1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "enterprise_device_mgr_stub.h"
17
18 #include <ipc_skeleton.h>
19
20 #include "accesstoken_kit.h"
21 #include "admin.h"
22 #include "ent_info.h"
23 #include "string_ex.h"
24 #include "tokenid_kit.h"
25
26 using namespace OHOS::HiviewDFX;
27
28 namespace OHOS {
29 namespace EDM {
30 constexpr int32_t DEFAULT_USER_ID = 100;
31
EnterpriseDeviceMgrStub()32 EnterpriseDeviceMgrStub::EnterpriseDeviceMgrStub()
33 {
34 AddCallFuncMap();
35 EDMLOGI("EnterpriseDeviceMgrStub()");
36 }
37
AddCallFuncMap()38 void EnterpriseDeviceMgrStub::AddCallFuncMap()
39 {
40 memberFuncMap_[EdmInterfaceCode::ADD_DEVICE_ADMIN] = &EnterpriseDeviceMgrStub::EnableAdminInner;
41 memberFuncMap_[EdmInterfaceCode::REMOVE_DEVICE_ADMIN] = &EnterpriseDeviceMgrStub::DisableAdminInner;
42 memberFuncMap_[EdmInterfaceCode::REMOVE_SUPER_ADMIN] = &EnterpriseDeviceMgrStub::DisableSuperAdminInner;
43 memberFuncMap_[EdmInterfaceCode::GET_ENABLED_ADMIN] = &EnterpriseDeviceMgrStub::GetEnabledAdminInner;
44 memberFuncMap_[EdmInterfaceCode::GET_ENT_INFO] = &EnterpriseDeviceMgrStub::GetEnterpriseInfoInner;
45 memberFuncMap_[EdmInterfaceCode::SET_ENT_INFO] = &EnterpriseDeviceMgrStub::SetEnterpriseInfoInner;
46 memberFuncMap_[EdmInterfaceCode::IS_SUPER_ADMIN] = &EnterpriseDeviceMgrStub::IsSuperAdminInner;
47 memberFuncMap_[EdmInterfaceCode::IS_ADMIN_ENABLED] = &EnterpriseDeviceMgrStub::IsAdminEnabledInner;
48 memberFuncMap_[EdmInterfaceCode::SUBSCRIBE_MANAGED_EVENT] = &EnterpriseDeviceMgrStub::SubscribeManagedEventInner;
49 memberFuncMap_[EdmInterfaceCode::UNSUBSCRIBE_MANAGED_EVENT] =
50 &EnterpriseDeviceMgrStub::UnsubscribeManagedEventInner;
51 memberFuncMap_[EdmInterfaceCode::AUTHORIZE_ADMIN] = &EnterpriseDeviceMgrStub::AuthorizeAdminInner;
52 }
53
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)54 int32_t EnterpriseDeviceMgrStub::OnRemoteRequest(uint32_t code, MessageParcel &data, MessageParcel &reply,
55 MessageOption &option)
56 {
57 bool isSystemApp =
58 Security::AccessToken::TokenIdKit::IsSystemAppByFullTokenID(IPCSkeleton::GetCallingFullTokenID());
59 Security::AccessToken::ATokenTypeEnum tokenType =
60 Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(IPCSkeleton::GetCallingTokenID());
61 if (!isSystemApp && tokenType != Security::AccessToken::ATokenTypeEnum::TOKEN_NATIVE) {
62 EDMLOGE("EnterpriseDeviceMgrStub not system app or native process");
63 reply.WriteInt32(EdmReturnErrCode::SYSTEM_API_DENIED);
64 return EdmReturnErrCode::SYSTEM_API_DENIED;
65 }
66 std::u16string descriptor = GetDescriptor();
67 std::u16string remoteDescriptor = data.ReadInterfaceToken();
68 EDMLOGI("EnterpriseDeviceMgrStub code %{public}u", code);
69 if (descriptor != remoteDescriptor) {
70 EDMLOGE("EnterpriseDeviceMgrStub code %{public}d client and service descriptors are inconsistent", code);
71 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
72 return EdmReturnErrCode::PARAM_ERROR;
73 }
74 if (SERVICE_FLAG(code)) {
75 auto func = memberFuncMap_.find(code);
76 if (func != memberFuncMap_.end()) {
77 auto memberFunc = func->second;
78 if (memberFunc != nullptr) {
79 return (this->*memberFunc)(data, reply);
80 }
81 }
82 }
83 if (POLICY_FLAG(code)) {
84 EDMLOGD("POLICY_FLAG(code:%{public}x)\n", code);
85 int32_t hasUserId;
86 int32_t userId = DEFAULT_USER_ID;
87 data.ReadInt32(hasUserId);
88 if (hasUserId == 1) {
89 data.ReadInt32(userId);
90 }
91 if (FUNC_TO_OPERATE(code) == static_cast<int>(FuncOperateType::GET)) {
92 EDMLOGD("GetDevicePolicyInner");
93 return GetDevicePolicyInner(code, data, reply, userId);
94 } else {
95 EDMLOGD("HandleDevicePolicyInner");
96 return HandleDevicePolicyInner(code, data, reply, userId);
97 }
98 } else {
99 EDMLOGE("!POLICY_FLAG(code)");
100 }
101
102 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
103 }
104
EnableAdminInner(MessageParcel & data,MessageParcel & reply)105 ErrCode EnterpriseDeviceMgrStub::EnableAdminInner(MessageParcel &data, MessageParcel &reply)
106 {
107 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
108 if (!admin) {
109 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
110 return EdmReturnErrCode::PARAM_ERROR;
111 }
112 EDMLOGD("EnableAdminInner bundleName:: %{public}s : abilityName : %{public}s ", admin->GetBundleName().c_str(),
113 admin->GetAbilityName().c_str());
114 EntInfo entInfo;
115 if (!EntInfo::Unmarshalling(data, entInfo)) {
116 EDMLOGE("EnterpriseDeviceMgrStub::EnableAdminInner read parcel fail");
117 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
118 return EdmReturnErrCode::PARAM_ERROR;
119 }
120 int32_t type = data.ReadInt32();
121 int32_t userId = data.ReadInt32();
122 AdminType adminType = AdminType::UNKNOWN;
123 if (type == static_cast<int32_t>(AdminType::NORMAL) || type == static_cast<int32_t>(AdminType::ENT)) {
124 adminType = static_cast<AdminType>(type);
125 }
126 ErrCode retCode = EnableAdmin(*admin, entInfo, adminType, userId);
127 reply.WriteInt32(retCode);
128 return ERR_OK;
129 }
130
DisableAdminInner(MessageParcel & data,MessageParcel & reply)131 ErrCode EnterpriseDeviceMgrStub::DisableAdminInner(MessageParcel &data, MessageParcel &reply)
132 {
133 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
134 if (!admin) {
135 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
136 return EdmReturnErrCode::PARAM_ERROR;
137 }
138 int32_t userId = data.ReadInt32();
139 ErrCode retCode = DisableAdmin(*admin, userId);
140 reply.WriteInt32(retCode);
141 return ERR_OK;
142 }
143
DisableSuperAdminInner(MessageParcel & data,MessageParcel & reply)144 ErrCode EnterpriseDeviceMgrStub::DisableSuperAdminInner(MessageParcel &data, MessageParcel &reply)
145 {
146 std::string bundleName = data.ReadString();
147 EDMLOGD("DisableSuperAdminInner bundleName:: %{public}s :", bundleName.c_str());
148 ErrCode retCode = DisableSuperAdmin(bundleName);
149 reply.WriteInt32(retCode);
150 return retCode;
151 }
152
HandleDevicePolicyInner(uint32_t code,MessageParcel & data,MessageParcel & reply,int32_t userId)153 ErrCode EnterpriseDeviceMgrStub::HandleDevicePolicyInner(uint32_t code, MessageParcel &data, MessageParcel &reply,
154 int32_t userId)
155 {
156 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
157 if (!admin) {
158 EDMLOGW("HandleDevicePolicyInner: ReadParcelable failed");
159 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
160 return ERR_EDM_PARAM_ERROR;
161 }
162 ErrCode errCode = HandleDevicePolicy(code, *admin, data, reply, userId);
163 reply.WriteInt32(errCode);
164 return errCode;
165 }
166
GetDevicePolicyInner(uint32_t code,MessageParcel & data,MessageParcel & reply,int32_t userId)167 ErrCode EnterpriseDeviceMgrStub::GetDevicePolicyInner(uint32_t code, MessageParcel &data, MessageParcel &reply,
168 int32_t userId)
169 {
170 return GetDevicePolicy(code, data, reply, userId);
171 }
172
GetEnabledAdminInner(MessageParcel & data,MessageParcel & reply)173 ErrCode EnterpriseDeviceMgrStub::GetEnabledAdminInner(MessageParcel &data, MessageParcel &reply)
174 {
175 EDMLOGD("EnterpriseDeviceMgrStub:GetEnabledAdmin");
176 int32_t type = static_cast<int32_t>(AdminType::UNKNOWN);
177 if (!data.ReadInt32(type)) {
178 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
179 EDMLOGE("EnterpriseDeviceMgrStub:GetEnabledAdminInner read type fail %{public}u", type);
180 return EdmReturnErrCode::PARAM_ERROR;
181 }
182 std::vector<std::string> enabledAdminList;
183 ErrCode res = GetEnabledAdmin((AdminType)type, enabledAdminList);
184 if (FAILED(res)) {
185 EDMLOGE("EnterpriseDeviceMgrStub:GetEnabledAdmin failed:%{public}d", res);
186 reply.WriteInt32(res);
187 return res;
188 }
189 reply.WriteInt32(ERR_OK);
190 reply.WriteStringVector(enabledAdminList);
191 return ERR_OK;
192 }
193
GetEnterpriseInfoInner(MessageParcel & data,MessageParcel & reply)194 ErrCode EnterpriseDeviceMgrStub::GetEnterpriseInfoInner(MessageParcel &data, MessageParcel &reply)
195 {
196 EDMLOGD("EnterpriseDeviceMgrStub:GetEnterpriseInfoInner");
197 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
198 if (!admin) {
199 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
200 return EdmReturnErrCode::PARAM_ERROR;
201 }
202 EDMLOGD("GetEnterpriseInfoInner bundleName:: %{public}s : abilityName : %{public}s ",
203 admin->GetBundleName().c_str(), admin->GetAbilityName().c_str());
204
205 return GetEnterpriseInfo(*admin, reply);
206 }
207
IsSuperAdminInner(MessageParcel & data,MessageParcel & reply)208 ErrCode EnterpriseDeviceMgrStub::IsSuperAdminInner(MessageParcel &data, MessageParcel &reply)
209 {
210 EDMLOGD("EnterpriseDeviceMgrStub:IsSuperAdminInner");
211 std::string bundleName = data.ReadString();
212 EDMLOGD("IsSuperAdminInner bundleName:: %{public}s :", bundleName.c_str());
213 bool ret = IsSuperAdmin(bundleName);
214 reply.WriteInt32(ERR_OK);
215 reply.WriteBool(ret);
216 return ERR_OK;
217 }
218
IsAdminEnabledInner(MessageParcel & data,MessageParcel & reply)219 ErrCode EnterpriseDeviceMgrStub::IsAdminEnabledInner(MessageParcel &data, MessageParcel &reply)
220 {
221 EDMLOGD("EnterpriseDeviceMgrStub:IsAdminEnabled");
222 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
223 if (!admin) {
224 EDMLOGE("EnterpriseDeviceMgrStub::IsAdminEnabledInner read parcel fail");
225 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
226 return EdmReturnErrCode::PARAM_ERROR;
227 }
228 int32_t userId = data.ReadInt32();
229 bool ret = IsAdminEnabled(*admin, userId);
230 reply.WriteInt32(ERR_OK);
231 reply.WriteBool(ret);
232 return ERR_OK;
233 }
234
SetEnterpriseInfoInner(MessageParcel & data,MessageParcel & reply)235 ErrCode EnterpriseDeviceMgrStub::SetEnterpriseInfoInner(MessageParcel &data, MessageParcel &reply)
236 {
237 EDMLOGD("EnterpriseDeviceMgrStub:SetEnterpriseInfoInner");
238 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
239 if (!admin) {
240 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
241 return EdmReturnErrCode::PARAM_ERROR;
242 }
243 EntInfo entInfo;
244 if (!EntInfo::Unmarshalling(data, entInfo)) {
245 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
246 return EdmReturnErrCode::PARAM_ERROR;
247 }
248 ErrCode ret = SetEnterpriseInfo(*admin, entInfo);
249 reply.WriteInt32(ret);
250 return ERR_OK;
251 }
252
SubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply)253 ErrCode EnterpriseDeviceMgrStub::SubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply)
254 {
255 EDMLOGD("EnterpriseDeviceMgrStub:SubscribeManagedEventInner");
256 return SubscribeManagedEventInner(data, reply, true);
257 }
258
UnsubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply)259 ErrCode EnterpriseDeviceMgrStub::UnsubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply)
260 {
261 EDMLOGD("EnterpriseDeviceMgrStub:UnsubscribeManagedEventInner");
262 return SubscribeManagedEventInner(data, reply, false);
263 }
264
SubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply,bool subscribe)265 ErrCode EnterpriseDeviceMgrStub::SubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply, bool subscribe)
266 {
267 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
268 if (!admin) {
269 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
270 return EdmReturnErrCode::PARAM_ERROR;
271 }
272 std::vector<uint32_t> events;
273 data.ReadUInt32Vector(&events);
274 ErrCode code;
275 if (subscribe) {
276 code = SubscribeManagedEvent(*admin, events);
277 } else {
278 code = UnsubscribeManagedEvent(*admin, events);
279 }
280 reply.WriteInt32(code);
281 return code;
282 }
283
AuthorizeAdminInner(MessageParcel & data,MessageParcel & reply)284 ErrCode EnterpriseDeviceMgrStub::AuthorizeAdminInner(MessageParcel &data, MessageParcel &reply)
285 {
286 EDMLOGD("EnterpriseDeviceMgrStub:AuthorizeAdminInner.");
287 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
288 if (!admin) {
289 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
290 return EdmReturnErrCode::PARAM_ERROR;
291 }
292 std::string bundleName = data.ReadString();
293 ErrCode ret = AuthorizeAdmin(*admin, bundleName);
294 reply.WriteInt32(ret);
295 return ERR_OK;
296 }
297 } // namespace EDM
298 } // namespace OHOS