1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "disallow_add_local_account_plugin.h"
17
18 #include "edm_ipc_interface_code.h"
19 #include "os_account_manager.h"
20 #include "iplugin_manager.h"
21
22 namespace OHOS {
23 namespace EDM {
24 const bool REGISTER_RESULT = IPluginManager::GetInstance()->AddPlugin(DisallowAddLocalAccountPlugin::GetPlugin());
25
26 const std::string ACCOUNT_CREATE_CONSTRAINT = "constraint.os.account.create";
27
InitPlugin(std::shared_ptr<IPluginTemplate<DisallowAddLocalAccountPlugin,bool>> ptr)28 void DisallowAddLocalAccountPlugin::InitPlugin(
29 std::shared_ptr<IPluginTemplate<DisallowAddLocalAccountPlugin, bool>> ptr)
30 {
31 EDMLOGI("DisallowAddLocalAccountPlugin InitPlugin...");
32 ptr->InitAttribute(EdmInterfaceCode::DISALLOW_ADD_LOCAL_ACCOUNT, PolicyName::POLICY_DISALLOW_ADD_LOCAL_ACCOUNT,
33 EdmPermission::PERMISSION_ENTERPRISE_SET_ACCOUNT_POLICY, IPlugin::PermissionType::SUPER_DEVICE_ADMIN, true);
34 ptr->SetSerializer(BoolSerializer::GetInstance());
35 ptr->SetOnHandlePolicyListener(&DisallowAddLocalAccountPlugin::OnSetPolicy, FuncOperateType::SET);
36 ptr->SetOnAdminRemoveListener(&DisallowAddLocalAccountPlugin::OnAdminRemove);
37 }
38
SetOtherModulePolicy(bool data,int32_t userId)39 ErrCode DisallowAddLocalAccountPlugin::SetOtherModulePolicy(bool data, int32_t userId)
40 {
41 return SetGlobalOsAccountConstraints(data);
42 }
43
RemoveOtherModulePolicy(int32_t userId)44 ErrCode DisallowAddLocalAccountPlugin::RemoveOtherModulePolicy(int32_t userId)
45 {
46 return SetGlobalOsAccountConstraints(false);
47 }
48
SetGlobalOsAccountConstraints(bool data)49 ErrCode DisallowAddLocalAccountPlugin::SetGlobalOsAccountConstraints(bool data)
50 {
51 std::vector<std::string> constraints = {ACCOUNT_CREATE_CONSTRAINT};
52 std::vector<int32_t> ids;
53 AccountSA::OsAccountManager::QueryActiveOsAccountIds(ids);
54 if (ids.empty()) {
55 EDMLOGE("DisallowAddLocalAccountPlugin QueryActiveOsAccountIds failed");
56 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
57 }
58 ErrCode ret = AccountSA::OsAccountManager::SetGlobalOsAccountConstraints(constraints, data, ids.at(0), true);
59 if (FAILED(ret)) {
60 EDMLOGE("DisallowAddLocalAccountPlugin SetGlobalOsAccountConstraints failed %{public}d", ret);
61 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
62 }
63 return ERR_OK;
64 }
65 } // namespace EDM
66 } // namespace OHOS
67