1 /*
2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "account_stub.h"
17
18 #include <dlfcn.h>
19 #include <ipc_types.h>
20 #include "accesstoken_kit.h"
21 #include "account_error_no.h"
22 #include "account_info.h"
23 #include "account_info_parcel.h"
24 #include "account_log_wrapper.h"
25 #include "account_mgr_service.h"
26 #include "bundle_manager_adapter.h"
27 #include "account_hisysevent_adapter.h"
28 #include "if_system_ability_manager.h"
29 #include "ipc_skeleton.h"
30 #include "iservice_registry.h"
31 #include "memory_guard.h"
32 #include "ohos_account_kits.h"
33 #include "account_constants.h"
34 #ifdef HICOLLIE_ENABLE
35 #include "xcollie/xcollie.h"
36 #endif // HICOLLIE_ENABLE
37
38 namespace OHOS {
39 namespace AccountSA {
40 namespace {
41 const char PERMISSION_MANAGE_USERS[] = "ohos.permission.MANAGE_LOCAL_ACCOUNTS";
42 const char PERMISSION_GET_LOCAL_ACCOUNTS[] = "ohos.permission.GET_LOCAL_ACCOUNTS";
43 const char PERMISSION_MANAGE_DISTRIBUTED_ACCOUNTS[] = "ohos.permission.MANAGE_DISTRIBUTED_ACCOUNTS";
44 const char PERMISSION_GET_DISTRIBUTED_ACCOUNTS[] = "ohos.permission.GET_DISTRIBUTED_ACCOUNTS";
45 const char PERMISSION_DISTRIBUTED_DATASYNC[] = "ohos.permission.DISTRIBUTED_DATASYNC";
46 const char INTERACT_ACROSS_LOCAL_ACCOUNTS[] = "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS";
47 #ifndef IS_RELEASE_VERSION
48 constexpr std::int32_t ROOT_UID = 0;
49 #endif
50 #ifdef HICOLLIE_ENABLE
51 constexpr std::int32_t RECOVERY_TIMEOUT = 6; // timeout 6s
52 #endif // HICOLLIE_ENABLE
53 constexpr std::int32_t INVALID_USERID = -1;
54 const std::set<std::int32_t> WHITE_LIST = {
55 3012, // DISTRIBUTED_KV_DATA_SA_UID
56 3019, // DLP_UID
57 3553, // DLP_CREDENTIAL_SA_UID
58 };
59 #ifdef USE_MUSL
60 constexpr std::int32_t DSOFTBUS_UID = 1024;
61 #else
62 constexpr std::int32_t DSOFTBUS_UID = 5533;
63 #endif
64 } // namespace
AccountStub()65 AccountStub::AccountStub()
66 {}
67
InnerUpdateOhosAccountInfo(MessageParcel & data,MessageParcel & reply)68 ErrCode AccountStub::InnerUpdateOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
69 {
70 // ignore the real account name
71 const std::string accountName = Str16ToStr8(data.ReadString16());
72 if (accountName.empty()) {
73 ACCOUNT_LOGE("empty account name!");
74 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
75 }
76 const std::string uid = Str16ToStr8(data.ReadString16());
77 if (uid.empty()) {
78 ACCOUNT_LOGE("empty uid!");
79 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
80 }
81 const std::string eventStr = Str16ToStr8(data.ReadString16());
82
83 ErrCode ret = UpdateOhosAccountInfo(accountName, uid, eventStr);
84 if (ret != ERR_OK) {
85 ACCOUNT_LOGE("Update ohos account info failed");
86 return ret;
87 }
88 if (!reply.WriteInt32(ret)) {
89 ACCOUNT_LOGE("Write result data failed");
90 ret = ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
91 }
92 return ret;
93 }
94
InnerSetOhosAccountInfo(int32_t userId,MessageParcel & data,MessageParcel & reply)95 ErrCode AccountStub::InnerSetOhosAccountInfo(int32_t userId, MessageParcel &data, MessageParcel &reply)
96 {
97 OhosAccountInfo info;
98 std::int32_t ret = ReadOhosAccountInfo(data, info);
99 if (ret != ERR_OK) {
100 return ret;
101 }
102 if (!info.IsValid()) {
103 ACCOUNT_LOGE("Check OhosAccountInfo failed");
104 return ERR_ACCOUNT_COMMON_INVALID_PARAMETER;
105 }
106 // ignore the real account name
107 const std::string eventStr = Str16ToStr8(data.ReadString16());
108
109 if (userId == INVALID_USERID) {
110 userId = AccountMgrService::GetInstance().GetCallingUserID();
111 }
112 ret = SetOsAccountDistributedInfo(userId, info, eventStr);
113 if (ret != ERR_OK) {
114 ACCOUNT_LOGE("Set ohos account info failed");
115 }
116 if (!reply.WriteInt32(ret)) {
117 ACCOUNT_LOGE("Write result data failed");
118 ret = ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
119 }
120 return ret;
121 }
122
CmdUpdateOhosAccountInfo(MessageParcel & data,MessageParcel & reply)123 ErrCode AccountStub::CmdUpdateOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
124 {
125 if (!HasAccountRequestPermission(PERMISSION_MANAGE_USERS)) {
126 ACCOUNT_LOGE("Check permission failed");
127 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
128 }
129
130 return InnerUpdateOhosAccountInfo(data, reply);
131 }
132
CmdSetOhosAccountInfo(MessageParcel & data,MessageParcel & reply)133 ErrCode AccountStub::CmdSetOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
134 {
135 if (!HasAccountRequestPermission(PERMISSION_MANAGE_DISTRIBUTED_ACCOUNTS)) {
136 ACCOUNT_LOGE("Check permission failed");
137 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
138 }
139
140 return InnerSetOhosAccountInfo(INVALID_USERID, data, reply);
141 }
142
CheckUserIdValid(const int32_t userId)143 static int32_t CheckUserIdValid(const int32_t userId)
144 {
145 if ((userId >= 0) && (userId < Constants::START_USER_ID)) {
146 ACCOUNT_LOGE("userId %{public}d is system reserved", userId);
147 return ERR_OSACCOUNT_SERVICE_MANAGER_ID_ERROR;
148 }
149 bool isOsAccountExist = false;
150 IInnerOsAccountManager::GetInstance().IsOsAccountExists(userId, isOsAccountExist);
151 if (!isOsAccountExist) {
152 ACCOUNT_LOGE("os account is not exist");
153 return ERR_ACCOUNT_COMMON_ACCOUNT_NOT_EXIST_ERROR;
154 }
155 return ERR_OK;
156 }
157
CmdSetOhosAccountInfoByUserId(MessageParcel & data,MessageParcel & reply)158 ErrCode AccountStub::CmdSetOhosAccountInfoByUserId(MessageParcel &data, MessageParcel &reply)
159 {
160 std::int32_t ret = AccountPermissionManager::CheckSystemApp();
161 if (ret != ERR_OK) {
162 ACCOUNT_LOGE("the caller is not system application, ret = %{public}d.", ret);
163 return ret;
164 }
165 if (!HasAccountRequestPermission(PERMISSION_MANAGE_DISTRIBUTED_ACCOUNTS)) {
166 ACCOUNT_LOGE("Check permission failed");
167 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
168 }
169 int32_t userId = data.ReadInt32();
170 ret = CheckUserIdValid(userId);
171 if (ret != ERR_OK) {
172 ACCOUNT_LOGE("CheckUserIdValid failed, ret = %{public}d", ret);
173 return ret;
174 }
175 return InnerSetOhosAccountInfo(userId, data, reply);
176 }
177
InnerQueryDistributedVirtualDeviceId(MessageParcel & data,MessageParcel & reply)178 ErrCode AccountStub::InnerQueryDistributedVirtualDeviceId(MessageParcel &data, MessageParcel &reply)
179 {
180 std::string dvid = "";
181 ErrCode result = QueryDistributedVirtualDeviceId(dvid);
182 if (!reply.WriteInt32(result)) {
183 ACCOUNT_LOGE("Failed to write reply, result=%{public}d.", result);
184 return IPC_STUB_WRITE_PARCEL_ERR;
185 }
186 if (result != ERR_OK) {
187 ACCOUNT_LOGE("Failed to get dvid");
188 return result;
189 }
190 if (!reply.WriteString(dvid)) {
191 ACCOUNT_LOGE("Failed to write dvid");
192 return IPC_STUB_WRITE_PARCEL_ERR;
193 }
194 return result;
195 }
196
InnerQueryOhosAccountInfo(MessageParcel & data,MessageParcel & reply)197 ErrCode AccountStub::InnerQueryOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
198 {
199 OhosAccountInfo info;
200 #ifdef HICOLLIE_ENABLE
201 unsigned int flag = HiviewDFX::XCOLLIE_FLAG_LOG | HiviewDFX::XCOLLIE_FLAG_RECOVERY;
202 XCollieCallback callbackFunc = [callingPid = IPCSkeleton::GetCallingPid(),
203 callingUid = IPCSkeleton::GetCallingUid()](void *) {
204 ACCOUNT_LOGE("InnerQueryOhosAccountInfo failed, callingPid: %{public}d, callingUid: %{public}d.",
205 callingPid, callingUid);
206 ReportOhosAccountOperationFail(callingUid, "watchDog", -1, "Query ohos account info time out");
207 };
208 int timerId = HiviewDFX::XCollie::GetInstance().SetTimer(
209 TIMER_NAME, RECOVERY_TIMEOUT, callbackFunc, nullptr, flag);
210 #endif // HICOLLIE_ENABLE
211 ErrCode result = QueryOhosAccountInfo(info);
212 if (result != ERR_OK) {
213 ACCOUNT_LOGE("Query ohos account info failed");
214 #ifdef HICOLLIE_ENABLE
215 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
216 #endif // HICOLLIE_ENABLE
217 return result;
218 }
219
220 std::string name = info.name_;
221 std::string id = info.uid_;
222 if (!reply.WriteString16(Str8ToStr16(name))) {
223 ACCOUNT_LOGE("Write name data failed");
224 #ifdef HICOLLIE_ENABLE
225 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
226 #endif // HICOLLIE_ENABLE
227 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
228 }
229 if (!reply.WriteString16(Str8ToStr16(id))) {
230 ACCOUNT_LOGE("Write id data failed");
231 #ifdef HICOLLIE_ENABLE
232 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
233 #endif // HICOLLIE_ENABLE
234 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
235 }
236 if (!reply.WriteInt32(info.status_)) {
237 ACCOUNT_LOGE("Write status data failed");
238 #ifdef HICOLLIE_ENABLE
239 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
240 #endif // HICOLLIE_ENABLE
241 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
242 }
243 #ifdef HICOLLIE_ENABLE
244 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
245 #endif // HICOLLIE_ENABLE
246 return ERR_OK;
247 }
248
InnerGetOhosAccountInfo(MessageParcel & data,MessageParcel & reply)249 ErrCode AccountStub::InnerGetOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
250 {
251 OhosAccountInfo ohosAccountInfo;
252 ErrCode ret = GetOhosAccountInfo(ohosAccountInfo);
253 ohosAccountInfo.SetRawUid("");
254 if (ret != ERR_OK) {
255 ACCOUNT_LOGE("Get ohos account info failed");
256 return ret;
257 }
258 if (!WriteOhosAccountInfo(reply, ohosAccountInfo)) {
259 ACCOUNT_LOGE("Write ohosAccountInfo failed!");
260 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
261 }
262 return ERR_OK;
263 }
264
CmdQueryDVIDByBundleName(MessageParcel & data,MessageParcel & reply)265 ErrCode AccountStub::CmdQueryDVIDByBundleName(MessageParcel &data, MessageParcel &reply)
266 {
267 ErrCode errCode = AccountPermissionManager::CheckSystemApp();
268 if (errCode != ERR_OK) {
269 ACCOUNT_LOGE("The caller is not system application, errCode = %{public}d.", errCode);
270 return errCode;
271 }
272 if (!HasAccountRequestPermission(PERMISSION_MANAGE_DISTRIBUTED_ACCOUNTS) &&
273 !HasAccountRequestPermission(PERMISSION_MANAGE_USERS) &&
274 !HasAccountRequestPermission(PERMISSION_GET_DISTRIBUTED_ACCOUNTS)) {
275 ACCOUNT_LOGE("Failed to check permission");
276 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
277 }
278 std::string bundleName = "";
279 if (!data.ReadString(bundleName)) {
280 ACCOUNT_LOGE("Failed to read bundleName");
281 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
282 }
283 int32_t localId;
284 if (!data.ReadInt32(localId)) {
285 ACCOUNT_LOGE("Failed to read localId");
286 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
287 }
288 std::string dvid = "";
289 ErrCode result = QueryDistributedVirtualDeviceId(bundleName, localId, dvid);
290 if (!reply.WriteInt32(result)) {
291 ACCOUNT_LOGE("Failed to write reply, result=%{public}d.", result);
292 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
293 }
294 if (result != ERR_OK) {
295 ACCOUNT_LOGE("Failed to get dvid");
296 return ERR_OK;
297 }
298 if (!reply.WriteString(dvid)) {
299 ACCOUNT_LOGE("Failed to write dvid");
300 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
301 }
302 return result;
303 }
304
CmdQueryDistributedVirtualDeviceId(MessageParcel & data,MessageParcel & reply)305 ErrCode AccountStub::CmdQueryDistributedVirtualDeviceId(MessageParcel &data, MessageParcel &reply)
306 {
307 if (!HasAccountRequestPermission(PERMISSION_MANAGE_USERS) &&
308 !HasAccountRequestPermission(PERMISSION_DISTRIBUTED_DATASYNC)) {
309 ACCOUNT_LOGE("Check permission failed");
310 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
311 }
312 return InnerQueryDistributedVirtualDeviceId(data, reply);
313 }
314
CmdQueryOhosAccountInfo(MessageParcel & data,MessageParcel & reply)315 ErrCode AccountStub::CmdQueryOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
316 {
317 if (!HasAccountRequestPermission(PERMISSION_MANAGE_USERS) &&
318 !HasAccountRequestPermission(PERMISSION_DISTRIBUTED_DATASYNC) &&
319 !HasAccountRequestPermission(PERMISSION_GET_LOCAL_ACCOUNTS)) {
320 ACCOUNT_LOGE("Check permission failed");
321 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
322 }
323
324 return InnerQueryOhosAccountInfo(data, reply);
325 }
326
CmdGetOhosAccountInfo(MessageParcel & data,MessageParcel & reply)327 ErrCode AccountStub::CmdGetOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
328 {
329 if (!HasAccountRequestPermission(PERMISSION_MANAGE_DISTRIBUTED_ACCOUNTS) &&
330 !HasAccountRequestPermission(PERMISSION_DISTRIBUTED_DATASYNC) &&
331 !HasAccountRequestPermission(PERMISSION_GET_DISTRIBUTED_ACCOUNTS)) {
332 ACCOUNT_LOGE("Check permission failed");
333 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
334 }
335
336 return InnerGetOhosAccountInfo(data, reply);
337 }
338
CmdGetOhosAccountInfoByUserId(MessageParcel & data,MessageParcel & reply)339 ErrCode AccountStub::CmdGetOhosAccountInfoByUserId(MessageParcel &data, MessageParcel &reply)
340 {
341 ErrCode errCode = AccountPermissionManager::CheckSystemApp();
342 if (errCode != ERR_OK) {
343 ACCOUNT_LOGE("the caller is not system application, errCode = %{public}d.", errCode);
344 return errCode;
345 }
346 if (!HasAccountRequestPermission(PERMISSION_MANAGE_DISTRIBUTED_ACCOUNTS) &&
347 !HasAccountRequestPermission(INTERACT_ACROSS_LOCAL_ACCOUNTS) &&
348 !HasAccountRequestPermission(PERMISSION_DISTRIBUTED_DATASYNC) &&
349 !HasAccountRequestPermission(PERMISSION_GET_DISTRIBUTED_ACCOUNTS)) {
350 ACCOUNT_LOGE("Check permission failed");
351 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
352 }
353 int32_t userId = data.ReadInt32();
354 bool isOsAccountExits = false;
355 errCode = IInnerOsAccountManager::GetInstance().IsOsAccountExists(userId, isOsAccountExits);
356 if (errCode != ERR_OK) {
357 ACCOUNT_LOGE("IsOsAccountExists failed errCode is %{public}d", errCode);
358 return errCode;
359 }
360 if (!isOsAccountExits) {
361 ACCOUNT_LOGE("os account is not exit");
362 return ERR_ACCOUNT_COMMON_ACCOUNT_NOT_EXIST_ERROR;
363 }
364 OhosAccountInfo ohosAccountInfo;
365 errCode = GetOsAccountDistributedInfo(userId, ohosAccountInfo);
366 if (errCode != ERR_OK) {
367 ACCOUNT_LOGE("Get ohos account info failed");
368 return errCode;
369 }
370 int32_t uid = IPCSkeleton::GetCallingUid();
371 if (WHITE_LIST.find(uid) == WHITE_LIST.end()) {
372 ohosAccountInfo.SetRawUid("");
373 }
374 if (!WriteOhosAccountInfo(reply, ohosAccountInfo)) {
375 ACCOUNT_LOGE("Write ohosAccountInfo failed!");
376 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
377 }
378 return ERR_OK;
379 }
380
CmdQueryOhosAccountInfoByUserId(MessageParcel & data,MessageParcel & reply)381 ErrCode AccountStub::CmdQueryOhosAccountInfoByUserId(MessageParcel &data, MessageParcel &reply)
382 {
383 if ((!HasAccountRequestPermission(PERMISSION_MANAGE_USERS)) &&
384 (!HasAccountRequestPermission(PERMISSION_DISTRIBUTED_DATASYNC)) &&
385 (IPCSkeleton::GetCallingUid() != DSOFTBUS_UID)) {
386 ACCOUNT_LOGE("Check permission failed");
387 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
388 }
389
390 std::int32_t userId = data.ReadInt32();
391 if (userId < 0) {
392 ACCOUNT_LOGE("negative userID %{public}d detected!", userId);
393 return ERR_ACCOUNT_ZIDL_ACCOUNT_STUB_USERID_ERROR;
394 }
395
396 OhosAccountInfo info;
397 ErrCode result = QueryOsAccountDistributedInfo(userId, info);
398 if (result != ERR_OK) {
399 ACCOUNT_LOGE("Query ohos account info failed! userId %{public}d.", userId);
400 return result;
401 }
402
403 std::string name = info.name_;
404 std::string id = info.uid_;
405 if (!reply.WriteString16(Str8ToStr16(name))) {
406 ACCOUNT_LOGE("Write name data failed! userId %{public}d.", userId);
407 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
408 }
409 if (!reply.WriteString16(Str8ToStr16(id))) {
410 ACCOUNT_LOGE("Write id data failed! userId %{public}d.", userId);
411 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
412 }
413 if (!reply.WriteInt32(info.status_)) {
414 ACCOUNT_LOGE("Write status data failed! userId %{public}d.", userId);
415 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
416 }
417 return ERR_OK;
418 }
419
CmdQueryDeviceAccountId(MessageParcel & data,MessageParcel & reply)420 ErrCode AccountStub::CmdQueryDeviceAccountId(MessageParcel &data, MessageParcel &reply)
421 {
422 std::int32_t id;
423 auto ret = QueryDeviceAccountId(id);
424 if (ret != ERR_OK) {
425 ACCOUNT_LOGE("QueryDevice AccountId failed: %{public}d", ret);
426 return ret;
427 }
428
429 if (!reply.WriteInt32(id)) {
430 ACCOUNT_LOGE("Write result data failed");
431 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
432 }
433 return ERR_OK;
434 }
435
CmdSubscribeDistributedAccountEvent(MessageParcel & data,MessageParcel & reply)436 ErrCode AccountStub::CmdSubscribeDistributedAccountEvent(MessageParcel &data, MessageParcel &reply)
437 {
438 int32_t type;
439 if (!data.ReadInt32(type)) {
440 ACCOUNT_LOGE("Read type failed.");
441 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
442 }
443
444 sptr<IRemoteObject> eventListener = data.ReadRemoteObject();
445 if (eventListener == nullptr) {
446 ACCOUNT_LOGE("Read remote object for eventListener failed.");
447 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
448 }
449
450 ErrCode result = SubscribeDistributedAccountEvent(
451 static_cast<DISTRIBUTED_ACCOUNT_SUBSCRIBE_TYPE>(type), eventListener);
452 if (!reply.WriteInt32(result)) {
453 ACCOUNT_LOGE("Write reply failed, result=%{public}d.", result);
454 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
455 }
456
457 return ERR_OK;
458 }
459
CmdUnsubscribeDistributedAccountEvent(MessageParcel & data,MessageParcel & reply)460 ErrCode AccountStub::CmdUnsubscribeDistributedAccountEvent(MessageParcel &data, MessageParcel &reply)
461 {
462 int32_t type;
463 if (!data.ReadInt32(type)) {
464 ACCOUNT_LOGE("Read type failed.");
465 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
466 }
467
468 sptr<IRemoteObject> eventListener = data.ReadRemoteObject();
469 if (eventListener == nullptr) {
470 ACCOUNT_LOGE("Read remote object for eventListener failed.");
471 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
472 }
473
474 ErrCode result = UnsubscribeDistributedAccountEvent(
475 static_cast<DISTRIBUTED_ACCOUNT_SUBSCRIBE_TYPE>(type), eventListener);
476 if (!reply.WriteInt32(result)) {
477 ACCOUNT_LOGE("Write reply failed, result=%{public}d.", result);
478 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
479 }
480
481 return ERR_OK;
482 }
483
CmdGetAppAccountService(MessageParcel & data,MessageParcel & reply)484 ErrCode AccountStub::CmdGetAppAccountService(MessageParcel &data, MessageParcel &reply)
485 {
486 auto remoteObject = GetAppAccountService();
487 if (!reply.WriteRemoteObject(remoteObject)) {
488 ACCOUNT_LOGE("Write result data failed");
489 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
490 }
491
492 return ERR_OK;
493 }
CmdGetOsAccountService(MessageParcel & data,MessageParcel & reply)494 ErrCode AccountStub::CmdGetOsAccountService(MessageParcel &data, MessageParcel &reply)
495 {
496 auto remoteObject = GetOsAccountService();
497 if (!reply.WriteRemoteObject(remoteObject)) {
498 ACCOUNT_LOGE("Write result data failed");
499 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
500 }
501
502 return ERR_OK;
503 }
504
CmdGetAccountIAMService(MessageParcel & data,MessageParcel & reply)505 ErrCode AccountStub::CmdGetAccountIAMService(MessageParcel &data, MessageParcel &reply)
506 {
507 auto remoteObject = GetAccountIAMService();
508 if (!reply.WriteRemoteObject(remoteObject)) {
509 ACCOUNT_LOGE("Write result data failed");
510 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
511 }
512
513 return ERR_OK;
514 }
515
CmdGetDomainAccountService(MessageParcel & data,MessageParcel & reply)516 ErrCode AccountStub::CmdGetDomainAccountService(MessageParcel &data, MessageParcel &reply)
517 {
518 #ifdef SUPPORT_DOMAIN_ACCOUNTS
519 auto remoteObject = GetDomainAccountService();
520 if (!reply.WriteRemoteObject(remoteObject)) {
521 ACCOUNT_LOGE("failed to write remote object");
522 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
523 }
524 return ERR_OK;
525 #else
526 return ERR_DOMAIN_ACCOUNT_NOT_SUPPORT;
527 #endif // SUPPORT_DOMAIN_ACCOUNTS
528 }
529
ProcAccountStubRequest(std::uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)530 int32_t AccountStub::ProcAccountStubRequest(
531 std::uint32_t code, MessageParcel &data, MessageParcel &reply, MessageOption &option)
532 {
533 AccountMgrInterfaceCode interfaceCode = static_cast<AccountMgrInterfaceCode>(code);
534 switch (interfaceCode) {
535 case AccountMgrInterfaceCode::UPDATE_OHOS_ACCOUNT_INFO:
536 return CmdUpdateOhosAccountInfo(data, reply);
537 case AccountMgrInterfaceCode::SET_OHOS_ACCOUNT_INFO:
538 return CmdSetOhosAccountInfo(data, reply);
539 case AccountMgrInterfaceCode::SET_OHOS_ACCOUNT_INFO_BY_USER_ID:
540 return CmdSetOhosAccountInfoByUserId(data, reply);
541 case AccountMgrInterfaceCode::QUERY_OHOS_ACCOUNT_INFO:
542 return CmdQueryOhosAccountInfo(data, reply);
543 case AccountMgrInterfaceCode::QUERY_DISTRIBUTE_VIRTUAL_DEVICE_ID:
544 return CmdQueryDistributedVirtualDeviceId(data, reply);
545 case AccountMgrInterfaceCode::QUERY_DISTRIBUTE_VIRTUAL_DEVICE_ID_BY_BUNDLE_NAME:
546 return CmdQueryDVIDByBundleName(data, reply);
547 case AccountMgrInterfaceCode::GET_OHOS_ACCOUNT_INFO:
548 return CmdGetOhosAccountInfo(data, reply);
549 case AccountMgrInterfaceCode::QUERY_OHOS_ACCOUNT_INFO_BY_USER_ID:
550 return CmdQueryOhosAccountInfoByUserId(data, reply);
551 case AccountMgrInterfaceCode::GET_OHOS_ACCOUNT_INFO_BY_USER_ID:
552 return CmdGetOhosAccountInfoByUserId(data, reply);
553 case AccountMgrInterfaceCode::QUERY_DEVICE_ACCOUNT_ID:
554 return CmdQueryDeviceAccountId(data, reply);
555 case AccountMgrInterfaceCode::SUBSCRIBE_DISTRIBUTED_ACCOUNT_EVENT:
556 return CmdSubscribeDistributedAccountEvent(data, reply);
557 case AccountMgrInterfaceCode::UNSUBSCRIBE_DISTRIBUTED_ACCOUNT_EVENT:
558 return CmdUnsubscribeDistributedAccountEvent(data, reply);
559 case AccountMgrInterfaceCode::GET_APP_ACCOUNT_SERVICE:
560 return CmdGetAppAccountService(data, reply);
561 case AccountMgrInterfaceCode::GET_OS_ACCOUNT_SERVICE:
562 return CmdGetOsAccountService(data, reply);
563 case AccountMgrInterfaceCode::GET_ACCOUNT_IAM_SERVICE:
564 return CmdGetAccountIAMService(data, reply);
565 case AccountMgrInterfaceCode::GET_DOMAIN_ACCOUNT_SERVICE:
566 return CmdGetDomainAccountService(data, reply);
567 default:
568 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
569 }
570 }
571
OnRemoteRequest(std::uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)572 std::int32_t AccountStub::OnRemoteRequest(
573 std::uint32_t code, MessageParcel &data, MessageParcel &reply, MessageOption &option)
574 {
575 ACCOUNT_LOGD("Received stub message: %{public}d, callingUid: %{public}d", code, IPCSkeleton::GetCallingUid());
576 MemoryGuard cacheGuard;
577 if (!IsServiceStarted()) {
578 ACCOUNT_LOGE("account mgr not ready");
579 return ERR_ACCOUNT_ZIDL_MGR_NOT_READY_ERROR;
580 }
581
582 if (data.ReadInterfaceToken() != GetDescriptor()) {
583 ACCOUNT_LOGE("check descriptor failed! code %{public}u.", code);
584 return ERR_ACCOUNT_COMMON_CHECK_DESCRIPTOR_ERROR;
585 }
586
587 #ifdef HICOLLIE_ENABLE
588 int timerId =
589 HiviewDFX::XCollie::GetInstance().SetTimer(TIMER_NAME, TIMEOUT, nullptr, nullptr, HiviewDFX::XCOLLIE_FLAG_LOG);
590 #endif // HICOLLIE_ENABLE
591 int32_t ret = ProcAccountStubRequest(code, data, reply, option);
592 #ifdef HICOLLIE_ENABLE
593 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
594 #endif // HICOLLIE_ENABLE
595 return ret;
596 }
597
HasAccountRequestPermission(const std::string & permissionName)598 bool AccountStub::HasAccountRequestPermission(const std::string &permissionName)
599 {
600 std::int32_t uid = IPCSkeleton::GetCallingUid();
601 #ifndef IS_RELEASE_VERSION
602 // root check in none release version for test
603 if (uid == ROOT_UID) {
604 return true;
605 }
606 #endif
607
608 // check permission
609 Security::AccessToken::AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
610 if (Security::AccessToken::AccessTokenKit::VerifyAccessToken(callingTokenID, permissionName) ==
611 Security::AccessToken::TypePermissionState::PERMISSION_GRANTED) {
612 return true;
613 }
614
615 ReportPermissionFail(uid, IPCSkeleton::GetCallingRealPid(), permissionName);
616 return false;
617 }
618 } // namespace AccountSA
619 } // namespace OHOS
620