }
608 for (uint32_t i = 0; i < size; i++) {
609 std::shared_ptr<AAFwk::Want> want(reply.ReadParcelable<AAFwk::Want>());
610 wants.push_back(want);
611 }
612 return ERR_OK;
613 }
614
CheckAndGetAdminProvisionInfo(AppExecFwk::ElementName & admin,std::string & bundleName)615 ErrCode EnterpriseDeviceMgrProxy::CheckAndGetAdminProvisionInfo(AppExecFwk::ElementName &admin,
616 std::string &bundleName)
617 {
618 std::uint32_t funcCode =
619 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::GET, (std::uint32_t)EdmInterfaceCode::GET_ADMINPROVISION_INFO);
620 sptr<IRemoteObject> remote = LoadAndGetEdmService();
621 if (!remote) {
622 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
623 }
624 MessageParcel data;
625 data.WriteInterfaceToken(DESCRIPTOR);
626 data.WriteInt32(WITHOUT_USERID);
627 data.WriteParcelable(&admin);
628 data.WriteString(WITHOUT_PERMISSION_TAG);
629 MessageParcel reply;
630 MessageOption option;
631 ErrCode res = remote->SendRequest(funcCode, data, reply, option);
632 if (FAILED(res)) {
633 EDMLOGE("EnterpriseDeviceMgrProxy:CheckAndGetAdminProvisionInfo send request fail. %{public}d", res);
634 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
635 }
636 int32_t resCode = ERR_INVALID_VALUE;
637 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
638 EDMLOGE("EnterpriseDeviceMgrProxy:CheckAndGetAdminProvisionInfo get result code fail. %{public}d", resCode);
639 return resCode;
640 }
641 bundleName = reply.ReadString();
642 EDMLOGI("EnterpriseDeviceMgrProxy:CheckAndGetAdminProvisionInfo result. %{public}s", bundleName.c_str());
643 return ERR_OK;
644 }
645
GetPolicyValue(MessageParcel & data,uint32_t policyCode,std::string & policyData)646 bool EnterpriseDeviceMgrProxy::GetPolicyValue(MessageParcel &data, uint32_t policyCode, std::string &policyData)
647 {
648 MessageParcel reply;
649 int32_t ret = ERR_INVALID_VALUE;
650 if (!GetPolicy(policyCode, data, reply) || !reply.ReadInt32(ret) || ret != ERR_OK) {
651 return false;
652 }
653 reply.ReadString(policyData);
654 return true;
655 }
656
GetPolicyArray(AppExecFwk::ElementName * admin,int policyCode,std::vector<std::string> & policyData,int32_t userId)657 bool EnterpriseDeviceMgrProxy::GetPolicyArray(AppExecFwk::ElementName *admin, int policyCode,
658 std::vector<std::string> &policyData, int32_t userId)
659 {
660 MessageParcel reply;
661 if (!GetPolicyData(admin, policyCode, userId, reply)) {
662 return false;
663 }
664 int32_t size = reply.ReadInt32();
665 EDMLOGD("EnterpriseDeviceMgrProxy::GetPolicyArray size: %{public}d.", size);
666 return reply.ReadStringVector(&policyData);
667 }
668
GetPolicyMap(AppExecFwk::ElementName * admin,int policyCode,std::map<std::string,std::string> & policyData,int32_t userId)669 bool EnterpriseDeviceMgrProxy::GetPolicyMap(AppExecFwk::ElementName *admin, int policyCode,
670 std::map<std::string, std::string> &policyData, int32_t userId)
671 {
672 MessageParcel reply;
673 if (!GetPolicyData(admin, policyCode, userId, reply)) {
674 return false;
675 }
676 std::vector<std::string> keys;
677 if (!reply.ReadStringVector(&keys)) {
678 EDMLOGE("EnterpriseDeviceMgrProxy::read map keys fail.");
679 return false;
680 }
681 std::vector<std::string> values;
682 if (!reply.ReadStringVector(&values)) {
683 EDMLOGE("EnterpriseDeviceMgrProxy::read map values fail.");
684 return false;
685 }
686 if (keys.size() != values.size()) {
687 EDMLOGE("EnterpriseDeviceMgrProxy::read map fail.");
688 return false;
689 }
690 policyData.clear();
691 for (uint64_t i = 0; i < keys.size(); ++i) {
692 policyData.insert(std::make_pair(keys.at(i), values.at(i)));
693 }
694 return true;
695 }
696
GetPolicyData(AppExecFwk::ElementName * admin,int policyCode,int32_t userId,MessageParcel & reply)697 bool EnterpriseDeviceMgrProxy::GetPolicyData(AppExecFwk::ElementName *admin, int policyCode, int32_t userId,
698 MessageParcel &reply)
699 {
700 if (!IsEdmEnabled()) {
701 return false;
702 }
703 MessageParcel data;
704 data.WriteInterfaceToken(DESCRIPTOR);
705 data.WriteInt32(HAS_USERID);
706 data.WriteInt32(userId);
707 data.WriteString(WITHOUT_PERMISSION_TAG);
708 if (admin != nullptr) {
709 data.WriteInt32(HAS_ADMIN);
710 data.WriteParcelable(admin);
711 } else {
712 data.WriteInt32(WITHOUT_ADMIN);
713 }
714 int32_t ret = ERR_INVALID_VALUE;
715 return GetPolicy(policyCode, data, reply) && reply.ReadInt32(ret) && (ret == ERR_OK);
716 }
717
GetPolicy(int policyCode,MessageParcel & data,MessageParcel & reply)718 bool EnterpriseDeviceMgrProxy::GetPolicy(int policyCode, MessageParcel &data, MessageParcel &reply)
719 {
720 if (!IsEdmEnabled()) {
721 reply.WriteInt32(EdmReturnErrCode::ADMIN_INACTIVE);
722 return false;
723 }
724 if (policyCode < 0) {
725 EDMLOGE("EnterpriseDeviceMgrProxy:GetPolicy invalid policyCode:%{public}d", policyCode);
726 return false;
727 }
728 std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::GET, (std::uint32_t)policyCode);
729 sptr<IRemoteObject> remote = LoadAndGetEdmService();
730 if (!remote) {
731 reply.WriteInt32(EdmReturnErrCode::SYSTEM_ABNORMALLY);
732 return false;
733 }
734 MessageOption option;
735 ErrCode res = remote->SendRequest(funcCode, data, reply, option);
736 if (FAILED(res)) {
737 EDMLOGE("EnterpriseDeviceMgrProxy:GetPolicy send request fail.");
738 return false;
739 }
740 return true;
741 }
742
GetEnabledAdmins(std::vector<std::string> & enabledAdminList)743 void EnterpriseDeviceMgrProxy::GetEnabledAdmins(std::vector<std::string> &enabledAdminList)
744 {
745 GetEnabledAdmins(AdminType::NORMAL, enabledAdminList);
746 }
747
GetEnabledSuperAdmin(std::string & enabledAdmin)748 void EnterpriseDeviceMgrProxy::GetEnabledSuperAdmin(std::string &enabledAdmin)
749 {
750 std::vector<std::string> enabledAdminList;
751 GetEnabledAdmins(AdminType::ENT, enabledAdminList);
752 if (!enabledAdminList.empty()) {
753 enabledAdmin = enabledAdminList[0];
754 }
755 }
756
IsSuperAdminExist()757 bool EnterpriseDeviceMgrProxy::IsSuperAdminExist()
758 {
759 std::vector<std::string> enabledAdminList;
760 GetEnabledAdmins(AdminType::ENT, enabledAdminList);
761 return !enabledAdminList.empty();
762 }
763
LoadAndGetEdmService()764 sptr<IRemoteObject> EnterpriseDeviceMgrProxy::LoadAndGetEdmService()
765 {
766 std::lock_guard<std::mutex> lock(mutexLock_);
767 sptr<ISystemAbilityManager> sysAbilityMgr = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
768 if (sysAbilityMgr == nullptr) {
769 EDMLOGE("EnterpriseDeviceMgrProxy::failed to get SystemAbilityManager");
770 return nullptr;
771 }
772 auto objectSA = sysAbilityMgr->CheckSystemAbility(ENTERPRISE_DEVICE_MANAGER_SA_ID);
773 if (objectSA == nullptr) {
774 EDMLOGI("EnterpriseDeviceMgrProxy::load sa from remote");
775 return EdmLoadManager::GetInstance().LoadAndGetEdmService();
776 }
777 return EdmSysManager::GetRemoteObjectOfSystemAbility(ENTERPRISE_DEVICE_MANAGER_SA_ID);
778 }
779
GetEnabledAdmins(AdminType type,std::vector<std::string> & enabledAdminList)780 void EnterpriseDeviceMgrProxy::GetEnabledAdmins(AdminType type, std::vector<std::string> &enabledAdminList)
781 {
782 if (!IsEdmEnabled()) {
783 return;
784 }
785 sptr<IRemoteObject> remote = LoadAndGetEdmService();
786 if (!remote) {
787 return;
788 }
789 MessageParcel data;
790 MessageParcel reply;
791 MessageOption option;
792 data.WriteInterfaceToken(DESCRIPTOR);
793 data.WriteInt32(static_cast<int32_t>(type));
794 ErrCode res = remote->SendRequest(GET_ENABLE_ADMIN, data, reply, option);
795 if (FAILED(res)) {
796 EDMLOGE("EnterpriseDeviceMgrProxy:GetEnabledAdmins send request fail.");
797 return;
798 }
799 int32_t resCode = ERR_OK;
800 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
801 EDMLOGE("EnterpriseDeviceMgrProxy:GetEnabledAdmins get result code fail.");
802 return;
803 }
804 std::vector<std::string> readArray;
805 reply.ReadStringVector(&readArray);
806 for (const std::string &item : readArray) {
807 enabledAdminList.push_back(item);
808 }
809 }
810
SetPolicyDisabled(const AppExecFwk::ElementName & admin,bool isDisabled,uint32_t policyCode,std::string permissionTag)811 int32_t EnterpriseDeviceMgrProxy::SetPolicyDisabled(const AppExecFwk::ElementName &admin, bool isDisabled,
812 uint32_t policyCode, std::string permissionTag)
813 {
814 MessageParcel data;
815 std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, policyCode);
816 data.WriteInterfaceToken(DESCRIPTOR);
817 data.WriteInt32(WITHOUT_USERID);
818 data.WriteParcelable(&admin);
819 data.WriteString(permissionTag);
820 data.WriteBool(isDisabled);
821 return HandleDevicePolicy(funcCode, data);
822 }
823
SetPolicyDisabled(MessageParcel & data,uint32_t policyCode)824 int32_t EnterpriseDeviceMgrProxy::SetPolicyDisabled(MessageParcel &data,
825 uint32_t policyCode)
826 {
827 std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, policyCode);
828 return HandleDevicePolicy(funcCode, data);
829 }
830 } // namespace EDM
831 } // namespace OHOS