1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "account_manager_proxy.h"
17
18 #include "edm_log.h"
19 #include "func_code.h"
20 #ifdef OS_ACCOUNT_EDM_ENABLE
21 #include "os_account_info.h"
22 #endif
23
24 namespace OHOS {
25 namespace EDM {
26 std::shared_ptr<AccountManagerProxy> AccountManagerProxy::instance_ = nullptr;
27 std::once_flag AccountManagerProxy::flag_;
28 const std::u16string DESCRIPTOR = u"ohos.edm.IEnterpriseDeviceMgr";
29
AccountManagerProxy()30 AccountManagerProxy::AccountManagerProxy() {}
31
~AccountManagerProxy()32 AccountManagerProxy::~AccountManagerProxy() {}
33
GetAccountManagerProxy()34 std::shared_ptr<AccountManagerProxy> AccountManagerProxy::GetAccountManagerProxy()
35 {
36 std::call_once(flag_, []() {
37 if (instance_ == nullptr) {
38 instance_ = std::make_shared<AccountManagerProxy>();
39 }
40 });
41 return instance_;
42 }
43
DisallowAddLocalAccount(AppExecFwk::ElementName & admin,bool isDisallow)44 int32_t AccountManagerProxy::DisallowAddLocalAccount(AppExecFwk::ElementName &admin, bool isDisallow)
45 {
46 #ifdef OS_ACCOUNT_EDM_ENABLE
47 EDMLOGD("AccountManagerProxy::DisallowAddLocalAccount");
48 auto proxy = EnterpriseDeviceMgrProxy::GetInstance();
49 return proxy->SetPolicyDisabled(admin, isDisallow, EdmInterfaceCode::DISALLOW_ADD_LOCAL_ACCOUNT);
50 #else
51 EDMLOGW("AccountManagerProxy::DisallowAddLocalAccount Unsupported Capabilities.");
52 return EdmReturnErrCode::INTERFACE_UNSUPPORTED;
53 #endif
54 }
55
DisallowAddLocalAccount(MessageParcel & data)56 int32_t AccountManagerProxy::DisallowAddLocalAccount(MessageParcel &data)
57 {
58 #ifdef OS_ACCOUNT_EDM_ENABLE
59 EDMLOGD("AccountManagerProxy::DisallowAddLocalAccount");
60 auto proxy = EnterpriseDeviceMgrProxy::GetInstance();
61 return proxy->SetPolicyDisabled(data, EdmInterfaceCode::DISALLOW_ADD_LOCAL_ACCOUNT);
62 #else
63 EDMLOGW("AccountManagerProxy::DisallowAddLocalAccount Unsupported Capabilities.");
64 return EdmReturnErrCode::INTERFACE_UNSUPPORTED;
65 #endif
66 }
67
IsAddLocalAccountDisallowed(AppExecFwk::ElementName * admin,bool & result)68 int32_t AccountManagerProxy::IsAddLocalAccountDisallowed(AppExecFwk::ElementName *admin, bool &result)
69 {
70 #ifdef OS_ACCOUNT_EDM_ENABLE
71 EDMLOGD("AccountManagerProxy::IsAddLocalAccountDisallowed");
72 auto proxy = EnterpriseDeviceMgrProxy::GetInstance();
73 return proxy->IsPolicyDisabled(admin, EdmInterfaceCode::DISALLOW_ADD_LOCAL_ACCOUNT, result);
74 #else
75 EDMLOGW("AccountManagerProxy::IsAddLocalAccountDisallowed Unsupported Capabilities.");
76 return EdmReturnErrCode::INTERFACE_UNSUPPORTED;
77 #endif
78 }
79
DisallowAddOsAccountByUser(MessageParcel & data)80 int32_t AccountManagerProxy::DisallowAddOsAccountByUser(MessageParcel &data)
81 {
82 #ifdef OS_ACCOUNT_EDM_ENABLE
83 EDMLOGD("AccountManagerProxy::DisallowAddOsAccountByUser");
84 auto proxy = EnterpriseDeviceMgrProxy::GetInstance();
85 std::uint32_t funcCode =
86 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, EdmInterfaceCode::DISALLOW_ADD_OS_ACCOUNT_BY_USER);
87 return proxy->HandleDevicePolicy(funcCode, data);
88 #else
89 EDMLOGW("AccountManagerProxy::DisallowAddOsAccountByUser Unsupported Capabilities.");
90 return EdmReturnErrCode::INTERFACE_UNSUPPORTED;
91 #endif
92 }
93
DisallowAddOsAccountByUser(AppExecFwk::ElementName & admin,int32_t userId,bool isDisallow)94 int32_t AccountManagerProxy::DisallowAddOsAccountByUser(AppExecFwk::ElementName &admin, int32_t userId, bool isDisallow)
95 {
96 #ifdef OS_ACCOUNT_EDM_ENABLE
97 EDMLOGD("AccountManagerProxy::DisallowAddOsAccountByUser");
98 auto proxy = EnterpriseDeviceMgrProxy::GetInstance();
99 MessageParcel data;
100 std::uint32_t funcCode =
101 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, EdmInterfaceCode::DISALLOW_ADD_OS_ACCOUNT_BY_USER);
102 data.WriteInterfaceToken(DESCRIPTOR);
103 data.WriteInt32(WITHOUT_USERID);
104 data.WriteParcelable(&admin);
105 data.WriteString(WITHOUT_PERMISSION_TAG);
106 std::vector<std::string> key {std::to_string(userId)};
107 std::vector<std::string> value {isDisallow ? "true" : "false"};
108 data.WriteStringVector(key);
109 data.WriteStringVector(value);
110 return proxy->HandleDevicePolicy(funcCode, data);
111 #else
112 EDMLOGW("AccountManagerProxy::DisallowAddOsAccountByUser Unsupported Capabilities.");
113 return EdmReturnErrCode::INTERFACE_UNSUPPORTED;
114 #endif
115 }
116
IsAddOsAccountByUserDisallowed(AppExecFwk::ElementName * admin,int32_t userId,bool & result)117 int32_t AccountManagerProxy::IsAddOsAccountByUserDisallowed(AppExecFwk::ElementName *admin, int32_t userId,
118 bool &result)
119 {
120 #ifdef OS_ACCOUNT_EDM_ENABLE
121 EDMLOGD("AccountManagerProxy::IsAddOsAccountByUserDisallowed");
122 MessageParcel data;
123 data.WriteInterfaceToken(DESCRIPTOR);
124 data.WriteInt32(WITHOUT_USERID);
125 data.WriteString(WITHOUT_PERMISSION_TAG);
126 if (admin != nullptr) {
127 data.WriteInt32(HAS_ADMIN);
128 data.WriteParcelable(admin);
129 } else {
130 if (!EnterpriseDeviceMgrProxy::GetInstance()->IsEdmEnabled()) {
131 result = false;
132 return ERR_OK;
133 }
134 data.WriteInt32(WITHOUT_ADMIN);
135 }
136 data.WriteInt32(userId);
137 return this->IsAddOsAccountByUserDisallowed(data, result);
138 #else
139 EDMLOGW("AccountManagerProxy::IsAddOsAccountByUserDisallowed Unsupported Capabilities.");
140 return EdmReturnErrCode::INTERFACE_UNSUPPORTED;
141 #endif
142 }
143
IsAddOsAccountByUserDisallowed(MessageParcel & data,bool & result)144 int32_t AccountManagerProxy::IsAddOsAccountByUserDisallowed(MessageParcel &data,
145 bool &result)
146 {
147 #ifdef OS_ACCOUNT_EDM_ENABLE
148 if (EnterpriseDeviceMgrProxy::GetInstance()->CheckDataInEdmDisabled(data)) {
149 result = false;
150 return ERR_OK;
151 }
152 EDMLOGD("AccountManagerProxy::IsAddOsAccountByUserDisallowed");
153 MessageParcel reply;
154 auto proxy = EnterpriseDeviceMgrProxy::GetInstance();
155 proxy->GetPolicy(EdmInterfaceCode::DISALLOW_ADD_OS_ACCOUNT_BY_USER, data, reply);
156 int32_t ret = ERR_INVALID_VALUE;
157 bool isSuccess = reply.ReadInt32(ret) && (ret == ERR_OK);
158 if (!isSuccess) {
159 EDMLOGE("IsAddOsAccountByUserDisallowed:GetPolicy fail. %{public}d", ret);
160 return ret;
161 }
162 reply.ReadBool(result);
163 return ERR_OK;
164 #else
165 EDMLOGW("AccountManagerProxy::IsAddOsAccountByUserDisallowed Unsupported Capabilities.");
166 return EdmReturnErrCode::INTERFACE_UNSUPPORTED;
167 #endif
168 }
169
170 #ifdef OS_ACCOUNT_EDM_ENABLE
AddOsAccount(AppExecFwk::ElementName & admin,std::string name,int32_t type,OHOS::AccountSA::OsAccountInfo & accountInfo)171 int32_t AccountManagerProxy::AddOsAccount(AppExecFwk::ElementName &admin, std::string name, int32_t type,
172 OHOS::AccountSA::OsAccountInfo &accountInfo)
173 {
174 EDMLOGD("AccountManagerProxy::AddOsAccount");
175 MessageParcel data;
176 MessageParcel reply;
177 data.WriteInterfaceToken(DESCRIPTOR);
178 data.WriteInt32(WITHOUT_USERID);
179 data.WriteParcelable(&admin);
180 data.WriteString(WITHOUT_PERMISSION_TAG);
181 std::vector<std::string> key {name};
182 std::vector<std::string> value {std::to_string(type)};
183 data.WriteStringVector(key);
184 data.WriteStringVector(value);
185 auto proxy = EnterpriseDeviceMgrProxy::GetInstance();
186 std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, EdmInterfaceCode::ADD_OS_ACCOUNT);
187 ErrCode ret = proxy->HandleDevicePolicy(funcCode, data, reply);
188 if (ret == ERR_OK) {
189 OHOS::AccountSA::OsAccountInfo *result = OHOS::AccountSA::OsAccountInfo::Unmarshalling(reply);
190 if (result == nullptr) {
191 EDMLOGE("AccountManagerProxy::AddOsAccount Unmarshalling null");
192 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
193 }
194 accountInfo = *result;
195 }
196 return ret;
197 }
198 #endif
199
SetDomainAccountPolicy(MessageParcel & data)200 int32_t AccountManagerProxy::SetDomainAccountPolicy(MessageParcel &data)
201 {
202 #if defined(FEATURE_PC_ONLY) && defined(OS_ACCOUNT_EDM_ENABLE)
203 EDMLOGD("AccountManagerProxy::SetDomainAccountPolicy");
204 auto proxy = EnterpriseDeviceMgrProxy::GetInstance();
205 std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET,
206 EdmInterfaceCode::DOMAIN_ACCOUNT_POLICY);
207 return proxy->HandleDevicePolicy(funcCode, data);
208 #else
209 EDMLOGW("AccountManagerProxy::SetDomainAccountPolicy Unsupported Capabilities.");
210 return EdmReturnErrCode::INTERFACE_UNSUPPORTED;
211 #endif
212 }
213
GetDomainAccountPolicy(MessageParcel & data,DomainAccountPolicy & domainAccountPolicy)214 int32_t AccountManagerProxy::GetDomainAccountPolicy(MessageParcel &data, DomainAccountPolicy &domainAccountPolicy)
215 {
216 #if defined(FEATURE_PC_ONLY) && defined(OS_ACCOUNT_EDM_ENABLE)
217 EDMLOGD("AccountManagerProxy::GetDomainAccountPolicy");
218 MessageParcel reply;
219 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(EdmInterfaceCode::DOMAIN_ACCOUNT_POLICY, data, reply);
220 int32_t ret = ERR_INVALID_VALUE;
221 bool blRes = reply.ReadInt32(ret) && (ret == ERR_OK);
222 if (!blRes) {
223 EDMLOGD("AccountManagerProxy::GetDomainAccountPolicy fail. %{public}d", ret);
224 return ret;
225 }
226 if (!DomainAccountPolicy::Unmarshalling(reply, domainAccountPolicy)) {
227 EDMLOGD("AccountManagerProxy::GetDomainAccountPolicy Unmarshalling fail.");
228 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
229 }
230 return ERR_OK;
231 #else
232 EDMLOGW("AccountManagerProxy::GetDomainAccountPolicy Unsupported Capabilities.");
233 return EdmReturnErrCode::INTERFACE_UNSUPPORTED;
234 #endif
235 }
236 } // namespace EDM
237 } // namespace OHOS
238