1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "policy_manager.h"
17 #include <algorithm>
18 #include <ctime>
19 #include <fstream>
20 #include <unistd.h>
21 #include "directory_ex.h"
22 #include "edm_log.h"
23
24 namespace OHOS {
25 namespace EDM {
26
UserPolicyManager(int32_t userId)27 UserPolicyManager::UserPolicyManager(int32_t userId)
28 {
29 EDMLOGD("UserPolicyManager::UserPolicyManager");
30 userIdState_ = userId;
31 }
32
GetAdminByPolicyName(const std::string & policyName,AdminValueItemsMap & adminValueItems)33 ErrCode UserPolicyManager::GetAdminByPolicyName(const std::string &policyName, AdminValueItemsMap &adminValueItems)
34 {
35 auto iter = policyAdmins_.find(policyName);
36 if (iter != policyAdmins_.end()) {
37 adminValueItems = iter->second;
38 return ERR_OK;
39 }
40 return ERR_EDM_POLICY_NOT_FOUND;
41 }
42
GetAllPolicyByAdmin(const std::string & adminName,PolicyItemsMap & allAdminPolicy)43 ErrCode UserPolicyManager::GetAllPolicyByAdmin(const std::string &adminName, PolicyItemsMap &allAdminPolicy)
44 {
45 auto iter = adminPolicies_.find(adminName);
46 if (iter != adminPolicies_.end()) {
47 allAdminPolicy = iter->second;
48 return ERR_OK;
49 }
50 return ERR_EDM_POLICY_NOT_FIND;
51 }
52
GetAdminPolicy(const std::string & adminName,const std::string & policyName,std::string & policyValue)53 ErrCode UserPolicyManager::GetAdminPolicy(const std::string &adminName, const std::string &policyName,
54 std::string &policyValue)
55 {
56 auto iter = adminPolicies_.find(adminName);
57 if (iter != adminPolicies_.end()) {
58 const PolicyItemsMap &policyItem = iter->second;
59 auto it = policyItem.find(policyName);
60 if (it != policyItem.end()) {
61 policyValue = it->second;
62 return ERR_OK;
63 }
64 }
65 return ERR_EDM_POLICY_NOT_FIND;
66 }
67
GetCombinedPolicy(const std::string & policyName,std::string & policyValue)68 ErrCode UserPolicyManager::GetCombinedPolicy(const std::string &policyName, std::string &policyValue)
69 {
70 auto it = combinedPolicies_.find(policyName);
71 if (it != combinedPolicies_.end()) {
72 policyValue = it->second;
73 return ERR_OK;
74 }
75 return ERR_EDM_POLICY_NOT_FIND;
76 }
77
GetPolicy(const std::string & adminName,const std::string & policyName,std::string & policyValue)78 ErrCode UserPolicyManager::GetPolicy(const std::string &adminName, const std::string &policyName,
79 std::string &policyValue)
80 {
81 if (adminName.empty()) {
82 return GetCombinedPolicy(policyName, policyValue);
83 } else {
84 return GetAdminPolicy(adminName, policyName, policyValue);
85 }
86 }
87
SetAdminList(const std::string & adminName,const std::string & policyName,const std::string & policyValue)88 void UserPolicyManager::SetAdminList(const std::string &adminName, const std::string &policyName,
89 const std::string &policyValue)
90 {
91 auto iter = policyAdmins_.find(policyName);
92 if (iter == policyAdmins_.end()) {
93 /* policy first added into map */
94 AdminValueItemsMap adminValueItem;
95 adminValueItem.insert(std::pair<std::string, std::string>(adminName, policyValue));
96 policyAdmins_.insert(std::pair<std::string, AdminValueItemsMap>(policyName, adminValueItem));
97 return;
98 }
99
100 AdminValueItemsMap &adminValueRef = iter->second;
101 auto it = adminValueRef.find(adminName);
102 if (it != adminValueRef.end()) {
103 it->second = policyValue;
104 } else {
105 adminValueRef.insert(std::pair<std::string, std::string>(adminName, policyValue));
106 }
107 }
108
SetAdminPolicy(const std::string & adminName,const std::string & policyName,const std::string & policyValue)109 ErrCode UserPolicyManager::SetAdminPolicy(const std::string &adminName, const std::string &policyName,
110 const std::string &policyValue)
111 {
112 auto devicePoliciesStorageRdb = DevicePoliciesStorageRdb::GetInstance();
113 if (devicePoliciesStorageRdb == nullptr) {
114 EDMLOGE("PolicyManager::SetAdminPolicy get devicePoliciesStorageRdb failed.");
115 return ERR_GET_STORAGE_RDB_FAILED;
116 }
117 SetAdminList(adminName, policyName, policyValue);
118 auto iter = adminPolicies_.find(adminName);
119 if (iter == adminPolicies_.end()) {
120 if (devicePoliciesStorageRdb->InsertAdminPolicy(userIdState_, adminName, policyName, policyValue)) {
121 PolicyItemsMap itemMap;
122 itemMap.insert(std::pair<std::string, std::string>(policyName, policyValue));
123 adminPolicies_.insert(std::pair<std::string, PolicyItemsMap>(adminName, itemMap));
124 return ERR_OK;
125 }
126 EDMLOGE("PolicyManager::SetAdminPolicy failed.");
127 return ERR_EDM_POLICY_SET_FAILED;
128 }
129
130 PolicyItemsMap &policyItem = iter->second;
131 auto it = policyItem.find(policyName);
132 if (it != policyItem.end() &&
133 devicePoliciesStorageRdb->UpdateAdminPolicy(userIdState_, adminName, policyName, policyValue)) {
134 it->second = policyValue;
135 return ERR_OK;
136 } else if (it == policyItem.end() &&
137 devicePoliciesStorageRdb->InsertAdminPolicy(userIdState_, adminName, policyName, policyValue)) {
138 policyItem.insert(std::pair<std::string, std::string>(policyName, policyValue));
139 return ERR_OK;
140 }
141 EDMLOGE("PolicyManager::SetAdminPolicy failed.");
142 return ERR_EDM_POLICY_SET_FAILED;
143 }
144
SetCombinedPolicy(const std::string & policyName,const std::string & policyValue)145 ErrCode UserPolicyManager::SetCombinedPolicy(const std::string &policyName, const std::string &policyValue)
146 {
147 auto devicePoliciesStorageRdb = DevicePoliciesStorageRdb::GetInstance();
148 if (devicePoliciesStorageRdb == nullptr) {
149 EDMLOGE("PolicyManager::SetCombinedPolicy get devicePoliciesStorageRdb failed.");
150 return ERR_GET_STORAGE_RDB_FAILED;
151 }
152 auto it = combinedPolicies_.find(policyName);
153 if (it != combinedPolicies_.end() &&
154 devicePoliciesStorageRdb->UpdateCombinedPolicy(userIdState_, policyName, policyValue)) {
155 it->second = policyValue;
156 return ERR_OK;
157 } else if (it == combinedPolicies_.end() &&
158 devicePoliciesStorageRdb->InsertCombinedPolicy(userIdState_, policyName, policyValue)) {
159 combinedPolicies_.insert(std::pair<std::string, std::string>(policyName, policyValue));
160 return ERR_OK;
161 }
162 EDMLOGE("PolicyManager::SetCombinedPolicy failed.");
163 return ERR_EDM_POLICY_SET_FAILED;
164 }
165
DeleteAdminList(const std::string & adminName,const std::string & policyName)166 void UserPolicyManager::DeleteAdminList(const std::string &adminName, const std::string &policyName)
167 {
168 auto iter = policyAdmins_.find(policyName);
169 if (iter == policyAdmins_.end()) {
170 return;
171 }
172
173 AdminValueItemsMap &adminValueRef = iter->second;
174 auto it = adminValueRef.find(adminName);
175 if (it == adminValueRef.end()) {
176 return;
177 }
178
179 adminValueRef.erase(it);
180 if (adminValueRef.empty()) {
181 policyAdmins_.erase(iter);
182 }
183 }
184
DeleteAdminPolicy(const std::string & adminName,const std::string & policyName)185 ErrCode UserPolicyManager::DeleteAdminPolicy(const std::string &adminName, const std::string &policyName)
186 {
187 auto devicePoliciesStorageRdb = DevicePoliciesStorageRdb::GetInstance();
188 if (devicePoliciesStorageRdb == nullptr) {
189 EDMLOGE("PolicyManager::DeleteAdminPolicy get devicePoliciesStorageRdb failed.");
190 return ERR_GET_STORAGE_RDB_FAILED;
191 }
192 if (!devicePoliciesStorageRdb->DeleteAdminPolicy(userIdState_, adminName, policyName)) {
193 EDMLOGE("PolicyManager DeleteAdminPolicy failed.");
194 return ERR_EDM_POLICY_DEL_FAILED;
195 }
196 auto iter = adminPolicies_.find(adminName);
197 if (iter != adminPolicies_.end()) {
198 PolicyItemsMap &policyItem = iter->second;
199 auto it = policyItem.find(policyName);
200 if (it != policyItem.end()) {
201 policyItem.erase(it);
202 }
203
204 if (iter->second.empty()) {
205 adminPolicies_.erase(iter);
206 }
207
208 DeleteAdminList(adminName, policyName);
209 }
210 return ERR_OK;
211 }
212
DeleteCombinedPolicy(const std::string & policyName)213 ErrCode UserPolicyManager::DeleteCombinedPolicy(const std::string &policyName)
214 {
215 auto devicePoliciesStorageRdb = DevicePoliciesStorageRdb::GetInstance();
216 if (devicePoliciesStorageRdb == nullptr) {
217 EDMLOGE("PolicyManager::DeleteCombinedPolicy get devicePoliciesStorageRdb failed.");
218 return ERR_GET_STORAGE_RDB_FAILED;
219 }
220 if (!devicePoliciesStorageRdb->DeleteCombinedPolicy(userIdState_, policyName)) {
221 EDMLOGE("PolicyManager DeleteCombinedPolicy failed.");
222 return ERR_EDM_POLICY_DEL_FAILED;
223 }
224 auto it = combinedPolicies_.find(policyName);
225 if (it != combinedPolicies_.end()) {
226 combinedPolicies_.erase(it);
227 }
228 return ERR_OK;
229 }
230
ReplacePolicyByAdminName(int32_t userId,const std::string & adminName,const std::string & newAdminName)231 ErrCode UserPolicyManager::ReplacePolicyByAdminName(int32_t userId, const std::string &adminName,
232 const std::string &newAdminName)
233 {
234 auto devicePoliciesStorageRdb = DevicePoliciesStorageRdb::GetInstance();
235 if (devicePoliciesStorageRdb == nullptr) {
236 EDMLOGE("PolicyManager::DeleteCombinedPolicy get devicePoliciesStorageRdb failed.");
237 return ERR_GET_STORAGE_RDB_FAILED;
238 }
239
240 if (!devicePoliciesStorageRdb->ReplaceAdminPolicy(userId, adminName, newAdminName)) {
241 EDMLOGE("PolicyManager DeleteCombinedPolicy failed.");
242 return ERR_EDM_POLICY_REPLACE_FAILED;
243 }
244 auto iter = adminPolicies_.find(adminName);
245 if (iter != adminPolicies_.end()) {
246 auto policyMap = iter->second;
247 adminPolicies_.erase(iter);
248 adminPolicies_[newAdminName] = policyMap;
249 }
250 for (auto &policyEntry : policyAdmins_) {
251 auto &adminMap = policyEntry.second;
252 auto it = adminMap.find(adminName);
253 if (it != adminMap.end()) {
254 std::string policyValue = it->second;
255 adminMap.erase(it);
256 adminMap[newAdminName] = policyValue;
257 }
258 }
259 return ERR_OK;
260 }
261
DumpAdminPolicy()262 void UserPolicyManager::DumpAdminPolicy()
263 {
264 EDMLOGD("UserPolicyManager::DumpAdminPolicy");
265 std::for_each(adminPolicies_.begin(), adminPolicies_.end(), [](auto iter) {
266 EDMLOGD("UserPolicyManager::AdminName: %{public}s\n", iter.first.c_str());
267 std::unordered_map<std::string, std::string> map = iter.second;
268 std::for_each(map.begin(), map.end(),
269 [](auto subIter) { EDMLOGD("%{public}s : %{public}s\n", subIter.first.c_str(), subIter.second.c_str()); });
270 });
271 }
272
DumpAdminList()273 void UserPolicyManager::DumpAdminList()
274 {
275 EDMLOGD("UserPolicyManager: DumpAdminList");
276 std::for_each(policyAdmins_.begin(), policyAdmins_.end(), [](auto iter) {
277 EDMLOGD("UserPolicyManager::PolicyName: %{public}s\n", iter.first.c_str());
278 std::unordered_map<std::string, std::string> map = iter.second;
279 std::for_each(map.begin(), map.end(),
280 [](auto subIter) { EDMLOGD("%{public}s : %{public}s\n", subIter.first.c_str(), subIter.second.c_str()); });
281 });
282 }
283
DumpCombinedPolicy()284 void UserPolicyManager::DumpCombinedPolicy()
285 {
286 EDMLOGD("UserPolicyManager: DumpCombinedPolicy");
287 std::for_each(combinedPolicies_.begin(), combinedPolicies_.end(),
288 [](auto iter) { EDMLOGD("%{public}s : %{public}s\n", iter.first.c_str(), iter.second.c_str()); });
289 }
290
SetPolicy(const std::string & adminName,const std::string & policyName,const std::string & adminPolicy,const std::string & mergedPolicy)291 ErrCode UserPolicyManager::SetPolicy(const std::string &adminName, const std::string &policyName,
292 const std::string &adminPolicy, const std::string &mergedPolicy)
293 {
294 if (policyName.empty()) {
295 return ERR_EDM_POLICY_SET_FAILED;
296 }
297
298 ErrCode err;
299 if (mergedPolicy.empty()) {
300 err = DeleteCombinedPolicy(policyName);
301 } else {
302 err = SetCombinedPolicy(policyName, mergedPolicy);
303 }
304 if (FAILED(err)) {
305 EDMLOGW("Set or delete combined policy failed:%{public}d, merged policy:%{public}s\n",
306 err, mergedPolicy.c_str());
307 }
308
309 if (!adminName.empty()) {
310 if (adminPolicy.empty()) {
311 err = DeleteAdminPolicy(adminName, policyName);
312 } else {
313 err = SetAdminPolicy(adminName, policyName, adminPolicy);
314 }
315 }
316 if (FAILED(err)) {
317 EDMLOGW("Set or delete admin policy failed:%{public}d, admin policy:%{public}s\n",
318 err, adminPolicy.c_str());
319 }
320 return err;
321 }
322
Init()323 void UserPolicyManager::Init()
324 {
325 auto devicePoliciesStorageRdb = DevicePoliciesStorageRdb::GetInstance();
326 if (devicePoliciesStorageRdb != nullptr &&
327 devicePoliciesStorageRdb->QueryAdminPolicy(userIdState_, adminPolicies_, policyAdmins_) &&
328 devicePoliciesStorageRdb->QueryCombinedPolicy(userIdState_, combinedPolicies_)) {
329 EDMLOGI("UserPolicyManager init success.");
330 } else {
331 EDMLOGE("UserPolicyManager init failed.");
332 }
333 }
334 } // namespace EDM
335 } // namespace OHOS
336