1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "disallow_add_local_account_plugin.h"
17
18 #include "edm_ipc_interface_code.h"
19 #include "os_account_manager.h"
20 #include "iplugin_manager.h"
21
22 namespace OHOS {
23 namespace EDM {
24 const bool REGISTER_RESULT = IPluginManager::GetInstance()->AddPlugin(DisallowAddLocalAccountPlugin::GetPlugin());
25
InitPlugin(std::shared_ptr<IPluginTemplate<DisallowAddLocalAccountPlugin,bool>> ptr)26 void DisallowAddLocalAccountPlugin::InitPlugin(
27 std::shared_ptr<IPluginTemplate<DisallowAddLocalAccountPlugin, bool>> ptr)
28 {
29 EDMLOGI("DisallowAddLocalAccountPlugin InitPlugin...");
30 ptr->InitAttribute(EdmInterfaceCode::DISALLOW_ADD_LOCAL_ACCOUNT, "disallow_add_local_account",
31 EdmPermission::PERMISSION_ENTERPRISE_SET_ACCOUNT_POLICY, IPlugin::PermissionType::SUPER_DEVICE_ADMIN, true);
32 ptr->SetSerializer(BoolSerializer::GetInstance());
33 ptr->SetOnHandlePolicyListener(&DisallowAddLocalAccountPlugin::OnSetPolicy, FuncOperateType::SET);
34 ptr->SetOnAdminRemoveListener(&DisallowAddLocalAccountPlugin::OnAdminRemove);
35 }
36
SetOtherModulePolicy(bool data)37 ErrCode DisallowAddLocalAccountPlugin::SetOtherModulePolicy(bool data)
38 {
39 return SetGlobalOsAccountConstraints(data);
40 }
41
RemoveOtherModulePolicy()42 ErrCode DisallowAddLocalAccountPlugin::RemoveOtherModulePolicy()
43 {
44 return SetGlobalOsAccountConstraints(false);
45 }
46
SetGlobalOsAccountConstraints(bool data)47 ErrCode DisallowAddLocalAccountPlugin::SetGlobalOsAccountConstraints(bool data)
48 {
49 std::vector<std::string> constraints = {"constraint.os.account.create.directly"};
50 std::vector<int32_t> ids;
51 AccountSA::OsAccountManager::QueryActiveOsAccountIds(ids);
52 if (ids.empty()) {
53 EDMLOGE("DisallowAddLocalAccountPlugin QueryActiveOsAccountIds failed");
54 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
55 }
56 ErrCode ret = AccountSA::OsAccountManager::SetGlobalOsAccountConstraints(constraints, data, ids.at(0), true);
57 if (FAILED(ret)) {
58 EDMLOGE("DisallowAddLocalAccountPlugin SetGlobalOsAccountConstraints failed");
59 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
60 }
61 return ERR_OK;
62 }
63 } // namespace EDM
64 } // namespace OHOS
65