1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "enterprise_device_mgr_proxy.h"
17
18 #include <iservice_registry.h>
19 #include <string_ex.h>
20
21 #include "admin_type.h"
22 #include "edm_constants.h"
23 #include "edm_errors.h"
24 #include "edm_load_manager.h"
25 #include "edm_log.h"
26 #include "edm_sys_manager.h"
27 #include "func_code.h"
28 #include "parameters.h"
29 #include "system_ability_definition.h"
30
31 namespace OHOS {
32 namespace EDM {
33 std::shared_ptr<EnterpriseDeviceMgrProxy> EnterpriseDeviceMgrProxy::instance_ = nullptr;
34 std::mutex EnterpriseDeviceMgrProxy::mutexLock_;
35 const std::u16string DESCRIPTOR = u"ohos.edm.IEnterpriseDeviceMgr";
36
GetInstance()37 std::shared_ptr<EnterpriseDeviceMgrProxy> EnterpriseDeviceMgrProxy::GetInstance()
38 {
39 if (instance_ == nullptr) {
40 std::lock_guard<std::mutex> lock(mutexLock_);
41 if (instance_ == nullptr) {
42 std::shared_ptr<EnterpriseDeviceMgrProxy> temp = std::make_shared<EnterpriseDeviceMgrProxy>();
43 instance_ = temp;
44 }
45 }
46 return instance_;
47 }
48
DestroyInstance()49 void EnterpriseDeviceMgrProxy::DestroyInstance()
50 {
51 std::lock_guard<std::mutex> lock(mutexLock_);
52 if (instance_ != nullptr) {
53 instance_.reset();
54 }
55 }
56
IsEdmEnabled()57 bool EnterpriseDeviceMgrProxy::IsEdmEnabled()
58 {
59 std::string edmParaValue = system::GetParameter("persist.edm.edm_enable", "false");
60 EDMLOGD("EnterpriseDeviceMgrProxy::GetParameter %{public}s", edmParaValue.c_str());
61 return edmParaValue == "true";
62 }
63
IsEdmExtEnabled()64 bool EnterpriseDeviceMgrProxy::IsEdmExtEnabled()
65 {
66 std::string edmExtParaValue = system::GetParameter("persist.edm.edm_ext_enable", "false");
67 EDMLOGD("EnterpriseDeviceMgrProxy::GetParameter %{public}s", edmExtParaValue.c_str());
68 return edmExtParaValue == "true";
69 }
70
EnableAdmin(AppExecFwk::ElementName & admin,EntInfo & entInfo,AdminType type,int32_t userId)71 ErrCode EnterpriseDeviceMgrProxy::EnableAdmin(AppExecFwk::ElementName &admin, EntInfo &entInfo, AdminType type,
72 int32_t userId)
73 {
74 EDMLOGD("EnterpriseDeviceMgrProxy::EnableAdmin");
75 sptr<IRemoteObject> remote = LoadAndGetEdmService();
76 if (!remote) {
77 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
78 }
79 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
80 return mgrService->EnableAdmin(admin, entInfo, type, userId);
81 }
82
ReplaceSuperAdmin(AppExecFwk::ElementName & oldAdmin,AppExecFwk::ElementName & newAdmin,bool keepPolicy)83 ErrCode EnterpriseDeviceMgrProxy::ReplaceSuperAdmin(AppExecFwk::ElementName &oldAdmin,
84 AppExecFwk::ElementName &newAdmin, bool keepPolicy)
85 {
86 EDMLOGI("EnterpriseDeviceMgrProxy::ReplaceSuperAdmin");
87 if (!IsEdmEnabled()) {
88 return EdmReturnErrCode::ADMIN_INACTIVE;
89 }
90 sptr<IRemoteObject> remote = LoadAndGetEdmService();
91 if (!remote) {
92 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
93 }
94 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
95 return mgrService->ReplaceSuperAdmin(oldAdmin, newAdmin, keepPolicy);
96 }
97
DisableAdmin(AppExecFwk::ElementName & admin,int32_t userId)98 ErrCode EnterpriseDeviceMgrProxy::DisableAdmin(AppExecFwk::ElementName &admin, int32_t userId)
99 {
100 EDMLOGD("EnterpriseDeviceMgrProxy::DisableAdmin");
101 if (!IsEdmEnabled()) {
102 return EdmReturnErrCode::DISABLE_ADMIN_FAILED;
103 }
104 sptr<IRemoteObject> remote = LoadAndGetEdmService();
105 if (!remote) {
106 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
107 }
108 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
109 return mgrService->DisableAdmin(admin, userId);
110 }
111
DisableSuperAdmin(const std::string & bundleName)112 ErrCode EnterpriseDeviceMgrProxy::DisableSuperAdmin(const std::string &bundleName)
113 {
114 EDMLOGD("EnterpriseDeviceMgrProxy::DisableSuperAdmin");
115 if (!IsEdmEnabled()) {
116 return EdmReturnErrCode::DISABLE_ADMIN_FAILED;
117 }
118 sptr<IRemoteObject> remote = LoadAndGetEdmService();
119 if (!remote) {
120 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
121 }
122 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
123 return mgrService->DisableSuperAdmin(bundleName);
124 }
125
GetEnabledAdmin(AdminType type,std::vector<std::string> & enabledAdminList)126 ErrCode EnterpriseDeviceMgrProxy::GetEnabledAdmin(AdminType type, std::vector<std::string> &enabledAdminList)
127 {
128 EDMLOGD("EnterpriseDeviceMgrProxy::GetEnabledAdmin");
129 if (!IsEdmEnabled()) {
130 return EdmReturnErrCode::ADMIN_INACTIVE;
131 }
132 sptr<IRemoteObject> remote = LoadAndGetEdmService();
133 if (!remote) {
134 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
135 }
136 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
137 return mgrService->GetEnabledAdmin(type, enabledAdminList);
138 }
139
GetEnterpriseInfo(AppExecFwk::ElementName & admin,EntInfo & entInfo)140 ErrCode EnterpriseDeviceMgrProxy::GetEnterpriseInfo(AppExecFwk::ElementName &admin, EntInfo &entInfo)
141 {
142 EDMLOGD("EnterpriseDeviceMgrProxy::GetEnterpriseInfo");
143 if (!IsEdmEnabled()) {
144 return EdmReturnErrCode::ADMIN_INACTIVE;
145 }
146 sptr<IRemoteObject> remote = LoadAndGetEdmService();
147 if (!remote) {
148 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
149 }
150 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
151 return mgrService->GetEnterpriseInfo(admin, entInfo);
152 }
153
SetEnterpriseInfo(AppExecFwk::ElementName & admin,EntInfo & entInfo)154 ErrCode EnterpriseDeviceMgrProxy::SetEnterpriseInfo(AppExecFwk::ElementName &admin, EntInfo &entInfo)
155 {
156 EDMLOGD("EnterpriseDeviceMgrProxy::SetEnterpriseInfo");
157 if (!IsEdmEnabled()) {
158 return EdmReturnErrCode::ADMIN_INACTIVE;
159 }
160 sptr<IRemoteObject> remote = LoadAndGetEdmService();
161 if (!remote) {
162 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
163 }
164 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
165 return mgrService->SetEnterpriseInfo(admin, entInfo);
166 }
167
SetAdminRunningMode(AppExecFwk::ElementName & admin,uint32_t runningMode)168 ErrCode EnterpriseDeviceMgrProxy::SetAdminRunningMode(AppExecFwk::ElementName &admin, uint32_t runningMode)
169 {
170 EDMLOGD("EnterpriseDeviceMgrProxy::SetAdminRunningMode");
171 if (!IsEdmEnabled()) {
172 return EdmReturnErrCode::ADMIN_INACTIVE;
173 }
174 sptr<IRemoteObject> remote = LoadAndGetEdmService();
175 if (!remote) {
176 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
177 }
178 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
179 return mgrService->SetAdminRunningMode(admin, runningMode);
180 }
181
HandleManagedEvent(const AppExecFwk::ElementName & admin,const std::vector<uint32_t> & events,bool subscribe)182 ErrCode EnterpriseDeviceMgrProxy::HandleManagedEvent(const AppExecFwk::ElementName &admin,
183 const std::vector<uint32_t> &events, bool subscribe)
184 {
185 EDMLOGD("EnterpriseDeviceMgrProxy::SubscribeManagedEvent: %{public}d", subscribe);
186 if (!IsEdmEnabled()) {
187 return EdmReturnErrCode::ADMIN_INACTIVE;
188 }
189 sptr<IRemoteObject> remote = LoadAndGetEdmService();
190 if (!remote) {
191 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
192 }
193 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
194 if (subscribe) {
195 return mgrService->SubscribeManagedEvent(admin, events);
196 } else {
197 return mgrService->UnsubscribeManagedEvent(admin, events);
198 }
199 }
200
IsSuperAdmin(const std::string & bundleName,bool & result)201 ErrCode EnterpriseDeviceMgrProxy::IsSuperAdmin(const std::string &bundleName, bool &result)
202 {
203 EDMLOGD("EnterpriseDeviceMgrProxy::IsSuperAdmin");
204 result = false;
205 if (!IsEdmEnabled()) {
206 return ERR_OK;
207 }
208 sptr<IRemoteObject> remote = LoadAndGetEdmService();
209 if (!remote) {
210 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
211 }
212 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
213 return mgrService->IsSuperAdmin(bundleName, result);
214 }
215
IsByodAdmin(const AppExecFwk::ElementName & admin,bool & result)216 ErrCode EnterpriseDeviceMgrProxy::IsByodAdmin(const AppExecFwk::ElementName &admin, bool &result)
217 {
218 EDMLOGI("EnterpriseDeviceMgrProxy::IsByodAdmin");
219 result = false;
220 if (!IsEdmEnabled()) {
221 return ERR_OK;
222 }
223 sptr<IRemoteObject> remote = LoadAndGetEdmService();
224 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
225 if (!mgrService) {
226 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
227 }
228 return mgrService->IsByodAdmin(admin, result);
229 }
230
IsAdminEnabled(AppExecFwk::ElementName & admin,int32_t userId,bool & result)231 ErrCode EnterpriseDeviceMgrProxy::IsAdminEnabled(AppExecFwk::ElementName &admin, int32_t userId, bool &result)
232 {
233 EDMLOGD("EnterpriseDeviceMgrProxy::IsAdminEnabled");
234 result = false;
235 if (!IsEdmEnabled()) {
236 return ERR_OK;
237 }
238 sptr<IRemoteObject> remote = LoadAndGetEdmService();
239 if (!remote) {
240 return false;
241 }
242 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
243 return mgrService->IsAdminEnabled(admin, userId, result);
244 }
245
IsPolicyDisabled(const AppExecFwk::ElementName * admin,int policyCode,bool & result,std::string permissionTag)246 int32_t EnterpriseDeviceMgrProxy::IsPolicyDisabled(const AppExecFwk::ElementName *admin, int policyCode, bool &result,
247 std::string permissionTag)
248 {
249 MessageParcel data;
250 data.WriteInterfaceToken(DESCRIPTOR);
251 data.WriteInt32(WITHOUT_USERID);
252 data.WriteString(permissionTag);
253 if (admin != nullptr) {
254 data.WriteInt32(HAS_ADMIN);
255 data.WriteParcelable(admin);
256 } else {
257 if (!IsEdmEnabled()) {
258 result = false;
259 return ERR_OK;
260 }
261 data.WriteInt32(WITHOUT_ADMIN);
262 }
263 return IsPolicyDisabled(data, policyCode, result);
264 }
265
IsPolicyDisabled(MessageParcel & data,uint32_t policyCode,bool & result)266 int32_t EnterpriseDeviceMgrProxy::IsPolicyDisabled(MessageParcel &data, uint32_t policyCode, bool &result)
267 {
268 if (CheckDataInEdmDisabled(data)) {
269 result = false;
270 return ERR_OK;
271 }
272 MessageParcel reply;
273 GetPolicy(policyCode, data, reply);
274 int32_t ret = ERR_INVALID_VALUE;
275 bool isSuccess = reply.ReadInt32(ret) && (ret == ERR_OK);
276 if (!isSuccess) {
277 EDMLOGE("IsPolicyDisabled:GetPolicy fail. %{public}d", ret);
278 return ret;
279 }
280 reply.ReadBool(result);
281 return ERR_OK;
282 }
283
HandleDevicePolicy(int32_t policyCode,MessageParcel & data)284 int32_t EnterpriseDeviceMgrProxy::HandleDevicePolicy(int32_t policyCode, MessageParcel &data)
285 {
286 MessageParcel reply;
287 return HandleDevicePolicy(policyCode, data, reply);
288 }
289
CheckDataInEdmDisabled(MessageParcel & data)290 bool EnterpriseDeviceMgrProxy::CheckDataInEdmDisabled(MessageParcel &data)
291 {
292 data.ReadInterfaceToken();
293 data.ReadInt32();
294 data.ReadString();
295 auto isAdmin = data.ReadInt32();
296 data.RewindRead(0);
297 if (isAdmin == WITHOUT_ADMIN && !IsEdmEnabled()) {
298 return true;
299 }
300 return false;
301 }
302
HandleDevicePolicy(int32_t policyCode,MessageParcel & data,MessageParcel & reply)303 int32_t EnterpriseDeviceMgrProxy::HandleDevicePolicy(int32_t policyCode, MessageParcel &data, MessageParcel &reply)
304 {
305 EDMLOGD("EnterpriseDeviceMgrProxy::HandleDevicePolicy");
306 if (!IsEdmEnabled()) {
307 return EdmReturnErrCode::ADMIN_INACTIVE;
308 }
309 sptr<IRemoteObject> remote = LoadAndGetEdmService();
310 if (!remote) {
311 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
312 }
313 MessageOption option;
314 EDMLOGD("EnterpriseDeviceMgrProxy::handleDevicePolicy::sendRequest %{public}d", policyCode);
315 ErrCode res = remote->SendRequest(policyCode, data, reply, option);
316 if (FAILED(res)) {
317 EDMLOGE("EnterpriseDeviceMgrProxy:HandleDevicePolicy send request fail. %{public}d", res);
318 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
319 }
320 int32_t ret = ERR_INVALID_VALUE;
321 reply.ReadInt32(ret);
322 return ret;
323 }
324
AuthorizeAdmin(AppExecFwk::ElementName & admin,std::string & bundleName)325 ErrCode EnterpriseDeviceMgrProxy::AuthorizeAdmin(AppExecFwk::ElementName &admin, std::string &bundleName)
326 {
327 EDMLOGD("EnterpriseDeviceMgrProxy::AuthorizeAdmin");
328 if (!IsEdmEnabled()) {
329 return EdmReturnErrCode::ADMIN_INACTIVE;
330 }
331 sptr<IRemoteObject> remote = LoadAndGetEdmService();
332 if (!remote) {
333 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
334 }
335 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
336 return mgrService->AuthorizeAdmin(admin, bundleName);
337 }
338
GetSuperAdmin(std::string & bundleName,std::string & abilityName)339 ErrCode EnterpriseDeviceMgrProxy::GetSuperAdmin(std::string &bundleName, std::string &abilityName)
340 {
341 EDMLOGD("EnterpriseDeviceMgrProxy::GetSuperAdmin");
342 if (!IsEdmEnabled()) {
343 return ERR_OK;
344 }
345 sptr<IRemoteObject> remote = LoadAndGetEdmService();
346 if (!remote) {
347 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
348 }
349 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
350 return mgrService->GetSuperAdmin(bundleName, abilityName);
351 }
352
SetDelegatedPolicies(AppExecFwk::ElementName & parentAdmin,std::string & bundleName,std::vector<std::string> & policies)353 ErrCode EnterpriseDeviceMgrProxy::SetDelegatedPolicies(
354 AppExecFwk::ElementName &parentAdmin, std::string &bundleName, std::vector<std::string> &policies)
355 {
356 EDMLOGD("EnterpriseDeviceMgrProxy::SetDelegatedPolicies");
357 if (!IsEdmEnabled()) {
358 return EdmReturnErrCode::ADMIN_INACTIVE;
359 }
360 sptr<IRemoteObject> remote = LoadAndGetEdmService();
361 if (!remote) {
362 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
363 }
364 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
365 return mgrService->SetDelegatedPolicies(parentAdmin, bundleName, policies);
366 }
367
SetDelegatedPolicies(std::string & bundleName,std::vector<std::string> & policies,int32_t userId)368 ErrCode EnterpriseDeviceMgrProxy::SetDelegatedPolicies(std::string &bundleName,
369 std::vector<std::string> &policies, int32_t userId)
370 {
371 EDMLOGD("EnterpriseDeviceMgrProxy::SetDelegatedPolicies");
372 sptr<IRemoteObject> remote = LoadAndGetEdmService();
373 if (!remote) {
374 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
375 }
376 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
377 return mgrService->SetDelegatedPolicies(bundleName, policies, userId);
378 }
379
GetDelegatedPolicies(AppExecFwk::ElementName & parentAdmin,std::string & bundleOrPolicyName,uint32_t code,std::vector<std::string> & result)380 ErrCode EnterpriseDeviceMgrProxy::GetDelegatedPolicies(AppExecFwk::ElementName &parentAdmin,
381 std::string &bundleOrPolicyName, uint32_t code, std::vector<std::string> &result)
382 {
383 EDMLOGD("EnterpriseDeviceMgrProxy::GetDelegatedPolicies");
384 if (!IsEdmEnabled()) {
385 return EdmReturnErrCode::ADMIN_INACTIVE;
386 }
387 sptr<IRemoteObject> remote = LoadAndGetEdmService();
388 if (!remote) {
389 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
390 }
391 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
392 if (code == EdmInterfaceCode::GET_DELEGATED_POLICIES) {
393 return mgrService->GetDelegatedPolicies(parentAdmin, bundleOrPolicyName, result);
394 } else {
395 return mgrService->GetDelegatedBundleNames(parentAdmin, bundleOrPolicyName, result);
396 }
397 }
398
GetAdmins(std::vector<std::shared_ptr<AAFwk::Want>> & wants)399 ErrCode EnterpriseDeviceMgrProxy::GetAdmins(std::vector<std::shared_ptr<AAFwk::Want>> &wants)
400 {
401 EDMLOGD("EnterpriseDeviceMgrProxy::GetAdmins");
402 if (!IsEdmEnabled()) {
403 return ERR_OK;
404 }
405 sptr<IRemoteObject> remote = LoadAndGetEdmService();
406 if (!remote) {
407 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
408 }
409 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
410 return mgrService->GetAdmins(wants);
411 }
412
CheckAndGetAdminProvisionInfo(AppExecFwk::ElementName & admin,std::string & bundleName)413 ErrCode EnterpriseDeviceMgrProxy::CheckAndGetAdminProvisionInfo(AppExecFwk::ElementName &admin,
414 std::string &bundleName)
415 {
416 std::uint32_t funcCode =
417 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::GET, (std::uint32_t)EdmInterfaceCode::GET_ADMINPROVISION_INFO);
418 sptr<IRemoteObject> remote = LoadAndGetEdmService();
419 if (!remote) {
420 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
421 }
422 MessageParcel data;
423 data.WriteInterfaceToken(DESCRIPTOR);
424 data.WriteInt32(WITHOUT_USERID);
425 data.WriteParcelable(&admin);
426 data.WriteString(WITHOUT_PERMISSION_TAG);
427 MessageParcel reply;
428 MessageOption option;
429 ErrCode res = remote->SendRequest(funcCode, data, reply, option);
430 if (FAILED(res)) {
431 EDMLOGE("EnterpriseDeviceMgrProxy:CheckAndGetAdminProvisionInfo send request fail. %{public}d", res);
432 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
433 }
434 int32_t resCode = ERR_INVALID_VALUE;
435 if (!reply.ReadInt32(resCode) || FAILED(resCode)) {
436 EDMLOGE("EnterpriseDeviceMgrProxy:CheckAndGetAdminProvisionInfo get result code fail. %{public}d", resCode);
437 return resCode;
438 }
439 bundleName = reply.ReadString();
440 EDMLOGI("EnterpriseDeviceMgrProxy:CheckAndGetAdminProvisionInfo result. %{public}s", bundleName.c_str());
441 return ERR_OK;
442 }
443
GetPolicyValue(MessageParcel & data,uint32_t policyCode,std::string & policyData)444 bool EnterpriseDeviceMgrProxy::GetPolicyValue(MessageParcel &data, uint32_t policyCode, std::string &policyData)
445 {
446 MessageParcel reply;
447 int32_t ret = ERR_INVALID_VALUE;
448 if (!GetPolicy(policyCode, data, reply) || !reply.ReadInt32(ret) || ret != ERR_OK) {
449 return false;
450 }
451 reply.ReadString(policyData);
452 return true;
453 }
454
GetPolicyArray(AppExecFwk::ElementName * admin,int policyCode,std::vector<std::string> & policyData,int32_t userId)455 bool EnterpriseDeviceMgrProxy::GetPolicyArray(AppExecFwk::ElementName *admin, int policyCode,
456 std::vector<std::string> &policyData, int32_t userId)
457 {
458 MessageParcel reply;
459 if (!GetPolicyData(admin, policyCode, userId, reply)) {
460 return false;
461 }
462 int32_t size = reply.ReadInt32();
463 EDMLOGD("EnterpriseDeviceMgrProxy::GetPolicyArray size: %{public}d.", size);
464 return reply.ReadStringVector(&policyData);
465 }
466
GetPolicyMap(AppExecFwk::ElementName * admin,int policyCode,std::map<std::string,std::string> & policyData,int32_t userId)467 bool EnterpriseDeviceMgrProxy::GetPolicyMap(AppExecFwk::ElementName *admin, int policyCode,
468 std::map<std::string, std::string> &policyData, int32_t userId)
469 {
470 MessageParcel reply;
471 if (!GetPolicyData(admin, policyCode, userId, reply)) {
472 return false;
473 }
474 std::vector<std::string> keys;
475 if (!reply.ReadStringVector(&keys)) {
476 EDMLOGE("EnterpriseDeviceMgrProxy::read map keys fail.");
477 return false;
478 }
479 std::vector<std::string> values;
480 if (!reply.ReadStringVector(&values)) {
481 EDMLOGE("EnterpriseDeviceMgrProxy::read map values fail.");
482 return false;
483 }
484 if (keys.size() != values.size()) {
485 EDMLOGE("EnterpriseDeviceMgrProxy::read map fail.");
486 return false;
487 }
488 policyData.clear();
489 for (uint64_t i = 0; i < keys.size(); ++i) {
490 policyData.insert(std::make_pair(keys.at(i), values.at(i)));
491 }
492 return true;
493 }
494
GetPolicyData(AppExecFwk::ElementName * admin,int policyCode,int32_t userId,MessageParcel & reply)495 bool EnterpriseDeviceMgrProxy::GetPolicyData(AppExecFwk::ElementName *admin, int policyCode, int32_t userId,
496 MessageParcel &reply)
497 {
498 if (!IsEdmEnabled()) {
499 return false;
500 }
501 MessageParcel data;
502 data.WriteInterfaceToken(DESCRIPTOR);
503 data.WriteInt32(HAS_USERID);
504 data.WriteInt32(userId);
505 data.WriteString(WITHOUT_PERMISSION_TAG);
506 if (admin != nullptr) {
507 data.WriteInt32(HAS_ADMIN);
508 data.WriteParcelable(admin);
509 } else {
510 data.WriteInt32(WITHOUT_ADMIN);
511 }
512 int32_t ret = ERR_INVALID_VALUE;
513 return GetPolicy(policyCode, data, reply) && reply.ReadInt32(ret) && (ret == ERR_OK);
514 }
515
GetPolicy(int policyCode,MessageParcel & data,MessageParcel & reply)516 bool EnterpriseDeviceMgrProxy::GetPolicy(int policyCode, MessageParcel &data, MessageParcel &reply)
517 {
518 if (policyCode == EdmInterfaceCode::PASSWORD_POLICY) {
519 if (!IsEdmExtEnabled() && !IsEdmEnabled()) {
520 reply.WriteInt32(EdmReturnErrCode::ADMIN_INACTIVE);
521 return false;
522 }
523 } else if (!IsEdmEnabled()) {
524 reply.WriteInt32(EdmReturnErrCode::ADMIN_INACTIVE);
525 return false;
526 }
527 if (policyCode < 0) {
528 EDMLOGE("EnterpriseDeviceMgrProxy:GetPolicy invalid policyCode:%{public}d", policyCode);
529 return false;
530 }
531 std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::GET, (std::uint32_t)policyCode);
532 sptr<IRemoteObject> remote = LoadAndGetEdmService();
533 if (!remote) {
534 reply.WriteInt32(EdmReturnErrCode::SYSTEM_ABNORMALLY);
535 return false;
536 }
537 MessageOption option;
538 ErrCode res = remote->SendRequest(funcCode, data, reply, option);
539 if (FAILED(res)) {
540 EDMLOGE("EnterpriseDeviceMgrProxy:GetPolicy send request fail.");
541 return false;
542 }
543 return true;
544 }
545
GetEnabledAdmins(std::vector<std::string> & enabledAdminList)546 void EnterpriseDeviceMgrProxy::GetEnabledAdmins(std::vector<std::string> &enabledAdminList)
547 {
548 GetEnabledAdmins(AdminType::NORMAL, enabledAdminList);
549 }
550
GetEnabledSuperAdmin(std::string & enabledAdmin)551 void EnterpriseDeviceMgrProxy::GetEnabledSuperAdmin(std::string &enabledAdmin)
552 {
553 std::vector<std::string> enabledAdminList;
554 GetEnabledAdmins(AdminType::ENT, enabledAdminList);
555 if (!enabledAdminList.empty()) {
556 enabledAdmin = enabledAdminList[0];
557 }
558 }
559
IsSuperAdminExist()560 bool EnterpriseDeviceMgrProxy::IsSuperAdminExist()
561 {
562 std::vector<std::string> enabledAdminList;
563 GetEnabledAdmins(AdminType::ENT, enabledAdminList);
564 return !enabledAdminList.empty();
565 }
566
LoadAndGetEdmService()567 sptr<IRemoteObject> EnterpriseDeviceMgrProxy::LoadAndGetEdmService()
568 {
569 std::lock_guard<std::mutex> lock(mutexLock_);
570 sptr<ISystemAbilityManager> sysAbilityMgr = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
571 if (sysAbilityMgr == nullptr) {
572 EDMLOGE("EnterpriseDeviceMgrProxy::failed to get SystemAbilityManager");
573 return nullptr;
574 }
575 auto objectSA = sysAbilityMgr->CheckSystemAbility(ENTERPRISE_DEVICE_MANAGER_SA_ID);
576 if (objectSA == nullptr) {
577 EDMLOGI("EnterpriseDeviceMgrProxy::load sa from remote");
578 return EdmLoadManager::GetInstance().LoadAndGetEdmService();
579 }
580 return EdmSysManager::GetRemoteObjectOfSystemAbility(ENTERPRISE_DEVICE_MANAGER_SA_ID);
581 }
582
GetEnabledAdmins(AdminType type,std::vector<std::string> & enabledAdminList)583 void EnterpriseDeviceMgrProxy::GetEnabledAdmins(AdminType type, std::vector<std::string> &enabledAdminList)
584 {
585 if (!IsEdmEnabled()) {
586 return;
587 }
588 sptr<IRemoteObject> remote = LoadAndGetEdmService();
589 if (!remote) {
590 return;
591 }
592 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
593 ErrCode res = mgrService->GetEnabledAdmin(type, enabledAdminList);
594 if (FAILED(res)) {
595 EDMLOGE("EnterpriseDeviceMgrProxy:GetEnabledAdmins GetEnabledAdmin fail.");
596 return;
597 }
598 }
599
SetPolicyDisabled(const AppExecFwk::ElementName & admin,bool isDisabled,uint32_t policyCode,std::string permissionTag)600 int32_t EnterpriseDeviceMgrProxy::SetPolicyDisabled(const AppExecFwk::ElementName &admin, bool isDisabled,
601 uint32_t policyCode, std::string permissionTag)
602 {
603 MessageParcel data;
604 std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, policyCode);
605 data.WriteInterfaceToken(DESCRIPTOR);
606 data.WriteInt32(WITHOUT_USERID);
607 data.WriteParcelable(&admin);
608 data.WriteString(permissionTag);
609 data.WriteBool(isDisabled);
610 return HandleDevicePolicy(funcCode, data);
611 }
612
SetPolicyDisabled(MessageParcel & data,uint32_t policyCode)613 int32_t EnterpriseDeviceMgrProxy::SetPolicyDisabled(MessageParcel &data,
614 uint32_t policyCode)
615 {
616 std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, policyCode);
617 return HandleDevicePolicy(funcCode, data);
618 }
619
SetBundleInstallPolicies(std::vector<std::string> & bundles,int32_t userId,int32_t policyType)620 ErrCode EnterpriseDeviceMgrProxy::SetBundleInstallPolicies(std::vector<std::string> &bundles, int32_t userId,
621 int32_t policyType)
622 {
623 EDMLOGD("EnterpriseDeviceMgrProxy::SetBundleInstallPolicies");
624 sptr<IRemoteObject> remote = LoadAndGetEdmService();
625 sptr<IEnterpriseDeviceMgrIdl> mgrService = iface_cast<IEnterpriseDeviceMgrIdl>(remote);
626 if (!mgrService) {
627 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
628 }
629 return mgrService->SetBundleInstallPolicies(bundles, userId, policyType);
630 }
631 } // namespace EDM
632 } // namespace OHOS