1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "restrictions_addon.h"
17
18 #include <algorithm>
19 #include <vector>
20
21 #include "edm_constants.h"
22 #include "edm_ipc_interface_code.h"
23 #include "edm_log.h"
24
25 using namespace OHOS::EDM;
26
27 std::unordered_map<std::string, uint32_t> RestrictionsAddon::labelCodeMap = {
28 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_BLUETOOTH, EdmInterfaceCode::DISABLE_BLUETOOTH},
29 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_MODIFY_DATETIME, EdmInterfaceCode::DISALLOW_MODIFY_DATETIME},
30 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_PRINTER, EdmInterfaceCode::DISABLED_PRINTER},
31 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_HDC, EdmInterfaceCode::DISABLED_HDC},
32 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_MIC, EdmInterfaceCode::DISABLE_MICROPHONE},
33 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_FINGER_PRINT, EdmInterfaceCode::FINGERPRINT_AUTH},
34 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_USB, EdmInterfaceCode::DISABLE_USB},
35 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_WIFI, EdmInterfaceCode::DISABLE_WIFI},
36 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_MTP_CLIENT, EdmInterfaceCode::DISABLE_MTP_CLIENT},
37 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_MTP_SERVER, EdmInterfaceCode::DISABLE_MTP_SERVER},
38 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_SCREENSHOT, EdmInterfaceCode::POLICY_CODE_END + 11},
39 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_SCREEN_RECORD, EdmInterfaceCode::POLICY_CODE_END + 12},
40 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_DISK_RECOVERY_KEY, EdmInterfaceCode::POLICY_CODE_END + 17},
41 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_NEAR_LINK, EdmInterfaceCode::POLICY_CODE_END + 18},
42 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_TETHERING, EdmInterfaceCode::DISALLOWED_TETHERING},
43 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_INACTIVE_USER_FREEZE, EdmInterfaceCode::INACTIVE_USER_FREEZE},
44 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_CAMERA, EdmInterfaceCode::DISABLE_CAMERA},
45 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_DEVELOPER_MODE, POLICY_CODE_END + 20},
46 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_RESET_FACTORY, POLICY_CODE_END + 21},
47 };
48
49 std::vector<uint32_t> RestrictionsAddon::multiPermCodes = {
50 EdmInterfaceCode::DISABLE_BLUETOOTH,
51 EdmInterfaceCode::DISALLOW_MODIFY_DATETIME,
52 EdmInterfaceCode::DISABLED_PRINTER,
53 EdmInterfaceCode::DISABLED_HDC,
54 EdmInterfaceCode::DISABLE_USB,
55 EdmInterfaceCode::DISABLE_WIFI,
56 };
57
58 std::unordered_map<std::string, uint32_t> RestrictionsAddon::labelCodeMapForAccount = {
59 {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_FINGER_PRINT, EdmInterfaceCode::FINGERPRINT_AUTH},
60 };
61
Init(napi_env env,napi_value exports)62 napi_value RestrictionsAddon::Init(napi_env env, napi_value exports)
63 {
64 napi_property_descriptor property[] = {
65 DECLARE_NAPI_FUNCTION("setPrinterDisabled", SetPrinterDisabled),
66 DECLARE_NAPI_FUNCTION("isPrinterDisabled", IsPrinterDisabled),
67 DECLARE_NAPI_FUNCTION("setHdcDisabled", SetHdcDisabled),
68 DECLARE_NAPI_FUNCTION("isHdcDisabled", IsHdcDisabled),
69 DECLARE_NAPI_FUNCTION("disableMicrophone", DisableMicrophone),
70 DECLARE_NAPI_FUNCTION("isMicrophoneDisabled", IsMicrophoneDisabled),
71 DECLARE_NAPI_FUNCTION("setFingerprintAuthDisabled", SetFingerprintAuthDisabled),
72 DECLARE_NAPI_FUNCTION("isFingerprintAuthDisabled", IsFingerprintAuthDisabled),
73 DECLARE_NAPI_FUNCTION("setDisallowedPolicy", SetDisallowedPolicy),
74 DECLARE_NAPI_FUNCTION("getDisallowedPolicy", GetDisallowedPolicy),
75 DECLARE_NAPI_FUNCTION("setDisallowedPolicyForAccount", SetDisallowedPolicyForAccount),
76 DECLARE_NAPI_FUNCTION("getDisallowedPolicyForAccount", GetDisallowedPolicyForAccount),
77 DECLARE_NAPI_FUNCTION("addDisallowedListForAccount", AddDisallowedListForAccount),
78 DECLARE_NAPI_FUNCTION("removeDisallowedListForAccount", RemoveDisallowedListForAccount),
79 DECLARE_NAPI_FUNCTION("getDisallowedListForAccount", GetDisallowedListForAccount),
80 };
81 NAPI_CALL(env, napi_define_properties(env, exports, sizeof(property) / sizeof(property[0]), property));
82 return exports;
83 }
84
SetPrinterDisabled(napi_env env,napi_callback_info info)85 napi_value RestrictionsAddon::SetPrinterDisabled(napi_env env, napi_callback_info info)
86 {
87 return SetPolicyDisabled(env, info, EdmInterfaceCode::DISABLED_PRINTER);
88 }
89
SetHdcDisabled(napi_env env,napi_callback_info info)90 napi_value RestrictionsAddon::SetHdcDisabled(napi_env env, napi_callback_info info)
91 {
92 return SetPolicyDisabled(env, info, EdmInterfaceCode::DISABLED_HDC);
93 }
94
SetPolicyDisabledCommon(AddonMethodSign & addonMethodSign,int policyCode)95 void RestrictionsAddon::SetPolicyDisabledCommon(AddonMethodSign &addonMethodSign, int policyCode)
96 {
97 addonMethodSign.name = "SetPolicyDisabled";
98 addonMethodSign.argsType = {EdmAddonCommonType::ELEMENT, EdmAddonCommonType::BOOLEAN};
99 addonMethodSign.methodAttribute = MethodAttribute::HANDLE;
100 addonMethodSign.policyCode = policyCode;
101 std::string permissionTag = (std::find(multiPermCodes.begin(), multiPermCodes.end(),
102 policyCode) == multiPermCodes.end()) ? WITHOUT_PERMISSION_TAG : EdmConstants::PERMISSION_TAG_VERSION_11;
103 addonMethodSign.apiVersionTag = permissionTag;
104 }
105
SetPolicyDisabled(napi_env env,napi_callback_info info,int policyCode)106 napi_value RestrictionsAddon::SetPolicyDisabled(napi_env env, napi_callback_info info, int policyCode)
107 {
108 EDMLOGI("NAPI_SetPolicyDisabled called");
109 AddonMethodSign addonMethodSign;
110 SetPolicyDisabledCommon(addonMethodSign, policyCode);
111 return AddonMethodAdapter(env, info, addonMethodSign, NativeSetPolicyDisabled, NativeVoidCallbackComplete);
112 }
113
NativeSetPolicyDisabled(napi_env env,void * data)114 void RestrictionsAddon::NativeSetPolicyDisabled(napi_env env, void *data)
115 {
116 EDMLOGI("NativeSetPolicyDisabled called");
117 if (data == nullptr) {
118 EDMLOGE("data is nullptr");
119 return;
120 }
121 AdapterAddonData *asyncCallbackInfo = static_cast<AdapterAddonData *>(data);
122 asyncCallbackInfo->ret = RestrictionsProxy::GetRestrictionsProxy()->SetDisallowedPolicy(
123 asyncCallbackInfo->data, asyncCallbackInfo->policyCode);
124 }
125
IsPrinterDisabled(napi_env env,napi_callback_info info)126 napi_value RestrictionsAddon::IsPrinterDisabled(napi_env env, napi_callback_info info)
127 {
128 return IsPolicyDisabled(env, info, EdmInterfaceCode::DISABLED_PRINTER);
129 }
130
IsHdcDisabled(napi_env env,napi_callback_info info)131 napi_value RestrictionsAddon::IsHdcDisabled(napi_env env, napi_callback_info info)
132 {
133 return IsPolicyDisabled(env, info, EdmInterfaceCode::DISABLED_HDC);
134 }
135
IsPolicyDisabled(napi_env env,napi_callback_info info,int policyCode)136 napi_value RestrictionsAddon::IsPolicyDisabled(napi_env env, napi_callback_info info, int policyCode)
137 {
138 EDMLOGI("NAPI_IsPolicyDisabled called");
139 size_t argc = ARGS_SIZE_TWO;
140 napi_value argv[ARGS_SIZE_TWO] = {nullptr};
141 napi_value thisArg = nullptr;
142 void *data = nullptr;
143 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
144 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_ONE, "parameter count error");
145 auto asyncCallbackInfo = new (std::nothrow) AsyncRestrictionsCallbackInfo();
146 if (asyncCallbackInfo == nullptr) {
147 return nullptr;
148 }
149 std::unique_ptr<AsyncRestrictionsCallbackInfo> callbackPtr{asyncCallbackInfo};
150 bool matchFlag = false;
151 if (MatchValueType(env, argv[ARR_INDEX_ZERO], napi_null)) {
152 asyncCallbackInfo->hasAdmin = false;
153 matchFlag = true;
154 } else if (MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object)) {
155 matchFlag = true;
156 asyncCallbackInfo->hasAdmin = true;
157 bool ret = ParseElementName(env, asyncCallbackInfo->elementName, argv[ARR_INDEX_ZERO]);
158 ASSERT_AND_THROW_PARAM_ERROR(env, ret, "element name param error");
159 EDMLOGD(
160 "IsPolicyDisabled: asyncCallbackInfo->elementName.bundlename %{public}s, "
161 "asyncCallbackInfo->abilityname:%{public}s",
162 asyncCallbackInfo->elementName.GetBundleName().c_str(),
163 asyncCallbackInfo->elementName.GetAbilityName().c_str());
164 }
165 if (argc > ARGS_SIZE_ONE) {
166 matchFlag = matchFlag && MatchValueType(env, argv[ARR_INDEX_ONE], napi_function);
167 }
168 ASSERT_AND_THROW_PARAM_ERROR(env, matchFlag, "parameter type error");
169 if (argc > ARGS_SIZE_ONE) {
170 EDMLOGD("NAPI_IsPolicyDisabled argc == ARGS_SIZE_TWO");
171 NAPI_CALL(env, napi_create_reference(env, argv[ARR_INDEX_ONE], NAPI_RETURN_ONE, &asyncCallbackInfo->callback));
172 }
173 asyncCallbackInfo->policyCode = policyCode;
174 napi_value asyncWorkReturn =
175 HandleAsyncWork(env, asyncCallbackInfo, "IsPolicyDisabled", NativeIsPolicyDisabled, NativeBoolCallbackComplete);
176 callbackPtr.release();
177 return asyncWorkReturn;
178 }
179
NativeIsPolicyDisabled(napi_env env,void * data)180 void RestrictionsAddon::NativeIsPolicyDisabled(napi_env env, void *data)
181 {
182 EDMLOGI("NativeIsPolicyDisabled called");
183 if (data == nullptr) {
184 EDMLOGE("data is nullptr");
185 return;
186 }
187 AsyncRestrictionsCallbackInfo *asyncCallbackInfo = static_cast<AsyncRestrictionsCallbackInfo *>(data);
188 std::string permissionTag = (std::find(multiPermCodes.begin(), multiPermCodes.end(),
189 asyncCallbackInfo->policyCode) == multiPermCodes.end()) ? WITHOUT_PERMISSION_TAG :
190 EdmConstants::PERMISSION_TAG_VERSION_11;
191 if (asyncCallbackInfo->hasAdmin) {
192 asyncCallbackInfo->ret = RestrictionsProxy::GetRestrictionsProxy()->GetDisallowedPolicy(
193 &(asyncCallbackInfo->elementName), asyncCallbackInfo->policyCode, asyncCallbackInfo->boolRet,
194 permissionTag);
195 } else {
196 asyncCallbackInfo->ret = RestrictionsProxy::GetRestrictionsProxy()->GetDisallowedPolicy(
197 nullptr, asyncCallbackInfo->policyCode, asyncCallbackInfo->boolRet, permissionTag);
198 }
199 }
200
DisableMicrophone(napi_env env,napi_callback_info info)201 napi_value RestrictionsAddon::DisableMicrophone(napi_env env, napi_callback_info info)
202 {
203 return SetPolicyDisabledSync(env, info, EdmInterfaceCode::DISABLE_MICROPHONE);
204 }
205
IsMicrophoneDisabled(napi_env env,napi_callback_info info)206 napi_value RestrictionsAddon::IsMicrophoneDisabled(napi_env env, napi_callback_info info)
207 {
208 return IsPolicyDisabledSync(env, info, EdmInterfaceCode::DISABLE_MICROPHONE);
209 }
210
SetFingerprintAuthDisabled(napi_env env,napi_callback_info info)211 napi_value RestrictionsAddon::SetFingerprintAuthDisabled(napi_env env, napi_callback_info info)
212 {
213 EDMLOGI("SetFingerprintAuthDisabled called");
214 size_t argc = ARGS_SIZE_TWO;
215 napi_value argv[ARGS_SIZE_TWO] = {nullptr};
216 napi_value thisArg = nullptr;
217 void *data = nullptr;
218 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
219 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_TWO, "parameter count error");
220 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "parameter admin error");
221 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ONE], napi_boolean),
222 "parameter disallow error");
223 OHOS::AppExecFwk::ElementName elementName;
224 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
225 "element name param error");
226 EDMLOGD("SetFingerprintAuthDisabled: elementName.bundleName %{public}s, elementName.abilityName:%{public}s",
227 elementName.GetBundleName().c_str(), elementName.GetAbilityName().c_str());
228 bool disallow = false;
229 ASSERT_AND_THROW_PARAM_ERROR(env, ParseBool(env, disallow, argv[ARR_INDEX_ONE]), "parameter disallow parse error");
230
231 auto proxy = RestrictionsProxy::GetRestrictionsProxy();
232 if (proxy == nullptr) {
233 EDMLOGE("can not get RestrictionsProxy");
234 napi_throw(env, CreateError(env, EdmReturnErrCode::SYSTEM_ABNORMALLY));
235 return nullptr;
236 }
237 ErrCode ret = proxy->SetFingerprintAuthDisabled(elementName, disallow);
238 if (FAILED(ret)) {
239 napi_throw(env, CreateError(env, ret));
240 }
241 return nullptr;
242 }
243
IsFingerprintAuthDisabled(napi_env env,napi_callback_info info)244 napi_value RestrictionsAddon::IsFingerprintAuthDisabled(napi_env env, napi_callback_info info)
245 {
246 EDMLOGI("NAPI_IsFingerprintAuthDisabled called");
247 size_t argc = ARGS_SIZE_ONE;
248 napi_value argv[ARGS_SIZE_ONE] = {nullptr};
249 napi_value thisArg = nullptr;
250 void *data = nullptr;
251 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
252 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_ONE, "parameter count error");
253 bool hasAdmin = false;
254 OHOS::AppExecFwk::ElementName elementName;
255 ASSERT_AND_THROW_PARAM_ERROR(env, CheckGetPolicyAdminParam(env, argv[ARR_INDEX_ZERO], hasAdmin, elementName),
256 "param admin need be null or want");
257 EDMLOGD("IsFingerprintAuthDisabled: elementName.bundleName %{public}s, elementName.abilityName:%{public}s",
258 elementName.GetBundleName().c_str(), elementName.GetAbilityName().c_str());
259
260 auto proxy = RestrictionsProxy::GetRestrictionsProxy();
261 if (proxy == nullptr) {
262 EDMLOGE("can not get RestrictionsProxy");
263 napi_throw(env, CreateError(env, EdmReturnErrCode::SYSTEM_ABNORMALLY));
264 return nullptr;
265 }
266 bool disallow = false;
267 ErrCode ret;
268 if (hasAdmin) {
269 ret = proxy->IsFingerprintAuthDisabled(&elementName, disallow);
270 } else {
271 ret = proxy->IsFingerprintAuthDisabled(nullptr, disallow);
272 }
273 if (FAILED(ret)) {
274 napi_throw(env, CreateError(env, ret));
275 return nullptr;
276 }
277 napi_value result = nullptr;
278 NAPI_CALL(env, napi_get_boolean(env, disallow, &result));
279 return result;
280 }
281
SetPolicyDisabledSync(napi_env env,napi_callback_info info,int policyCode)282 napi_value RestrictionsAddon::SetPolicyDisabledSync(napi_env env, napi_callback_info info, int policyCode)
283 {
284 EDMLOGI("NAPI_SetPolicyDisabledSync called");
285 AddonMethodSign addonMethodSign;
286 SetPolicyDisabledCommon(addonMethodSign, policyCode);
287
288 AdapterAddonData adapterAddonData{};
289 if (JsObjectToData(env, info, addonMethodSign, &adapterAddonData) == nullptr) {
290 return nullptr;
291 }
292 ErrCode ret = RestrictionsProxy::GetRestrictionsProxy()->SetDisallowedPolicy(adapterAddonData.data, policyCode);
293 if (FAILED(ret)) {
294 napi_throw(env, CreateError(env, ret));
295 }
296 return nullptr;
297 }
298
IsPolicyDisabledSync(napi_env env,napi_callback_info info,int policyCode)299 napi_value RestrictionsAddon::IsPolicyDisabledSync(napi_env env, napi_callback_info info, int policyCode)
300 {
301 EDMLOGI("NAPI_IsPolicyDisabled called");
302 size_t argc = ARGS_SIZE_ONE;
303 napi_value argv[ARGS_SIZE_ONE] = {nullptr};
304 napi_value thisArg = nullptr;
305 void *data = nullptr;
306 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
307 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_ONE, "parameter count error");
308 bool hasAdmin = false;
309 OHOS::AppExecFwk::ElementName elementName;
310 ASSERT_AND_THROW_PARAM_ERROR(env, CheckGetPolicyAdminParam(env, argv[ARR_INDEX_ZERO], hasAdmin, elementName),
311 "param admin need be null or want");
312 ErrCode ret = ERR_OK;
313 bool boolRet = false;
314 std::string permissionTag = (std::find(multiPermCodes.begin(), multiPermCodes.end(),
315 policyCode) == multiPermCodes.end()) ? WITHOUT_PERMISSION_TAG : EdmConstants::PERMISSION_TAG_VERSION_11;
316 if (hasAdmin) {
317 ret = RestrictionsProxy::GetRestrictionsProxy()->GetDisallowedPolicy(&elementName, policyCode, boolRet,
318 permissionTag);
319 } else {
320 ret = RestrictionsProxy::GetRestrictionsProxy()->GetDisallowedPolicy(nullptr, policyCode, boolRet,
321 permissionTag);
322 }
323 if (FAILED(ret)) {
324 napi_throw(env, CreateError(env, ret));
325 EDMLOGE("SetPolicyDisabledSync failed!");
326 return nullptr;
327 }
328 napi_value result = nullptr;
329 NAPI_CALL(env, napi_get_boolean(env, boolRet, &result));
330 return result;
331 }
332
SetDisallowedPolicy(napi_env env,napi_callback_info info)333 napi_value RestrictionsAddon::SetDisallowedPolicy(napi_env env, napi_callback_info info)
334 {
335 EDMLOGI("NAPI_SetDisallowedPolicy called");
336 size_t argc = ARGS_SIZE_THREE;
337 napi_value argv[ARGS_SIZE_THREE] = {nullptr};
338 napi_value thisArg = nullptr;
339 void *data = nullptr;
340 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
341 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_THREE, "parameter count error");
342 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "parameter admin error");
343 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ONE], napi_string), "parameter feature error");
344 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_TWO], napi_boolean),
345 "parameter disallow error");
346 OHOS::AppExecFwk::ElementName elementName;
347 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
348 "element name param error");
349 EDMLOGD("SetDisallowedPolicy: elementName.bundleName %{public}s, elementName.abilityName:%{public}s",
350 elementName.GetBundleName().c_str(), elementName.GetAbilityName().c_str());
351 std::string feature;
352 ASSERT_AND_THROW_PARAM_ERROR(env, ParseString(env, feature, argv[ARR_INDEX_ONE]), "parameter feature parse error");
353 bool disallow = false;
354 ASSERT_AND_THROW_PARAM_ERROR(env, ParseBool(env, disallow, argv[ARR_INDEX_TWO]), "parameter disallow parse error");
355
356 auto proxy = RestrictionsProxy::GetRestrictionsProxy();
357 if (proxy == nullptr) {
358 EDMLOGE("can not get RestrictionsProxy");
359 napi_throw(env, CreateError(env, EdmReturnErrCode::SYSTEM_ABNORMALLY));
360 return nullptr;
361 }
362 ErrCode ret = ERR_OK;
363 if (feature == EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_FINGER_PRINT) {
364 ret = proxy->SetFingerprintAuthDisabled(elementName, disallow);
365 } else {
366 auto labelCode = labelCodeMap.find(feature);
367 if (labelCode == labelCodeMap.end()) {
368 napi_throw(env, CreateError(env, EdmReturnErrCode::INTERFACE_UNSUPPORTED));
369 return nullptr;
370 }
371 std::uint32_t ipcCode = labelCode->second;
372 std::string permissionTag = (std::find(multiPermCodes.begin(), multiPermCodes.end(),
373 ipcCode) == multiPermCodes.end()) ? WITHOUT_PERMISSION_TAG : EdmConstants::PERMISSION_TAG_VERSION_12;
374 ret = proxy->SetDisallowedPolicy(elementName, disallow, ipcCode, permissionTag);
375 }
376 if (FAILED(ret)) {
377 napi_throw(env, CreateError(env, ret));
378 }
379 return nullptr;
380 }
381
GetDisallowedPolicy(napi_env env,napi_callback_info info)382 napi_value RestrictionsAddon::GetDisallowedPolicy(napi_env env, napi_callback_info info)
383 {
384 EDMLOGI("NAPI_GetDisallowedPolicy called");
385 size_t argc = ARGS_SIZE_TWO;
386 napi_value argv[ARGS_SIZE_TWO] = {nullptr};
387 napi_value thisArg = nullptr;
388 void *data = nullptr;
389 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
390 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_TWO, "parameter count error");
391 bool hasAdmin = false;
392 OHOS::AppExecFwk::ElementName elementName;
393 ASSERT_AND_THROW_PARAM_ERROR(env, CheckGetPolicyAdminParam(env, argv[ARR_INDEX_ZERO], hasAdmin, elementName),
394 "param admin need be null or want");
395 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ONE], napi_string), "parameter feature error");
396 std::string feature;
397 ASSERT_AND_THROW_PARAM_ERROR(env, ParseString(env, feature, argv[ARR_INDEX_ONE]), "parameter feature parse error");
398 if (hasAdmin) {
399 EDMLOGD("GetDisallowedPolicy: elementName.bundleName %{public}s, elementName.abilityName:%{public}s",
400 elementName.GetBundleName().c_str(), elementName.GetAbilityName().c_str());
401 } else {
402 EDMLOGD("GetDisallowedPolicy: elementName is null");
403 }
404
405 bool disallow = false;
406 auto proxy = RestrictionsProxy::GetRestrictionsProxy();
407 if (proxy == nullptr) {
408 EDMLOGE("can not get RestrictionsProxy");
409 napi_throw(env, CreateError(env, EdmReturnErrCode::SYSTEM_ABNORMALLY));
410 return nullptr;
411 }
412 ErrCode ret = ERR_OK;
413 if (feature == EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_FINGER_PRINT) {
414 ret = proxy->IsFingerprintAuthDisabled(hasAdmin ? &elementName : nullptr, disallow);
415 } else {
416 auto labelCode = labelCodeMap.find(feature);
417 if (labelCode == labelCodeMap.end()) {
418 napi_throw(env, CreateError(env, EdmReturnErrCode::INTERFACE_UNSUPPORTED));
419 return nullptr;
420 }
421 std::uint32_t ipcCode = labelCode->second;
422 std::string permissionTag = (std::find(multiPermCodes.begin(), multiPermCodes.end(),
423 ipcCode) == multiPermCodes.end()) ? WITHOUT_PERMISSION_TAG : EdmConstants::PERMISSION_TAG_VERSION_12;
424 ret = proxy->GetDisallowedPolicy(hasAdmin ? &elementName : nullptr, ipcCode, disallow, permissionTag);
425 }
426
427 if (FAILED(ret)) {
428 napi_throw(env, CreateError(env, ret));
429 return nullptr;
430 }
431 napi_value result = nullptr;
432 NAPI_CALL(env, napi_get_boolean(env, disallow, &result));
433 return result;
434 }
435
SetDisallowedPolicyForAccount(napi_env env,napi_callback_info info)436 napi_value RestrictionsAddon::SetDisallowedPolicyForAccount(napi_env env, napi_callback_info info)
437 {
438 EDMLOGI("NAPI_SetDisallowedPolicyForAccount called");
439 size_t argc = ARGS_SIZE_FOUR;
440 napi_value argv[ARGS_SIZE_FOUR] = {nullptr};
441 napi_value thisArg = nullptr;
442 void *data = nullptr;
443 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
444 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_FOUR, "parameter count error");
445 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "parameter admin error");
446 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ONE], napi_string), "parameter feature error");
447 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_TWO], napi_boolean),
448 "parameter disallow error");
449 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_THREE], napi_number),
450 "parameter accountId error");
451 OHOS::AppExecFwk::ElementName elementName;
452 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
453 "element name param error");
454 EDMLOGD("SetDisallowedPolicy: elementName.bundleName %{public}s, elementName.abilityName:%{public}s",
455 elementName.GetBundleName().c_str(), elementName.GetAbilityName().c_str());
456 std::string feature;
457 ASSERT_AND_THROW_PARAM_ERROR(env, ParseString(env, feature, argv[ARR_INDEX_ONE]), "parameter feature parse error");
458 bool disallow = false;
459 ASSERT_AND_THROW_PARAM_ERROR(env, ParseBool(env, disallow, argv[ARR_INDEX_TWO]), "parameter disallow parse error");
460 int32_t accountId = -1;
461 ASSERT_AND_THROW_PARAM_ERROR(env, ParseInt(env, accountId, argv[ARR_INDEX_THREE]),
462 "parameter accountId parse error");
463
464 auto proxy = RestrictionsProxy::GetRestrictionsProxy();
465 if (proxy == nullptr) {
466 EDMLOGE("can not get RestrictionsProxy");
467 napi_throw(env, CreateError(env, EdmReturnErrCode::SYSTEM_ABNORMALLY));
468 return nullptr;
469 }
470 auto labelCode = labelCodeMapForAccount.find(feature);
471 if (labelCode == labelCodeMapForAccount.end()) {
472 napi_throw(env, CreateError(env, EdmReturnErrCode::INTERFACE_UNSUPPORTED));
473 return nullptr;
474 }
475 std::uint32_t ipcCode = labelCode->second;
476 std::string permissionTag = WITHOUT_PERMISSION_TAG;
477 ErrCode ret = proxy->SetDisallowedPolicyForAccount(elementName, disallow, ipcCode, permissionTag, accountId);
478 if (FAILED(ret)) {
479 napi_throw(env, CreateError(env, ret));
480 }
481 return nullptr;
482 }
483
GetDisallowedPolicyForAccount(napi_env env,napi_callback_info info)484 napi_value RestrictionsAddon::GetDisallowedPolicyForAccount(napi_env env, napi_callback_info info)
485 {
486 EDMLOGI("NAPI_GetDisallowedPolicyForAccount called");
487 size_t argc = ARGS_SIZE_THREE;
488 napi_value argv[ARGS_SIZE_THREE] = {nullptr};
489 napi_value thisArg = nullptr;
490 void *data = nullptr;
491 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
492 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_THREE, "parameter count error");
493 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "parameter admin error");
494 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ONE], napi_string), "parameter feature error");
495 ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_TWO], napi_number),
496 "parameter accountId error");
497 OHOS::AppExecFwk::ElementName elementName;
498 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
499 "element name param error");
500 EDMLOGD("SetDisallowedPolicy: elementName.bundleName %{public}s, elementName.abilityName:%{public}s",
501 elementName.GetBundleName().c_str(), elementName.GetAbilityName().c_str());
502 std::string feature;
503 ASSERT_AND_THROW_PARAM_ERROR(env, ParseString(env, feature, argv[ARR_INDEX_ONE]), "parameter feature parse error");
504 int32_t accountId = -1;
505 ASSERT_AND_THROW_PARAM_ERROR(env, ParseInt(env, accountId, argv[ARR_INDEX_TWO]), "parameter accountId parse error");
506
507 auto proxy = RestrictionsProxy::GetRestrictionsProxy();
508 if (proxy == nullptr) {
509 EDMLOGE("can not get RestrictionsProxy");
510 napi_throw(env, CreateError(env, EdmReturnErrCode::SYSTEM_ABNORMALLY));
511 return nullptr;
512 }
513 auto labelCode = labelCodeMapForAccount.find(feature);
514 if (labelCode == labelCodeMapForAccount.end()) {
515 napi_throw(env, CreateError(env, EdmReturnErrCode::INTERFACE_UNSUPPORTED));
516 return nullptr;
517 }
518 std::uint32_t ipcCode = labelCode->second;
519 std::string permissionTag = WITHOUT_PERMISSION_TAG;
520 bool disallow = false;
521 ErrCode ret = proxy->GetDisallowedPolicyForAccount(elementName, ipcCode, disallow, permissionTag, accountId);
522 if (FAILED(ret)) {
523 napi_throw(env, CreateError(env, ret));
524 return nullptr;
525 }
526 napi_value result = nullptr;
527 NAPI_CALL(env, napi_get_boolean(env, disallow, &result));
528 return result;
529 }
530
AddDisallowedListForAccount(napi_env env,napi_callback_info info)531 napi_value RestrictionsAddon::AddDisallowedListForAccount(napi_env env, napi_callback_info info)
532 {
533 return AddOrRemoveDisallowedListForAccount(env, info, true);
534 }
535
RemoveDisallowedListForAccount(napi_env env,napi_callback_info info)536 napi_value RestrictionsAddon::RemoveDisallowedListForAccount(napi_env env, napi_callback_info info)
537 {
538 return AddOrRemoveDisallowedListForAccount(env, info, false);
539 }
540
GetDisallowedListForAccount(napi_env env,napi_callback_info info)541 napi_value RestrictionsAddon::GetDisallowedListForAccount(napi_env env, napi_callback_info info)
542 {
543 EDMLOGI("NAPI_GetDisallowedListForAccount called");
544 size_t argc = ARGS_SIZE_THREE;
545 napi_value argv[ARGS_SIZE_THREE] = {nullptr};
546 napi_value thisArg = nullptr;
547 void *data = nullptr;
548 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
549 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_THREE, "parameter count error");
550 OHOS::AppExecFwk::ElementName elementName;
551 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
552 "param admin need be want");
553 std::string feature;
554 ASSERT_AND_THROW_PARAM_ERROR(env, ParseString(env, feature, argv[ARR_INDEX_ONE]), "parameter feature parse error");
555
556 int32_t accountId = -1;
557 ASSERT_AND_THROW_PARAM_ERROR(env, ParseInt(env, accountId, argv[ARR_INDEX_TWO]), "parameter accountId parse error");
558
559 auto proxy = RestrictionsProxy::GetRestrictionsProxy();
560 if (proxy == nullptr) {
561 EDMLOGE("can not get RestrictionsProxy");
562 napi_throw(env, CreateError(env, EdmReturnErrCode::SYSTEM_ABNORMALLY));
563 return nullptr;
564 }
565 std::vector<std::string> resultArray;
566 ErrCode ret = proxy->GetDisallowedListForAccount(elementName, feature, accountId, resultArray);
567 if (FAILED(ret)) {
568 napi_throw(env, CreateError(env, ret));
569 return nullptr;
570 }
571 napi_value result = nullptr;
572 NAPI_CALL(env, napi_create_array(env, &result));
573 ConvertStringVectorToJS(env, resultArray, result);
574 return result;
575 }
576
AddOrRemoveDisallowedListForAccount(napi_env env,napi_callback_info info,bool isAdd)577 napi_value RestrictionsAddon::AddOrRemoveDisallowedListForAccount(napi_env env, napi_callback_info info,
578 bool isAdd)
579 {
580 EDMLOGI("NAPI_AddOrRemoveDisallowedListForAccount called");
581 size_t argc = ARGS_SIZE_FOUR;
582 napi_value argv[ARGS_SIZE_FOUR] = {nullptr};
583 napi_value thisArg = nullptr;
584 void *data = nullptr;
585 NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data));
586 ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_FOUR, "parameter count error");
587 OHOS::AppExecFwk::ElementName elementName;
588 ASSERT_AND_THROW_PARAM_ERROR(env, ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]),
589 "element name param error");
590 EDMLOGD("SetDisallowedPolicy: elementName.bundleName %{public}s, elementName.abilityName:%{public}s",
591 elementName.GetBundleName().c_str(), elementName.GetAbilityName().c_str());
592 std::string feature;
593 ASSERT_AND_THROW_PARAM_ERROR(env, ParseString(env, feature, argv[ARR_INDEX_ONE]), "parameter feature parse error");
594 std::vector<std::string> bundleNameArray;
595 ASSERT_AND_THROW_PARAM_ERROR(env, ParseStringArray(env, bundleNameArray, argv[ARR_INDEX_TWO]),
596 "parameter bundle name error");
597 int32_t accountId = 0;
598 ASSERT_AND_THROW_PARAM_ERROR(env, ParseInt(env, accountId, argv[ARR_INDEX_THREE]),
599 "parameter accountId parse error");
600
601 auto proxy = RestrictionsProxy::GetRestrictionsProxy();
602 if (proxy == nullptr) {
603 EDMLOGE("can not get RestrictionsProxy");
604 napi_throw(env, CreateError(env, EdmReturnErrCode::SYSTEM_ABNORMALLY));
605 return nullptr;
606 }
607 ErrCode ret = proxy->AddOrRemoveDisallowedListForAccount(elementName, feature, bundleNameArray, accountId, isAdd);
608 if (FAILED(ret)) {
609 napi_throw(env, CreateError(env, ret));
610 }
611 return nullptr;
612 }
613
614 static napi_module g_restrictionsModule = {
615 .nm_version = 1,
616 .nm_flags = 0,
617 .nm_filename = nullptr,
618 .nm_register_func = RestrictionsAddon::Init,
619 .nm_modname = "enterprise.restrictions",
620 .nm_priv = ((void *)0),
621 .reserved = {0},
622 };
623
RestrictionsRegister()624 extern "C" __attribute__((constructor)) void RestrictionsRegister()
625 {
626 napi_module_register(&g_restrictionsModule);
627 }
628