1 /*
2 * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "app_control_manager_host_impl.h"
17
18 #include "app_log_tag_wrapper.h"
19 #include "app_log_wrapper.h"
20 #include "appexecfwk_errors.h"
21 #include "app_control_constants.h"
22 #include "bundle_constants.h"
23 #include "bundle_mgr_service.h"
24 #include "bundle_permission_mgr.h"
25 #include "bundle_service_constants.h"
26 #include "ipc_skeleton.h"
27
28 namespace OHOS {
29 namespace AppExecFwk {
30 namespace {
31 constexpr const char* PERMISSION_DISPOSED_STATUS = "ohos.permission.MANAGE_DISPOSED_APP_STATUS";
32 constexpr const char* PERMISSION_GET_DISPOSED_STATUS = "ohos.permission.GET_DISPOSED_APP_STATUS";
33 constexpr const char* APP_MARKET_CALLING = "app market";
34 }
AppControlManagerHostImpl()35 AppControlManagerHostImpl::AppControlManagerHostImpl()
36 {
37 appControlManager_ = DelayedSingleton<AppControlManager>::GetInstance();
38 dataMgr_ = DelayedSingleton<BundleMgrService>::GetInstance()->GetDataMgr();
39 callingNameMap_ = {
40 {AppControlConstants::EDM_UID, AppControlConstants::EDM_CALLING}
41 };
42 ruleTypeMap_ = {
43 {AppInstallControlRuleType::DISALLOWED_UNINSTALL, AppControlConstants::APP_DISALLOWED_UNINSTALL},
44 {AppInstallControlRuleType::ALLOWED_INSTALL, AppControlConstants::APP_ALLOWED_INSTALL},
45 {AppInstallControlRuleType::DISALLOWED_INSTALL, AppControlConstants::APP_DISALLOWED_INSTALL}
46 };
47 }
48
~AppControlManagerHostImpl()49 AppControlManagerHostImpl::~AppControlManagerHostImpl()
50 {
51 }
52
AddAppInstallControlRule(const std::vector<std::string> & appIds,const AppInstallControlRuleType controlRuleType,int32_t userId)53 ErrCode AppControlManagerHostImpl::AddAppInstallControlRule(const std::vector<std::string> &appIds,
54 const AppInstallControlRuleType controlRuleType, int32_t userId)
55 {
56 LOG_D(BMS_TAG_DEFAULT, "AddAppInstallControlRule start");
57 std::string callingName = GetCallingName();
58 std::string ruleType = GetControlRuleType(controlRuleType);
59 if (callingName.empty()) {
60 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid");
61 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
62 }
63 if (ruleType.empty()) {
64 LOG_E(BMS_TAG_DEFAULT, "controlRuleType is invalid");
65 return ERR_BUNDLE_MANAGER_APP_CONTROL_RULE_TYPE_INVALID;
66 }
67 if (!appControlManager_) {
68 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
69 return ERR_APPEXECFWK_NULL_PTR;
70 }
71 auto ret = appControlManager_->AddAppInstallControlRule(callingName, appIds, ruleType, userId);
72 if (ret != ERR_OK) {
73 LOG_E(BMS_TAG_DEFAULT, "AddAppInstallControlRule failed due to error %{public}d", ret);
74 return ret;
75 }
76 if (ruleType == AppControlConstants::APP_DISALLOWED_UNINSTALL) {
77 UpdateAppControlledInfo(userId, appIds);
78 }
79 SendAppControlEvent(ControlActionType::INSTALL, ControlOperationType::ADD_RULE,
80 callingName, userId, Constants::MAIN_APP_INDEX, appIds, ruleType);
81 return ERR_OK;
82 }
83
DeleteAppInstallControlRule(const AppInstallControlRuleType controlRuleType,const std::vector<std::string> & appIds,int32_t userId)84 ErrCode AppControlManagerHostImpl::DeleteAppInstallControlRule(const AppInstallControlRuleType controlRuleType,
85 const std::vector<std::string> &appIds, int32_t userId)
86 {
87 LOG_D(BMS_TAG_DEFAULT, "DeleteAppInstallControlRule start");
88 std::string ruleType = GetControlRuleType(controlRuleType);
89 if (ruleType.empty()) {
90 LOG_E(BMS_TAG_DEFAULT, "controlRuleType is invalid");
91 return ERR_BUNDLE_MANAGER_APP_CONTROL_RULE_TYPE_INVALID;
92 }
93 std::string callingName = GetCallingName();
94 if (callingName.empty()) {
95 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid");
96 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
97 }
98 if (!appControlManager_) {
99 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
100 return ERR_APPEXECFWK_NULL_PTR;
101 }
102 auto ret = appControlManager_->DeleteAppInstallControlRule(callingName, ruleType, appIds, userId);
103 if (ret != ERR_OK) {
104 LOG_E(BMS_TAG_DEFAULT, "DeleteAppInstallControlRule failed due to error %{public}d", ret);
105 return ret;
106 }
107 if (ruleType == AppControlConstants::APP_DISALLOWED_UNINSTALL) {
108 UpdateAppControlledInfo(userId, appIds);
109 }
110 SendAppControlEvent(ControlActionType::INSTALL, ControlOperationType::REMOVE_RULE,
111 callingName, userId, Constants::MAIN_APP_INDEX, appIds, ruleType);
112 return ERR_OK;
113 }
114
DeleteAppInstallControlRule(const AppInstallControlRuleType controlRuleType,int32_t userId)115 ErrCode AppControlManagerHostImpl::DeleteAppInstallControlRule(const AppInstallControlRuleType controlRuleType,
116 int32_t userId)
117 {
118 LOG_D(BMS_TAG_DEFAULT, "CleanAppInstallControlRule start");
119 std::string callingName = GetCallingName();
120 std::string ruleType = GetControlRuleType(controlRuleType);
121 if (callingName.empty()) {
122 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid");
123 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
124 }
125 if (ruleType.empty()) {
126 LOG_E(BMS_TAG_DEFAULT, "controlRuleType is invalid");
127 return ERR_BUNDLE_MANAGER_APP_CONTROL_RULE_TYPE_INVALID;
128 }
129 if (!appControlManager_) {
130 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
131 return ERR_APPEXECFWK_NULL_PTR;
132 }
133 std::vector<std::string> modifyAppIds;
134 if (ruleType == AppControlConstants::APP_DISALLOWED_UNINSTALL) {
135 auto ret = appControlManager_->GetAppInstallControlRule(AppControlConstants::EDM_CALLING,
136 ruleType, userId, modifyAppIds);
137 if (ret != ERR_OK) {
138 LOG_W(BMS_TAG_DEFAULT, "GetAppInstallControlRule failed code:%{public}d", ret);
139 }
140 }
141 auto ret = appControlManager_->DeleteAppInstallControlRule(callingName, ruleType, userId);
142 if (ret != ERR_OK) {
143 LOG_E(BMS_TAG_DEFAULT, "CleanAppInstallControlRule failed due to error %{public}d", ret);
144 return ret;
145 }
146 if (ruleType == AppControlConstants::APP_DISALLOWED_UNINSTALL) {
147 UpdateAppControlledInfo(userId, modifyAppIds);
148 }
149 SendAppControlEvent(ControlActionType::INSTALL, ControlOperationType::REMOVE_RULE,
150 callingName, userId, Constants::MAIN_APP_INDEX, {}, ruleType);
151 return ERR_OK;
152 }
153
GetAppInstallControlRule(const AppInstallControlRuleType controlRuleType,int32_t userId,std::vector<std::string> & appIds)154 ErrCode AppControlManagerHostImpl::GetAppInstallControlRule(
155 const AppInstallControlRuleType controlRuleType, int32_t userId, std::vector<std::string> &appIds)
156 {
157 LOG_D(BMS_TAG_DEFAULT, "GetAppInstallControlRule start");
158 std::string callingName = GetCallingName();
159 std::string ruleType = GetControlRuleType(controlRuleType);
160 if (callingName.empty()) {
161 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid");
162 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
163 }
164 if (ruleType.empty()) {
165 LOG_E(BMS_TAG_DEFAULT, "controlRuleType is invalid");
166 return ERR_BUNDLE_MANAGER_APP_CONTROL_RULE_TYPE_INVALID;
167 }
168 if (!appControlManager_) {
169 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
170 return ERR_APPEXECFWK_NULL_PTR;
171 }
172 return appControlManager_->GetAppInstallControlRule(callingName, ruleType, userId, appIds);
173 }
174
AddAppRunningControlRule(const std::vector<AppRunningControlRule> & controlRules,int32_t userId)175 ErrCode AppControlManagerHostImpl::AddAppRunningControlRule(
176 const std::vector<AppRunningControlRule> &controlRules, int32_t userId)
177 {
178 std::string callingName = GetCallingName();
179 if (callingName.empty()) {
180 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid");
181 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
182 }
183 if (!appControlManager_) {
184 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
185 return ERR_APPEXECFWK_NULL_PTR;
186 }
187 ErrCode result = appControlManager_->AddAppRunningControlRule(callingName, controlRules, userId);
188 std::vector<std::string> appIds;
189 std::string rules;
190 for (const auto &rule : controlRules) {
191 appIds.emplace_back(rule.appId);
192 rules += (rule.controlMessage + " ");
193 }
194 SendAppControlEvent(ControlActionType::RUNUING, ControlOperationType::ADD_RULE,
195 callingName, userId, Constants::MAIN_APP_INDEX, appIds, rules);
196 return result;
197 }
198
DeleteAppRunningControlRule(const std::vector<AppRunningControlRule> & controlRules,int32_t userId)199 ErrCode AppControlManagerHostImpl::DeleteAppRunningControlRule(
200 const std::vector<AppRunningControlRule> &controlRules, int32_t userId)
201 {
202 std::string callingName = GetCallingName();
203 if (callingName.empty()) {
204 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid");
205 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
206 }
207 ErrCode result = appControlManager_->DeleteAppRunningControlRule(callingName, controlRules, userId);
208 std::vector<std::string> appIds;
209 for (const auto &rule : controlRules) {
210 appIds.emplace_back(rule.appId);
211 }
212 SendAppControlEvent(ControlActionType::RUNUING, ControlOperationType::REMOVE_RULE,
213 callingName, userId, Constants::MAIN_APP_INDEX, appIds, Constants::EMPTY_STRING);
214 return result;
215 }
216
DeleteAppRunningControlRule(int32_t userId)217 ErrCode AppControlManagerHostImpl::DeleteAppRunningControlRule(int32_t userId)
218 {
219 std::string callingName = GetCallingName();
220 if (callingName.empty()) {
221 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid");
222 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
223 }
224 if (!appControlManager_) {
225 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
226 return ERR_APPEXECFWK_NULL_PTR;
227 }
228 ErrCode result = appControlManager_->DeleteAppRunningControlRule(callingName, userId);
229 SendAppControlEvent(ControlActionType::RUNUING, ControlOperationType::REMOVE_RULE,
230 callingName, userId, Constants::MAIN_APP_INDEX, {}, Constants::EMPTY_STRING);
231 return result;
232 }
233
GetAppRunningControlRule(int32_t userId,std::vector<std::string> & appIds)234 ErrCode AppControlManagerHostImpl::GetAppRunningControlRule(int32_t userId, std::vector<std::string> &appIds)
235 {
236 std::string callingName = GetCallingName();
237 if (callingName.empty()) {
238 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid");
239 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
240 }
241 return appControlManager_->GetAppRunningControlRule(callingName, userId, appIds);
242 }
243
GetAppRunningControlRule(const std::string & bundleName,int32_t userId,AppRunningControlRuleResult & controlRuleResult)244 ErrCode AppControlManagerHostImpl::GetAppRunningControlRule(
245 const std::string &bundleName, int32_t userId, AppRunningControlRuleResult &controlRuleResult)
246 {
247 if (bundleName.empty()) {
248 LOG_NOFUNC_W(BMS_TAG_DEFAULT, "GetAppRunningControlRule bundleName is empty");
249 return ERR_BUNDLE_MANAGER_BUNDLE_NOT_EXIST;
250 }
251 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
252 if (uid != AppControlConstants::FOUNDATION_UID) {
253 LOG_W(BMS_TAG_DEFAULT, "calling permission denied, uid : %{public}d, pid : %{public}d",
254 uid, OHOS::IPCSkeleton::GetCallingPid());
255 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
256 }
257 if (!appControlManager_) {
258 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
259 return ERR_APPEXECFWK_NULL_PTR;
260 }
261 return appControlManager_->GetAppRunningControlRule(bundleName, userId, controlRuleResult);
262 }
263
ConfirmAppJumpControlRule(const std::string & callerBundleName,const std::string & targetBundleName,int32_t userId)264 ErrCode AppControlManagerHostImpl::ConfirmAppJumpControlRule(const std::string &callerBundleName,
265 const std::string &targetBundleName, int32_t userId)
266 {
267 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
268 if (uid != AppControlConstants::FOUNDATION_UID) {
269 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid, uid : %{public}d", uid);
270 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
271 }
272 return appControlManager_->ConfirmAppJumpControlRule(callerBundleName, targetBundleName, userId);
273 }
274
AddAppJumpControlRule(const std::vector<AppJumpControlRule> & controlRules,int32_t userId)275 ErrCode AppControlManagerHostImpl::AddAppJumpControlRule(const std::vector<AppJumpControlRule> &controlRules,
276 int32_t userId)
277 {
278 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
279 if (uid != AppControlConstants::FOUNDATION_UID) {
280 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid, uid : %{public}d", uid);
281 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
282 }
283 if (!appControlManager_) {
284 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
285 return ERR_APPEXECFWK_NULL_PTR;
286 }
287 return appControlManager_->AddAppJumpControlRule(controlRules, userId);
288 }
289
DeleteAppJumpControlRule(const std::vector<AppJumpControlRule> & controlRules,int32_t userId)290 ErrCode AppControlManagerHostImpl::DeleteAppJumpControlRule(const std::vector<AppJumpControlRule> &controlRules,
291 int32_t userId)
292 {
293 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
294 if (uid != AppControlConstants::FOUNDATION_UID) {
295 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid, uid : %{public}d", uid);
296 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
297 }
298 if (!appControlManager_) {
299 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
300 return ERR_APPEXECFWK_NULL_PTR;
301 }
302 return appControlManager_->DeleteAppJumpControlRule(controlRules, userId);
303 }
304
DeleteRuleByCallerBundleName(const std::string & callerBundleName,int32_t userId)305 ErrCode AppControlManagerHostImpl::DeleteRuleByCallerBundleName(const std::string &callerBundleName, int32_t userId)
306 {
307 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
308 if (uid != AppControlConstants::FOUNDATION_UID) {
309 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid, uid : %{public}d", uid);
310 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
311 }
312 if (!appControlManager_) {
313 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
314 return ERR_APPEXECFWK_NULL_PTR;
315 }
316 return appControlManager_->DeleteRuleByCallerBundleName(callerBundleName, userId);
317 }
318
DeleteRuleByTargetBundleName(const std::string & targetBundleName,int32_t userId)319 ErrCode AppControlManagerHostImpl::DeleteRuleByTargetBundleName(const std::string &targetBundleName, int32_t userId)
320 {
321 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
322 if (uid != AppControlConstants::FOUNDATION_UID) {
323 LOG_E(BMS_TAG_DEFAULT, "callingName is invalid, uid : %{public}d", uid);
324 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
325 }
326 return appControlManager_->DeleteRuleByTargetBundleName(targetBundleName, userId);
327 }
328
GetAppJumpControlRule(const std::string & callerBundleName,const std::string & targetBundleName,int32_t userId,AppJumpControlRule & controlRule)329 ErrCode AppControlManagerHostImpl::GetAppJumpControlRule(const std::string &callerBundleName,
330 const std::string &targetBundleName, int32_t userId, AppJumpControlRule &controlRule)
331 {
332 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
333 if (uid != AppControlConstants::FOUNDATION_UID) {
334 LOG_W(BMS_TAG_DEFAULT, "calling permission denied, uid : %{public}d", uid);
335 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
336 }
337 if (!appControlManager_) {
338 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
339 return ERR_APPEXECFWK_NULL_PTR;
340 }
341 return appControlManager_->GetAppJumpControlRule(callerBundleName, targetBundleName, userId, controlRule);
342 }
343
GetCallingName()344 std::string AppControlManagerHostImpl::GetCallingName()
345 {
346 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
347 auto item = callingNameMap_.find(uid);
348 if (item == callingNameMap_.end()) {
349 LOG_W(BMS_TAG_DEFAULT, "calling uid is invalid, uid : %{public}d", uid);
350 return "";
351 }
352 return item->second;
353 }
354
GetControlRuleType(const AppInstallControlRuleType controlRuleType)355 std::string AppControlManagerHostImpl::GetControlRuleType(const AppInstallControlRuleType controlRuleType)
356 {
357 auto item = ruleTypeMap_.find(controlRuleType);
358 if (item == ruleTypeMap_.end()) {
359 LOG_W(BMS_TAG_DEFAULT, "controlRuleType:%{public}d is invalid", static_cast<int32_t>(controlRuleType));
360 return "";
361 }
362 return item->second;
363 }
364
GetCallingUserId()365 int32_t AppControlManagerHostImpl::GetCallingUserId()
366 {
367 return OHOS::IPCSkeleton::GetCallingUid() / Constants::BASE_USER_RANGE;
368 }
369
SetDisposedStatus(const std::string & appId,const Want & want,int32_t userId)370 ErrCode AppControlManagerHostImpl::SetDisposedStatus(const std::string &appId, const Want &want, int32_t userId)
371 {
372 LOG_D(BMS_TAG_DEFAULT, "host begin to SetDisposedStatus");
373 if (!BundlePermissionMgr::IsSystemApp()) {
374 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
375 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
376 }
377 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(PERMISSION_DISPOSED_STATUS)) {
378 LOG_W(BMS_TAG_DEFAULT, "verify permission ohos.permission.MANAGE_DISPOSED_STATUS failed");
379 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
380 }
381 if (userId == Constants::UNSPECIFIED_USERID) {
382 userId = GetCallingUserId();
383 }
384 if (!appControlManager_) {
385 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
386 return ERR_APPEXECFWK_NULL_PTR;
387 }
388 ErrCode ret = appControlManager_->SetDisposedStatus(appId, want, userId);
389 if (ret != ERR_OK) {
390 LOG_W(BMS_TAG_DEFAULT, "host SetDisposedStatus error:%{public}d", ret);
391 }
392 SendAppControlEvent(ControlActionType::DISPOSE_STATUS, ControlOperationType::ADD_RULE,
393 APP_MARKET_CALLING, userId, Constants::MAIN_APP_INDEX, { appId }, Constants::EMPTY_STRING);
394 return ret;
395 }
396
DeleteDisposedStatus(const std::string & appId,int32_t userId)397 ErrCode AppControlManagerHostImpl::DeleteDisposedStatus(const std::string &appId, int32_t userId)
398 {
399 LOG_D(BMS_TAG_DEFAULT, "host begin to DeleteDisposedStatus");
400 if (!BundlePermissionMgr::IsSystemApp()) {
401 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
402 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
403 }
404 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(PERMISSION_DISPOSED_STATUS)) {
405 LOG_W(BMS_TAG_DEFAULT, "verify permission ohos.permission.MANAGE_DISPOSED_STATUS failed");
406 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
407 }
408 if (userId == Constants::UNSPECIFIED_USERID) {
409 userId = GetCallingUserId();
410 }
411 if (!appControlManager_) {
412 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
413 return ERR_APPEXECFWK_NULL_PTR;
414 }
415 ErrCode ret = appControlManager_->DeleteDisposedStatus(appId, userId);
416 if (ret != ERR_OK) {
417 LOG_W(BMS_TAG_DEFAULT, "host DeletetDisposedStatus error:%{public}d", ret);
418 }
419 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
420 std::string callerName;
421 GetCallerByUid(uid, callerName);
422 if (userId == Constants::UNSPECIFIED_USERID) {
423 userId = GetCallingUserId();
424 }
425 ret = appControlManager_->DeleteDisposedRule(callerName, appId, Constants::MAIN_APP_INDEX, userId);
426 SendAppControlEvent(ControlActionType::DISPOSE_STATUS, ControlOperationType::REMOVE_RULE,
427 callerName, userId, Constants::MAIN_APP_INDEX, { appId }, Constants::EMPTY_STRING);
428 return ret;
429 }
430
GetDisposedStatus(const std::string & appId,Want & want,int32_t userId)431 ErrCode AppControlManagerHostImpl::GetDisposedStatus(const std::string &appId, Want &want, int32_t userId)
432 {
433 LOG_D(BMS_TAG_DEFAULT, "host begin to GetDisposedStatus");
434 if (!BundlePermissionMgr::IsSystemApp()) {
435 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
436 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
437 }
438 if (!BundlePermissionMgr::VerifyCallingPermissionsForAll({PERMISSION_DISPOSED_STATUS,
439 PERMISSION_GET_DISPOSED_STATUS})) {
440 LOG_W(BMS_TAG_DEFAULT, "verify get disposed status permission failed");
441 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
442 }
443 if (userId == Constants::UNSPECIFIED_USERID) {
444 userId = GetCallingUserId();
445 }
446 if (!appControlManager_) {
447 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
448 return ERR_APPEXECFWK_NULL_PTR;
449 }
450 ErrCode ret = appControlManager_->GetDisposedStatus(appId, want, userId);
451 if (ret != ERR_OK) {
452 LOG_W(BMS_TAG_DEFAULT, "host GetDisposedStatus error:%{public}d", ret);
453 }
454 return ret;
455 }
456
UpdateAppControlledInfo(int32_t userId,const std::vector<std::string> & modifyAppIds) const457 void AppControlManagerHostImpl::UpdateAppControlledInfo(int32_t userId,
458 const std::vector<std::string> &modifyAppIds) const
459 {
460 LOG_D(BMS_TAG_DEFAULT, "start to UpdateAppControlledInfo under userId %{public}d", userId);
461 std::vector<std::string> appIds;
462 if (!appControlManager_) {
463 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
464 return;
465 }
466 ErrCode ret = appControlManager_->GetAppInstallControlRule(AppControlConstants::EDM_CALLING,
467 AppControlConstants::APP_DISALLOWED_UNINSTALL, userId, appIds);
468 if (ret != ERR_OK) {
469 LOG_W(BMS_TAG_DEFAULT, "not update GetAppInstallControlRule failed code:%{public}d", ret);
470 return;
471 }
472 auto bundleInfos = dataMgr_->GetAllInnerBundleInfos();
473 for (const auto &info : bundleInfos) {
474 auto iterator = std::find(appIds.begin(), appIds.end(), info.second.GetAppId());
475 bool isRemovable = (iterator != appIds.end()) ? false : true;
476 if (!dataMgr_->SetBundleUserInfoRemovable(info.first, userId, isRemovable)) {
477 LOG_W(BMS_TAG_DEFAULT, "UpdateAppControlledInfo fail -n %{public}s -u %{public}d removable:%{public}d",
478 info.first.c_str(), userId, isRemovable);
479 continue;
480 }
481 auto modifyAppIdsIterator = std::find(modifyAppIds.begin(), modifyAppIds.end(), info.second.GetAppId());
482 if (modifyAppIdsIterator != modifyAppIds.end()) {
483 AbilityInfo mainAbilityInfo;
484 info.second.GetMainAbilityInfo(mainAbilityInfo);
485 NotifyBundleEvents installRes = {
486 .isModuleUpdate = false,
487 .type = NotifyType::UNINSTALL_STATE,
488 .resultCode = ERR_OK,
489 .accessTokenId = info.second.GetAccessTokenId(userId),
490 .uid = info.second.GetUid(userId),
491 .bundleType = static_cast<int32_t>(info.second.GetApplicationBundleType()),
492 .bundleName = info.second.GetBundleName(),
493 .modulePackage = info.second.GetModuleNameVec()[0],
494 .abilityName = mainAbilityInfo.name,
495 .appDistributionType = info.second.GetAppDistributionType(),
496 };
497 std::shared_ptr<BundleCommonEventMgr> commonEventMgr = std::make_shared<BundleCommonEventMgr>();
498 commonEventMgr->NotifyBundleStatus(installRes, dataMgr_);
499 }
500 }
501 }
502
GetCallerByUid(const int32_t uid,std::string & callerName)503 void AppControlManagerHostImpl::GetCallerByUid(const int32_t uid, std::string &callerName)
504 {
505 auto item = callingNameMap_.find(uid);
506 if (item != callingNameMap_.end()) {
507 callerName = item->second;
508 return;
509 }
510 auto ret = dataMgr_->GetNameForUid(uid, callerName);
511 if (ret != ERR_OK) {
512 LOG_D(BMS_TAG_DEFAULT, "caller not recognized");
513 callerName = std::to_string(uid);
514 }
515 }
516
GetDisposedRule(const std::string & appId,DisposedRule & rule,int32_t userId)517 ErrCode AppControlManagerHostImpl::GetDisposedRule(const std::string &appId, DisposedRule &rule, int32_t userId)
518 {
519 LOG_D(BMS_TAG_DEFAULT, "host begin to GetDisposedRule");
520 if (!BundlePermissionMgr::IsSystemApp()) {
521 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
522 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
523 }
524 if (!BundlePermissionMgr::VerifyCallingPermissionsForAll({PERMISSION_DISPOSED_STATUS,
525 PERMISSION_GET_DISPOSED_STATUS})) {
526 LOG_W(BMS_TAG_DEFAULT, "verify get disposed rule permission failed");
527 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
528 }
529
530 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
531 std::string callerName;
532 GetCallerByUid(uid, callerName);
533 if (userId == Constants::UNSPECIFIED_USERID) {
534 userId = GetCallingUserId();
535 }
536 if (!appControlManager_) {
537 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
538 return ERR_APPEXECFWK_NULL_PTR;
539 }
540 auto ret = appControlManager_->GetDisposedRule(callerName, appId, rule, Constants::MAIN_APP_INDEX, userId);
541 if (ret != ERR_OK) {
542 LOG_W(BMS_TAG_DEFAULT, "host GetDisposedStatus error:%{public}d", ret);
543 }
544 return ret;
545 }
546
SetDisposedRules(std::vector<DisposedRuleConfiguration> & disposedRuleConfigurations,int32_t userId)547 ErrCode AppControlManagerHostImpl::SetDisposedRules(
548 std::vector<DisposedRuleConfiguration> &disposedRuleConfigurations, int32_t userId)
549 {
550 LOG_I(BMS_TAG_DEFAULT, "host begin to SetDisposedRules");
551 if (!BundlePermissionMgr::IsSystemApp()) {
552 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
553 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
554 }
555 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(PERMISSION_DISPOSED_STATUS)) {
556 LOG_W(BMS_TAG_DEFAULT, "verify permission ohos.permission.MANAGE_DISPOSED_STATUS failed");
557 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
558 }
559 if (!appControlManager_) {
560 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
561 return ERR_APPEXECFWK_NULL_PTR;
562 }
563
564 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
565 std::string callerName;
566 GetCallerByUid(uid, callerName);
567 bool isEdm = uid == AppControlConstants::EDM_UID ? true : false;
568 for (auto &disposedRuleConfiguration : disposedRuleConfigurations) {
569 disposedRuleConfiguration.disposedRule.isEdm = isEdm;
570 auto ret = appControlManager_->SetDisposedRule(callerName, disposedRuleConfiguration.appId,
571 disposedRuleConfiguration.disposedRule, disposedRuleConfiguration.appIndex, userId);
572 SendAppControlEvent(ControlActionType::DISPOSE_RULE, ControlOperationType::ADD_RULE,
573 callerName, userId, disposedRuleConfiguration.appIndex, { disposedRuleConfiguration.appId },
574 disposedRuleConfiguration.disposedRule.ToString());
575
576 if (ret != ERR_OK) {
577 LOG_E(BMS_TAG_DEFAULT, "host SetDisposedRules error:%{public}d", ret);
578 return ret;
579 }
580 }
581 return ERR_OK;
582 }
583
SetDisposedRule(const std::string & appId,DisposedRule & rule,int32_t userId)584 ErrCode AppControlManagerHostImpl::SetDisposedRule(const std::string &appId, DisposedRule &rule, int32_t userId)
585 {
586 LOG_D(BMS_TAG_DEFAULT, "host begin to SetDisposedRule");
587 if (!BundlePermissionMgr::IsSystemApp()) {
588 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
589 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
590 }
591 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(PERMISSION_DISPOSED_STATUS)) {
592 LOG_W(BMS_TAG_DEFAULT, "verify permission ohos.permission.MANAGE_DISPOSED_STATUS failed");
593 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
594 }
595
596 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
597 std::string callerName;
598 GetCallerByUid(uid, callerName);
599 if (uid == AppControlConstants::EDM_UID) {
600 rule.isEdm = true;
601 }
602 if (userId == Constants::UNSPECIFIED_USERID) {
603 userId = GetCallingUserId();
604 }
605 if (!appControlManager_) {
606 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
607 return ERR_APPEXECFWK_NULL_PTR;
608 }
609 auto ret = appControlManager_->SetDisposedRule(callerName, appId, rule, Constants::MAIN_APP_INDEX, userId);
610 if (ret != ERR_OK) {
611 LOG_W(BMS_TAG_DEFAULT, "host GetDisposedStatus error:%{public}d", ret);
612 }
613 SendAppControlEvent(ControlActionType::DISPOSE_RULE, ControlOperationType::ADD_RULE,
614 callerName, userId, Constants::MAIN_APP_INDEX, { appId }, rule.ToString());
615 return ret;
616 }
617
GetAbilityRunningControlRule(const std::string & bundleName,int32_t userId,std::vector<DisposedRule> & disposedRules,int32_t appIndex)618 ErrCode AppControlManagerHostImpl::GetAbilityRunningControlRule(const std::string &bundleName, int32_t userId,
619 std::vector<DisposedRule>& disposedRules, int32_t appIndex)
620 {
621 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
622 if (uid != AppControlConstants::FOUNDATION_UID) {
623 LOG_E(BMS_TAG_DEFAULT, "uid:%{public}d is forbidden", uid);
624 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
625 }
626 if (!appControlManager_) {
627 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
628 return ERR_APPEXECFWK_NULL_PTR;
629 }
630 return appControlManager_->GetAbilityRunningControlRule(bundleName, appIndex, userId,
631 disposedRules);
632 }
633
GetDisposedRuleForCloneApp(const std::string & appId,DisposedRule & rule,int32_t appIndex,int32_t userId)634 ErrCode AppControlManagerHostImpl::GetDisposedRuleForCloneApp(const std::string &appId, DisposedRule &rule,
635 int32_t appIndex, int32_t userId)
636 {
637 LOG_D(BMS_TAG_DEFAULT, "host begin to GetDisposedRuleForCloneApp");
638 if (!BundlePermissionMgr::IsSystemApp()) {
639 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
640 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
641 }
642 if (!BundlePermissionMgr::VerifyCallingPermissionsForAll({PERMISSION_DISPOSED_STATUS,
643 PERMISSION_GET_DISPOSED_STATUS})) {
644 LOG_W(BMS_TAG_DEFAULT, "verify get disposed rule permission failed");
645 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
646 }
647 if (appIndex < Constants::MAIN_APP_INDEX || appIndex > ServiceConstants::CLONE_APP_INDEX_MAX) {
648 LOG_E(BMS_TAG_DEFAULT, "appIndex %{public}d is invalid", appIndex);
649 return ERR_APPEXECFWK_APP_INDEX_OUT_OF_RANGE;
650 }
651 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
652 std::string callerName;
653 GetCallerByUid(uid, callerName);
654 if (userId == Constants::UNSPECIFIED_USERID) {
655 userId = GetCallingUserId();
656 }
657 if (!appControlManager_) {
658 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
659 return ERR_APPEXECFWK_NULL_PTR;
660 }
661 auto ret = appControlManager_->GetDisposedRule(callerName, appId, rule, appIndex, userId);
662 if (ret != ERR_OK) {
663 LOG_W(BMS_TAG_DEFAULT, "GetDisposedRuleForCloneApp error:%{public}d, appIndex:%{public}d", ret, appIndex);
664 }
665 return ret;
666 }
667
SetDisposedRuleForCloneApp(const std::string & appId,DisposedRule & rule,int32_t appIndex,int32_t userId)668 ErrCode AppControlManagerHostImpl::SetDisposedRuleForCloneApp(const std::string &appId, DisposedRule &rule,
669 int32_t appIndex, int32_t userId)
670 {
671 LOG_D(BMS_TAG_DEFAULT, "host begin to SetDisposedRuleForCloneApp");
672 if (!BundlePermissionMgr::IsSystemApp()) {
673 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
674 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
675 }
676 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(PERMISSION_DISPOSED_STATUS)) {
677 LOG_W(BMS_TAG_DEFAULT, "verify permission ohos.permission.MANAGE_DISPOSED_STATUS failed");
678 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
679 }
680 if (appIndex < Constants::MAIN_APP_INDEX || appIndex > ServiceConstants::CLONE_APP_INDEX_MAX) {
681 LOG_E(BMS_TAG_DEFAULT, "appIndex %{public}d is invalid", appIndex);
682 return ERR_APPEXECFWK_APP_INDEX_OUT_OF_RANGE;
683 }
684 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
685 std::string callerName;
686 GetCallerByUid(uid, callerName);
687 if (uid == AppControlConstants::EDM_UID) {
688 rule.isEdm = true;
689 }
690 if (userId == Constants::UNSPECIFIED_USERID) {
691 userId = GetCallingUserId();
692 }
693 if (!appControlManager_) {
694 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
695 return ERR_APPEXECFWK_NULL_PTR;
696 }
697 auto ret = appControlManager_->SetDisposedRule(callerName, appId, rule, appIndex, userId);
698 if (ret != ERR_OK) {
699 LOG_W(BMS_TAG_DEFAULT, "SetDisposedRuleForCloneApp error:%{public}d, appIndex:%{public}d", ret, appIndex);
700 }
701 SendAppControlEvent(ControlActionType::DISPOSE_RULE, ControlOperationType::ADD_RULE,
702 callerName, userId, appIndex, { appId }, rule.ToString());
703 return ret;
704 }
DeleteDisposedRuleForCloneApp(const std::string & appId,int32_t appIndex,int32_t userId)705 ErrCode AppControlManagerHostImpl::DeleteDisposedRuleForCloneApp(const std::string &appId, int32_t appIndex,
706 int32_t userId)
707 {
708 LOG_D(BMS_TAG_DEFAULT, "host begin to DeleteDisposedRuleForCloneApp");
709 if (!BundlePermissionMgr::IsSystemApp()) {
710 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
711 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
712 }
713 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(PERMISSION_DISPOSED_STATUS)) {
714 LOG_W(BMS_TAG_DEFAULT, "verify permission ohos.permission.MANAGE_DISPOSED_STATUS failed");
715 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
716 }
717 if (appIndex < Constants::MAIN_APP_INDEX || appIndex > ServiceConstants::CLONE_APP_INDEX_MAX) {
718 LOG_E(BMS_TAG_DEFAULT, "appIndex %{public}d is invalid", appIndex);
719 return ERR_APPEXECFWK_APP_INDEX_OUT_OF_RANGE;
720 }
721 if (userId == Constants::UNSPECIFIED_USERID) {
722 userId = GetCallingUserId();
723 }
724 if (!appControlManager_) {
725 LOG_E(BMS_TAG_DEFAULT, "appControlManager_ is nullptr");
726 return ERR_APPEXECFWK_NULL_PTR;
727 }
728 ErrCode ret = ERR_OK;
729 if (appIndex == Constants::MAIN_APP_INDEX) {
730 ret = appControlManager_->DeleteDisposedStatus(appId, userId);
731 if (ret != ERR_OK) {
732 LOG_W(BMS_TAG_DEFAULT, "DeleteDisposedStatus error:%{public}d", ret);
733 }
734 }
735 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
736 std::string callerName;
737 GetCallerByUid(uid, callerName);
738 if (userId == Constants::UNSPECIFIED_USERID) {
739 userId = GetCallingUserId();
740 }
741 ret = appControlManager_->DeleteDisposedRule(callerName, appId, appIndex, userId);
742 if (ret != ERR_OK) {
743 LOG_W(BMS_TAG_DEFAULT, "DeleteDisposedRule error:%{public}d, appIndex:%{public}d", ret, appIndex);
744 }
745 SendAppControlEvent(ControlActionType::DISPOSE_RULE, ControlOperationType::REMOVE_RULE,
746 callerName, userId, appIndex, { appId }, Constants::EMPTY_STRING);
747 return ret;
748 }
749
GetUninstallDisposedRule(const std::string & appIdentifier,int32_t appIndex,int32_t userId,UninstallDisposedRule & rule)750 ErrCode AppControlManagerHostImpl::GetUninstallDisposedRule(const std::string &appIdentifier,
751 int32_t appIndex, int32_t userId, UninstallDisposedRule &rule)
752 {
753 LOG_D(BMS_TAG_DEFAULT, "begin");
754 if (!BundlePermissionMgr::IsSystemApp()) {
755 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
756 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
757 }
758 if (!BundlePermissionMgr::VerifyCallingPermissionsForAll({PERMISSION_DISPOSED_STATUS,
759 PERMISSION_GET_DISPOSED_STATUS})) {
760 LOG_W(BMS_TAG_DEFAULT, "verify get uninstall disposed rule permission failed");
761 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
762 }
763 if (appIndex < Constants::MAIN_APP_INDEX || appIndex > ServiceConstants::CLONE_APP_INDEX_MAX) {
764 LOG_E(BMS_TAG_DEFAULT, "appIndex %{public}d is invalid", appIndex);
765 return ERR_APPEXECFWK_APP_INDEX_OUT_OF_RANGE;
766 }
767 if (userId == Constants::UNSPECIFIED_USERID) {
768 userId = GetCallingUserId();
769 }
770 if (!appControlManager_) {
771 LOG_E(BMS_TAG_DEFAULT, "null appControlManager_");
772 return ERR_APPEXECFWK_NULL_PTR;
773 }
774 auto ret = appControlManager_->GetUninstallDisposedRule(appIdentifier, appIndex, userId, rule);
775 if (ret != ERR_OK) {
776 LOG_W(BMS_TAG_DEFAULT, "error:%{public}d, appIndex:%{public}d",
777 ret, appIndex);
778 }
779 return ret;
780 }
781
SetUninstallDisposedRule(const std::string & appIdentifier,const UninstallDisposedRule & rule,int32_t appIndex,int32_t userId)782 ErrCode AppControlManagerHostImpl::SetUninstallDisposedRule(const std::string &appIdentifier,
783 const UninstallDisposedRule &rule, int32_t appIndex, int32_t userId)
784 {
785 LOG_D(BMS_TAG_DEFAULT, "begin");
786 if (!BundlePermissionMgr::IsSystemApp()) {
787 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
788 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
789 }
790 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(PERMISSION_DISPOSED_STATUS)) {
791 LOG_W(BMS_TAG_DEFAULT, "verify permission ohos.permission.MANAGE_DISPOSED_STATUS failed");
792 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
793 }
794 if (appIndex < Constants::MAIN_APP_INDEX || appIndex > ServiceConstants::CLONE_APP_INDEX_MAX) {
795 LOG_E(BMS_TAG_DEFAULT, "appIndex %{public}d is invalid", appIndex);
796 return ERR_APPEXECFWK_APP_INDEX_OUT_OF_RANGE;
797 }
798 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
799 std::string callerName;
800 GetCallerByUid(uid, callerName);
801 if (rule.want == nullptr) {
802 LOG_E(BMS_TAG_DEFAULT, "null want");
803 return ERR_BUNDLE_MANAGER_INVALID_UNINSTALL_RULE;
804 }
805 if (!BundlePermissionMgr::IsNativeTokenType() && callerName != rule.want->GetBundle()) {
806 LOG_E(BMS_TAG_DEFAULT, "callerName is not equal to bundleName in want");
807 return ERR_BUNDLE_MANAGER_INVALID_UNINSTALL_RULE;
808 }
809 if (userId == Constants::UNSPECIFIED_USERID) {
810 userId = GetCallingUserId();
811 }
812 if (!appControlManager_) {
813 LOG_E(BMS_TAG_DEFAULT, "null appControlManager_");
814 return ERR_APPEXECFWK_NULL_PTR;
815 }
816 auto ret = appControlManager_->SetUninstallDisposedRule(callerName, appIdentifier, rule, appIndex, userId);
817 if (ret != ERR_OK) {
818 LOG_W(BMS_TAG_DEFAULT, "error:%{public}d, appIndex:%{public}d",
819 ret, appIndex);
820 }
821 SendAppControlEvent(ControlActionType::UNINSTALL_DISPOSE_RULE, ControlOperationType::ADD_RULE,
822 callerName, userId, appIndex, { appIdentifier }, rule.ToString());
823 return ret;
824 }
825
DeleteUninstallDisposedRule(const std::string & appIdentifier,int32_t appIndex,int32_t userId)826 ErrCode AppControlManagerHostImpl::DeleteUninstallDisposedRule(const std::string &appIdentifier, int32_t appIndex,
827 int32_t userId)
828 {
829 LOG_D(BMS_TAG_DEFAULT, "begin");
830 if (!BundlePermissionMgr::IsSystemApp()) {
831 LOG_E(BMS_TAG_DEFAULT, "non-system app calling system api");
832 return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
833 }
834 if (!BundlePermissionMgr::VerifyCallingPermissionForAll(PERMISSION_DISPOSED_STATUS)) {
835 LOG_W(BMS_TAG_DEFAULT, "verify permission ohos.permission.MANAGE_DISPOSED_STATUS failed");
836 return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
837 }
838 if (appIndex < Constants::MAIN_APP_INDEX || appIndex > ServiceConstants::CLONE_APP_INDEX_MAX) {
839 LOG_E(BMS_TAG_DEFAULT, "appIndex %{public}d is invalid", appIndex);
840 return ERR_APPEXECFWK_APP_INDEX_OUT_OF_RANGE;
841 }
842 if (userId == Constants::UNSPECIFIED_USERID) {
843 userId = GetCallingUserId();
844 }
845 if (!appControlManager_) {
846 LOG_E(BMS_TAG_DEFAULT, "null appControlManager_");
847 return ERR_APPEXECFWK_NULL_PTR;
848 }
849 int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
850 std::string callerName;
851 GetCallerByUid(uid, callerName);
852 if (userId == Constants::UNSPECIFIED_USERID) {
853 userId = GetCallingUserId();
854 }
855 auto ret = appControlManager_->DeleteUninstallDisposedRule(callerName, appIdentifier, appIndex, userId);
856 if (ret != ERR_OK) {
857 LOG_W(BMS_TAG_DEFAULT, "error:%{public}d, appIndex:%{public}d", ret, appIndex);
858 }
859 SendAppControlEvent(ControlActionType::UNINSTALL_DISPOSE_RULE, ControlOperationType::REMOVE_RULE,
860 callerName, userId, appIndex, { appIdentifier }, Constants::EMPTY_STRING);
861 return ret;
862 }
863
SendAppControlEvent(ControlActionType actionType,ControlOperationType operationType,const std::string & callingName,int32_t userId,int32_t appIndex,const std::vector<std::string> & appIds,const std::string & rule)864 void AppControlManagerHostImpl::SendAppControlEvent(ControlActionType actionType, ControlOperationType operationType,
865 const std::string &callingName, int32_t userId, int32_t appIndex, const std::vector<std::string> &appIds,
866 const std::string &rule)
867 {
868 EventInfo info;
869 info.actionType = static_cast<int32_t>(actionType);
870 info.operationType = static_cast<int32_t>(operationType);
871 info.callingName = callingName;
872 info.userId = userId;
873 info.appIndex = appIndex;
874 info.appIds = appIds;
875 info.rule = rule;
876 EventReport::SendAppControlRuleEvent(info);
877 }
878 } // AppExecFwk
879 } // OHOS