1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "restrictions_proxy.h"
17
18 #include "edm_log.h"
19 #include "func_code.h"
20
21 namespace OHOS {
22 namespace EDM {
23 std::shared_ptr<RestrictionsProxy> RestrictionsProxy::instance_ = nullptr;
24 std::once_flag RestrictionsProxy::flag_;
25 const std::u16string DESCRIPTOR = u"ohos.edm.IEnterpriseDeviceMgr";
26
GetRestrictionsProxy()27 std::shared_ptr<RestrictionsProxy> RestrictionsProxy::GetRestrictionsProxy()
28 {
29 std::call_once(flag_, []() {
30 if (instance_ == nullptr) {
31 instance_ = std::make_shared<RestrictionsProxy>();
32 }
33 });
34 return instance_;
35 }
36
SetDisallowedPolicy(const AppExecFwk::ElementName & admin,bool disallow,int policyCode,std::string permissionTag)37 int32_t RestrictionsProxy::SetDisallowedPolicy(const AppExecFwk::ElementName &admin, bool disallow, int policyCode,
38 std::string permissionTag)
39 {
40 return EnterpriseDeviceMgrProxy::GetInstance()->SetPolicyDisabled(admin, disallow, policyCode, permissionTag);
41 }
42
SetDisallowedPolicy(MessageParcel & data,uint32_t policyCode)43 int32_t RestrictionsProxy::SetDisallowedPolicy(MessageParcel &data, uint32_t policyCode)
44 {
45 return EnterpriseDeviceMgrProxy::GetInstance()->SetPolicyDisabled(data, policyCode);
46 }
47
GetDisallowedPolicy(AppExecFwk::ElementName * admin,int policyCode,bool & result,std::string permissionTag)48 int32_t RestrictionsProxy::GetDisallowedPolicy(AppExecFwk::ElementName *admin, int policyCode, bool &result,
49 std::string permissionTag)
50 {
51 return EnterpriseDeviceMgrProxy::GetInstance()->IsPolicyDisabled(admin, policyCode, result, permissionTag);
52 }
53
GetDisallowedPolicy(MessageParcel & data,uint32_t policyCode,bool & result)54 int32_t RestrictionsProxy::GetDisallowedPolicy(MessageParcel &data, uint32_t policyCode, bool &result)
55 {
56 return EnterpriseDeviceMgrProxy::GetInstance()->IsPolicyDisabled(data, policyCode, result);
57 }
58
SetFingerprintAuthDisabled(const AppExecFwk::ElementName & admin,bool disallow)59 int32_t RestrictionsProxy::SetFingerprintAuthDisabled(const AppExecFwk::ElementName &admin, bool disallow)
60 {
61 EDMLOGD("RestrictionsProxy::SetFingerprintAuthDisabled");
62 MessageParcel data;
63 std::uint32_t funcCode =
64 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, EdmInterfaceCode::FINGERPRINT_AUTH);
65 data.WriteInterfaceToken(DESCRIPTOR);
66 data.WriteInt32(WITHOUT_USERID);
67 data.WriteParcelable(&admin);
68 data.WriteString(WITHOUT_PERMISSION_TAG);
69 data.WriteString(EdmConstants::FINGERPRINT_AUTH_TYPE);
70 data.WriteBool(disallow);
71 return EnterpriseDeviceMgrProxy::GetInstance()->HandleDevicePolicy(funcCode, data);
72 }
73
IsFingerprintAuthDisabled(AppExecFwk::ElementName * admin,bool & result)74 int32_t RestrictionsProxy::IsFingerprintAuthDisabled(AppExecFwk::ElementName *admin, bool &result)
75 {
76 EDMLOGD("RestrictionsProxy::GetFingerprintAuthDisabled");
77 MessageParcel data;
78 MessageParcel reply;
79 data.WriteInterfaceToken(DESCRIPTOR);
80 data.WriteInt32(WITHOUT_USERID);
81 data.WriteString(WITHOUT_PERMISSION_TAG);
82 if (admin != nullptr) {
83 data.WriteInt32(HAS_ADMIN);
84 data.WriteParcelable(admin);
85 } else {
86 data.WriteInt32(WITHOUT_ADMIN);
87 }
88 data.WriteString(EdmConstants::FINGERPRINT_AUTH_TYPE);
89 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(EdmInterfaceCode::FINGERPRINT_AUTH, data, reply);
90 int32_t ret = ERR_INVALID_VALUE;
91 reply.ReadInt32(ret);
92 if (ret != ERR_OK) {
93 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
94 return ret;
95 }
96 reply.ReadBool(result);
97 return ERR_OK;
98 }
99
SetFingerprintAuthDisallowedPolicyForAccount(const AppExecFwk::ElementName & admin,bool disallow,uint32_t policyCode,std::string permissionTag,int32_t accountId)100 int32_t RestrictionsProxy::SetFingerprintAuthDisallowedPolicyForAccount(const AppExecFwk::ElementName &admin,
101 bool disallow, uint32_t policyCode, std::string permissionTag, int32_t accountId)
102 {
103 EDMLOGD("RestrictionsProxy::SetFingerprintAuthDisallowedPolicyForAccount");
104 MessageParcel data;
105 std::uint32_t funcCode =
106 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, policyCode);
107 data.WriteInterfaceToken(DESCRIPTOR);
108 data.WriteInt32(WITHOUT_USERID);
109 data.WriteParcelable(&admin);
110 data.WriteString(permissionTag);
111 data.WriteString(EdmConstants::DISALLOW_FOR_ACCOUNT_TYPE);
112 data.WriteBool(disallow);
113 data.WriteInt32(accountId);
114 return EnterpriseDeviceMgrProxy::GetInstance()->HandleDevicePolicy(funcCode, data);
115 }
116
SetDisallowedPolicyForAccount(const AppExecFwk::ElementName & admin,bool disallow,uint32_t policyCode,std::string permissionTag,int32_t accountId)117 int32_t RestrictionsProxy::SetDisallowedPolicyForAccount(const AppExecFwk::ElementName &admin,
118 bool disallow, uint32_t policyCode, std::string permissionTag, int32_t accountId)
119 {
120 EDMLOGD("RestrictionsProxy::SetDisallowedPolicyForAccount");
121 MessageParcel data;
122 std::uint32_t funcCode =
123 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, policyCode);
124 data.WriteInterfaceToken(DESCRIPTOR);
125 data.WriteInt32(HAS_USERID);
126 data.WriteInt32(accountId);
127 data.WriteParcelable(&admin);
128 data.WriteString(permissionTag);
129 data.WriteBool(disallow);
130 return EnterpriseDeviceMgrProxy::GetInstance()->HandleDevicePolicy(funcCode, data);
131 }
132
GetFingerprintAuthDisallowedPolicyForAccount(AppExecFwk::ElementName * admin,int policyCode,bool & result,std::string permissionTag,int32_t accountId)133 int32_t RestrictionsProxy::GetFingerprintAuthDisallowedPolicyForAccount(AppExecFwk::ElementName *admin,
134 int policyCode, bool &result, std::string permissionTag, int32_t accountId)
135 {
136 EDMLOGD("RestrictionsProxy::GetFingerprintAuthDisallowedPolicyForAccount");
137 MessageParcel data;
138 MessageParcel reply;
139 data.WriteInterfaceToken(DESCRIPTOR);
140 data.WriteInt32(WITHOUT_USERID);
141 data.WriteString(permissionTag);
142 if (admin != nullptr) {
143 data.WriteInt32(HAS_ADMIN);
144 data.WriteParcelable(admin);
145 } else {
146 data.WriteInt32(WITHOUT_ADMIN);
147 }
148 data.WriteString(EdmConstants::DISALLOW_FOR_ACCOUNT_TYPE);
149 data.WriteInt32(accountId);
150 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(policyCode, data, reply);
151 int32_t ret = ERR_INVALID_VALUE;
152 reply.ReadInt32(ret);
153 if (ret != ERR_OK) {
154 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
155 return ret;
156 }
157 reply.ReadBool(result);
158 return ERR_OK;
159 }
160
GetDisallowedPolicyForAccount(AppExecFwk::ElementName & admin,int policyCode,bool & result,std::string permissionTag,int32_t accountId)161 int32_t RestrictionsProxy::GetDisallowedPolicyForAccount(AppExecFwk::ElementName &admin, int policyCode, bool &result,
162 std::string permissionTag, int32_t accountId)
163 {
164 EDMLOGD("RestrictionsProxy::GetDisallowedPolicyForAccount");
165 MessageParcel data;
166 MessageParcel reply;
167 data.WriteInterfaceToken(DESCRIPTOR);
168 data.WriteInt32(HAS_USERID);
169 data.WriteInt32(accountId);
170 data.WriteString(permissionTag);
171 data.WriteInt32(HAS_ADMIN);
172 data.WriteParcelable(&admin);
173 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(policyCode, data, reply);
174 int32_t ret = ERR_INVALID_VALUE;
175 reply.ReadInt32(ret);
176 if (ret != ERR_OK) {
177 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
178 return ret;
179 }
180 reply.ReadBool(result);
181 return ERR_OK;
182 }
183
AddOrRemoveDisallowedListForAccount(const AppExecFwk::ElementName & admin,std::string feature,std::vector<std::string> & bundles,int32_t accountId,bool isAdd)184 int32_t RestrictionsProxy::AddOrRemoveDisallowedListForAccount(const AppExecFwk::ElementName &admin,
185 std::string feature, std::vector<std::string> &bundles, int32_t accountId, bool isAdd)
186 {
187 EDMLOGD("RestrictionsProxy::AddOrRemoveDisallowedListForAccount called");
188 MessageParcel data;
189 std::uint32_t interfaceCode = 0;
190 if (!GetDisallowedListInterfaceCode(feature, interfaceCode)) {
191 return EdmReturnErrCode::PARAM_ERROR;
192 }
193 std::uint32_t funcCode = 0;
194 if (isAdd) {
195 funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, interfaceCode);
196 } else {
197 funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::REMOVE, interfaceCode);
198 }
199 data.WriteInterfaceToken(DESCRIPTOR);
200 data.WriteInt32(HAS_USERID);
201 data.WriteInt32(accountId);
202 data.WriteParcelable(&admin);
203 data.WriteString(WITHOUT_PERMISSION_TAG);
204 data.WriteStringVector(bundles);
205 return EnterpriseDeviceMgrProxy::GetInstance()->HandleDevicePolicy(funcCode, data);
206 }
207
GetDisallowedListForAccount(AppExecFwk::ElementName & admin,std::string feature,int32_t accountId,std::vector<std::string> & result)208 int32_t RestrictionsProxy::GetDisallowedListForAccount(AppExecFwk::ElementName &admin, std::string feature,
209 int32_t accountId, std::vector<std::string> &result)
210 {
211 EDMLOGD("RestrictionsProxy::GetDisallowedListForAccount called");
212 std::uint32_t interfaceCode = 0;
213 if (!GetDisallowedListInterfaceCode(feature, interfaceCode)) {
214 return EdmReturnErrCode::PARAM_ERROR;
215 }
216 MessageParcel data;
217 MessageParcel reply;
218 data.WriteInterfaceToken(DESCRIPTOR);
219 data.WriteInt32(HAS_USERID);
220 data.WriteInt32(accountId);
221 data.WriteString(WITHOUT_PERMISSION_TAG);
222 data.WriteInt32(HAS_ADMIN);
223 data.WriteParcelable(&admin);
224 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(interfaceCode, data, reply);
225 int32_t ret = ERR_INVALID_VALUE;
226 bool blRes = reply.ReadInt32(ret) && (ret == ERR_OK);
227 if (!blRes) {
228 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
229 return ret;
230 }
231 reply.ReadStringVector(&result);
232 return ERR_OK;
233 }
234
GetDisallowedListInterfaceCode(std::string feature,std::uint32_t & interfaceCode)235 bool RestrictionsProxy::GetDisallowedListInterfaceCode(std::string feature, std::uint32_t &interfaceCode)
236 {
237 auto it = featureInterfaceMap_.find(feature);
238 if (it != featureInterfaceMap_.end()) {
239 interfaceCode = it->second;
240 return true;
241 }
242 return false;
243 }
244
SetUserRestriction(const AppExecFwk::ElementName & admin,bool disallow,int policyCode)245 int32_t RestrictionsProxy::SetUserRestriction(const AppExecFwk::ElementName &admin, bool disallow, int policyCode)
246 {
247 return EnterpriseDeviceMgrProxy::GetInstance()->SetPolicyDisabled(admin, disallow, policyCode,
248 WITHOUT_PERMISSION_TAG);
249 }
250
GetUserRestricted(const AppExecFwk::ElementName * admin,int policyCode,bool & result)251 int32_t RestrictionsProxy::GetUserRestricted(const AppExecFwk::ElementName *admin, int policyCode, bool &result)
252 {
253 EDMLOGD("RestrictionsProxy::GetUserRestricted called");
254 MessageParcel data;
255 MessageParcel reply;
256 data.WriteInterfaceToken(DESCRIPTOR);
257 data.WriteInt32(WITHOUT_USERID);
258 data.WriteString(WITHOUT_PERMISSION_TAG);
259 if (admin != nullptr) {
260 data.WriteInt32(HAS_ADMIN);
261 data.WriteParcelable(admin);
262 } else {
263 data.WriteInt32(WITHOUT_ADMIN);
264 }
265 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(policyCode, data, reply);
266 int32_t ret = ERR_INVALID_VALUE;
267 bool blRes = reply.ReadInt32(ret) && (ret == ERR_OK);
268 if (!blRes) {
269 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
270 return ret;
271 }
272 reply.ReadBool(result);
273 return ERR_OK;
274 }
275 } // namespace EDM
276 } // namespace OHOS
277