1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "enterprise_device_mgr_stub.h"
17
18 #include "admin.h"
19 #include "edm_constants.h"
20 #include "ent_info.h"
21 #include "string_ex.h"
22
23 using namespace OHOS::HiviewDFX;
24
25 namespace OHOS {
26 namespace EDM {
27 #ifdef EDM_SUPPORT_ALL_ENABLE
28 constexpr int32_t DEFAULT_USER_ID = 100;
29 constexpr int32_t WITHOUT_FUNCTION_CODE = -1;
30 #endif
EnterpriseDeviceMgrStub()31 EnterpriseDeviceMgrStub::EnterpriseDeviceMgrStub() : IRemoteStub(true)
32 {
33 InitSystemCodeList();
34 EDMLOGI("EnterpriseDeviceMgrStub()");
35 }
36
37 #ifdef EDM_SUPPORT_ALL_ENABLE
CallFuncByCode(uint32_t code,MessageParcel & data,MessageParcel & reply)38 ErrCode EnterpriseDeviceMgrStub::CallFuncByCode(uint32_t code, MessageParcel &data, MessageParcel &reply)
39 {
40 switch (code) {
41 case EdmInterfaceCode::ADD_DEVICE_ADMIN:
42 return EnableAdminInner(data, reply);
43 case EdmInterfaceCode::REMOVE_DEVICE_ADMIN:
44 return DisableAdminInner(data, reply);
45 case EdmInterfaceCode::REMOVE_SUPER_ADMIN:
46 return DisableSuperAdminInner(data, reply);
47 case EdmInterfaceCode::GET_ENABLED_ADMIN:
48 return GetEnabledAdminInner(data, reply);
49 case EdmInterfaceCode::GET_ENT_INFO:
50 return GetEnterpriseInfoInner(data, reply);
51 case EdmInterfaceCode::SET_ENT_INFO:
52 return SetEnterpriseInfoInner(data, reply);
53 case EdmInterfaceCode::IS_SUPER_ADMIN:
54 return IsSuperAdminInner(data, reply);
55 case EdmInterfaceCode::IS_ADMIN_ENABLED:
56 return IsAdminEnabledInner(data, reply);
57 case EdmInterfaceCode::SUBSCRIBE_MANAGED_EVENT:
58 return SubscribeManagedEventInner(data, reply);
59 case EdmInterfaceCode::UNSUBSCRIBE_MANAGED_EVENT:
60 return UnsubscribeManagedEventInner(data, reply);
61 case EdmInterfaceCode::AUTHORIZE_ADMIN:
62 return AuthorizeAdminInner(data, reply);
63 case EdmInterfaceCode::GET_SUPER_ADMIN_WANT_INFO:
64 return GetSuperAdminInner(data, reply);
65 case EdmInterfaceCode::SET_DELEGATED_POLICIES:
66 return SetDelegatedPoliciesInner(data, reply);
67 case EdmInterfaceCode::GET_DELEGATED_POLICIES:
68 return GetDelegatedPoliciesInner(data, reply);
69 case EdmInterfaceCode::GET_DELEGATED_BUNDLE_NAMES:
70 return GetDelegatedBundleNamesInner(data, reply);
71 case EdmInterfaceCode::GET_ADMINS:
72 return GetAdminsInner(data, reply);
73 default:
74 return WITHOUT_FUNCTION_CODE;
75 }
76 }
77 #endif
78
InitSystemCodeList()79 void EnterpriseDeviceMgrStub::InitSystemCodeList()
80 {
81 systemCodeList = {
82 EdmInterfaceCode::ADD_DEVICE_ADMIN,
83 EdmInterfaceCode::REMOVE_SUPER_ADMIN,
84 EdmInterfaceCode::GET_ENABLED_ADMIN,
85 EdmInterfaceCode::GET_ENT_INFO,
86 EdmInterfaceCode::SET_ENT_INFO,
87 EdmInterfaceCode::IS_SUPER_ADMIN,
88 EdmInterfaceCode::IS_ADMIN_ENABLED,
89 EdmInterfaceCode::AUTHORIZE_ADMIN,
90 EdmInterfaceCode::GET_SUPER_ADMIN_WANT_INFO,
91 EdmInterfaceCode::GET_ADMINS,
92 };
93 }
94
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)95 int32_t EnterpriseDeviceMgrStub::OnRemoteRequest(uint32_t code, MessageParcel &data, MessageParcel &reply,
96 MessageOption &option)
97 {
98 #ifdef EDM_SUPPORT_ALL_ENABLE
99 std::u16string descriptor = GetDescriptor();
100 std::u16string remoteDescriptor = data.ReadInterfaceToken();
101 EDMLOGI("EnterpriseDeviceMgrStub code %{public}u", code);
102 if (descriptor != remoteDescriptor) {
103 EDMLOGE("EnterpriseDeviceMgrStub code %{public}d client and service descriptors are inconsistent", code);
104 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
105 return ERR_OK;
106 }
107 if (SERVICE_FLAG(code)) {
108 if (std::find(systemCodeList.begin(), systemCodeList.end(), code) != systemCodeList.end() &&
109 !GetAccessTokenMgr()->IsSystemAppOrNative()) {
110 EDMLOGE("EnterpriseDeviceMgrStub not system app or native process");
111 reply.WriteInt32(EdmReturnErrCode::SYSTEM_API_DENIED);
112 return ERR_OK;
113 }
114 ErrCode ret = CallFuncByCode(code, data, reply);
115 if (ret != WITHOUT_FUNCTION_CODE) {
116 return ret;
117 }
118 }
119 if (POLICY_FLAG(code)) {
120 EDMLOGD("POLICY_FLAG(code:%{public}x)\n", code);
121 int32_t hasUserId;
122 int32_t userId = DEFAULT_USER_ID;
123 data.ReadInt32(hasUserId);
124 if (hasUserId == 1) {
125 data.ReadInt32(userId);
126 }
127 if (FUNC_TO_POLICY(code) == (std::uint32_t)EdmInterfaceCode::GET_ADMINPROVISION_INFO) {
128 return CheckAndGetAdminProvisionInfoInner(code, data, reply, userId);
129 }
130 if (FUNC_TO_OPERATE(code) == static_cast<int>(FuncOperateType::GET)) {
131 EDMLOGD("GetDevicePolicyInner");
132 return GetDevicePolicyInner(code, data, reply, userId);
133 } else {
134 EDMLOGD("HandleDevicePolicyInner");
135 return HandleDevicePolicyInner(code, data, reply, userId);
136 }
137 } else {
138 EDMLOGE("!POLICY_FLAG(code)");
139 }
140
141 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
142 #else
143 EDMLOGI("EnterpriseDeviceMgrStub edm unsupport.");
144 reply.WriteInt32(EdmReturnErrCode::INTERFACE_UNSUPPORTED);
145 return ERR_OK;
146 #endif
147 }
148
GetExternalManagerFactory()149 std::shared_ptr<IExternalManagerFactory> EnterpriseDeviceMgrStub::GetExternalManagerFactory()
150 {
151 return externalManagerFactory_;
152 }
153
GetAccessTokenMgr()154 std::shared_ptr<IEdmAccessTokenManager> EnterpriseDeviceMgrStub::GetAccessTokenMgr()
155 {
156 return GetExternalManagerFactory()->CreateAccessTokenManager();
157 }
158
EnableAdminInner(MessageParcel & data,MessageParcel & reply)159 ErrCode EnterpriseDeviceMgrStub::EnableAdminInner(MessageParcel &data, MessageParcel &reply)
160 {
161 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
162 if (!admin) {
163 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
164 return ERR_OK;
165 }
166 EDMLOGD("EnableAdminInner bundleName:: %{public}s : abilityName : %{public}s ", admin->GetBundleName().c_str(),
167 admin->GetAbilityName().c_str());
168 EntInfo entInfo;
169 if (!EntInfo::Unmarshalling(data, entInfo)) {
170 EDMLOGE("EnterpriseDeviceMgrStub::EnableAdminInner read parcel fail");
171 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
172 return ERR_OK;
173 }
174 int32_t type = data.ReadInt32();
175 int32_t userId = data.ReadInt32();
176 AdminType adminType = AdminType::UNKNOWN;
177 if (type != static_cast<int32_t>(AdminType::NORMAL) && type != static_cast<int32_t>(AdminType::ENT) &&
178 type != static_cast<int32_t>(AdminType::BYOD)) {
179 EDMLOGE("EnableAdminInner: admin type is invalid.");
180 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
181 return ERR_OK;
182 }
183 adminType = static_cast<AdminType>(type);
184 ErrCode retCode = EnableAdmin(*admin, entInfo, adminType, userId);
185 reply.WriteInt32(retCode);
186 return ERR_OK;
187 }
188
DisableAdminInner(MessageParcel & data,MessageParcel & reply)189 ErrCode EnterpriseDeviceMgrStub::DisableAdminInner(MessageParcel &data, MessageParcel &reply)
190 {
191 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
192 if (!admin) {
193 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
194 return ERR_OK;
195 }
196 int32_t userId = data.ReadInt32();
197 ErrCode retCode = DisableAdmin(*admin, userId);
198 reply.WriteInt32(retCode);
199 return ERR_OK;
200 }
201
DisableSuperAdminInner(MessageParcel & data,MessageParcel & reply)202 ErrCode EnterpriseDeviceMgrStub::DisableSuperAdminInner(MessageParcel &data, MessageParcel &reply)
203 {
204 std::string bundleName = data.ReadString();
205 EDMLOGD("DisableSuperAdminInner bundleName:: %{public}s :", bundleName.c_str());
206 ErrCode retCode = DisableSuperAdmin(bundleName);
207 reply.WriteInt32(retCode);
208 return retCode;
209 }
210
HandleDevicePolicyInner(uint32_t code,MessageParcel & data,MessageParcel & reply,int32_t userId)211 ErrCode EnterpriseDeviceMgrStub::HandleDevicePolicyInner(uint32_t code, MessageParcel &data, MessageParcel &reply,
212 int32_t userId)
213 {
214 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
215 if (!admin) {
216 EDMLOGW("HandleDevicePolicyInner: ReadParcelable failed");
217 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
218 return ERR_OK;
219 }
220 ErrCode errCode = HandleDevicePolicy(code, *admin, data, reply, userId);
221 reply.WriteInt32(errCode);
222 return ERR_OK;
223 }
224
GetDevicePolicyInner(uint32_t code,MessageParcel & data,MessageParcel & reply,int32_t userId)225 ErrCode EnterpriseDeviceMgrStub::GetDevicePolicyInner(uint32_t code, MessageParcel &data, MessageParcel &reply,
226 int32_t userId)
227 {
228 ErrCode errCode = GetDevicePolicy(code, data, reply, userId);
229 reply.WriteInt32(errCode);
230 return ERR_OK;
231 }
232
CheckAndGetAdminProvisionInfoInner(uint32_t code,MessageParcel & data,MessageParcel & reply,int32_t userId)233 ErrCode EnterpriseDeviceMgrStub::CheckAndGetAdminProvisionInfoInner(uint32_t code, MessageParcel &data,
234 MessageParcel &reply, int32_t userId)
235 {
236 ErrCode errCode = CheckAndGetAdminProvisionInfo(code, data, reply, userId);
237 reply.WriteInt32(errCode);
238 return ERR_OK;
239 }
240
GetEnabledAdminInner(MessageParcel & data,MessageParcel & reply)241 ErrCode EnterpriseDeviceMgrStub::GetEnabledAdminInner(MessageParcel &data, MessageParcel &reply)
242 {
243 EDMLOGD("EnterpriseDeviceMgrStub:GetEnabledAdmin");
244 int32_t type = static_cast<int32_t>(AdminType::UNKNOWN);
245 if (!data.ReadInt32(type)) {
246 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
247 EDMLOGE("EnterpriseDeviceMgrStub:GetEnabledAdminInner read type fail %{public}u", type);
248 return ERR_OK;
249 }
250 std::vector<std::string> enabledAdminList;
251 ErrCode res = GetEnabledAdmin((AdminType)type, enabledAdminList);
252 if (FAILED(res)) {
253 EDMLOGE("EnterpriseDeviceMgrStub:GetEnabledAdmin failed:%{public}d", res);
254 reply.WriteInt32(res);
255 return ERR_OK;
256 }
257 reply.WriteInt32(ERR_OK);
258 reply.WriteStringVector(enabledAdminList);
259 return ERR_OK;
260 }
261
GetEnterpriseInfoInner(MessageParcel & data,MessageParcel & reply)262 ErrCode EnterpriseDeviceMgrStub::GetEnterpriseInfoInner(MessageParcel &data, MessageParcel &reply)
263 {
264 EDMLOGD("EnterpriseDeviceMgrStub:GetEnterpriseInfoInner");
265 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
266 if (!admin) {
267 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
268 return ERR_OK;
269 }
270 EDMLOGD("GetEnterpriseInfoInner bundleName:: %{public}s : abilityName : %{public}s ",
271 admin->GetBundleName().c_str(), admin->GetAbilityName().c_str());
272
273 return GetEnterpriseInfo(*admin, reply);
274 }
275
IsSuperAdminInner(MessageParcel & data,MessageParcel & reply)276 ErrCode EnterpriseDeviceMgrStub::IsSuperAdminInner(MessageParcel &data, MessageParcel &reply)
277 {
278 EDMLOGD("EnterpriseDeviceMgrStub:IsSuperAdminInner");
279 std::string bundleName = data.ReadString();
280 EDMLOGD("IsSuperAdminInner bundleName:: %{public}s :", bundleName.c_str());
281 bool ret = IsSuperAdmin(bundleName);
282 reply.WriteInt32(ERR_OK);
283 reply.WriteBool(ret);
284 return ERR_OK;
285 }
286
IsAdminEnabledInner(MessageParcel & data,MessageParcel & reply)287 ErrCode EnterpriseDeviceMgrStub::IsAdminEnabledInner(MessageParcel &data, MessageParcel &reply)
288 {
289 EDMLOGD("EnterpriseDeviceMgrStub:IsAdminEnabled");
290 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
291 if (!admin) {
292 EDMLOGE("EnterpriseDeviceMgrStub::IsAdminEnabledInner read parcel fail");
293 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
294 return ERR_OK;
295 }
296 int32_t userId = data.ReadInt32();
297 bool ret = IsAdminEnabled(*admin, userId);
298 reply.WriteInt32(ERR_OK);
299 reply.WriteBool(ret);
300 return ERR_OK;
301 }
302
SetEnterpriseInfoInner(MessageParcel & data,MessageParcel & reply)303 ErrCode EnterpriseDeviceMgrStub::SetEnterpriseInfoInner(MessageParcel &data, MessageParcel &reply)
304 {
305 EDMLOGD("EnterpriseDeviceMgrStub:SetEnterpriseInfoInner");
306 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
307 if (!admin) {
308 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
309 return ERR_OK;
310 }
311 EntInfo entInfo;
312 if (!EntInfo::Unmarshalling(data, entInfo)) {
313 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
314 return ERR_OK;
315 }
316 ErrCode ret = SetEnterpriseInfo(*admin, entInfo);
317 reply.WriteInt32(ret);
318 return ERR_OK;
319 }
320
SubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply)321 ErrCode EnterpriseDeviceMgrStub::SubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply)
322 {
323 EDMLOGD("EnterpriseDeviceMgrStub:SubscribeManagedEventInner");
324 return SubscribeManagedEventInner(data, reply, true);
325 }
326
UnsubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply)327 ErrCode EnterpriseDeviceMgrStub::UnsubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply)
328 {
329 EDMLOGD("EnterpriseDeviceMgrStub:UnsubscribeManagedEventInner");
330 return SubscribeManagedEventInner(data, reply, false);
331 }
332
SubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply,bool subscribe)333 ErrCode EnterpriseDeviceMgrStub::SubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply, bool subscribe)
334 {
335 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
336 if (!admin) {
337 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
338 return ERR_OK;
339 }
340 std::vector<uint32_t> events;
341 data.ReadUInt32Vector(&events);
342 ErrCode code;
343 if (subscribe) {
344 code = SubscribeManagedEvent(*admin, events);
345 } else {
346 code = UnsubscribeManagedEvent(*admin, events);
347 }
348 reply.WriteInt32(code);
349 return ERR_OK;
350 }
351
AuthorizeAdminInner(MessageParcel & data,MessageParcel & reply)352 ErrCode EnterpriseDeviceMgrStub::AuthorizeAdminInner(MessageParcel &data, MessageParcel &reply)
353 {
354 EDMLOGD("EnterpriseDeviceMgrStub:AuthorizeAdminInner.");
355 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
356 if (!admin) {
357 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
358 return ERR_OK;
359 }
360 std::string bundleName = data.ReadString();
361 ErrCode ret = AuthorizeAdmin(*admin, bundleName);
362 reply.WriteInt32(ret);
363 return ERR_OK;
364 }
365
GetSuperAdminInner(MessageParcel & data,MessageParcel & reply)366 ErrCode EnterpriseDeviceMgrStub::GetSuperAdminInner(MessageParcel &data, MessageParcel &reply)
367 {
368 EDMLOGD("EnterpriseDeviceMgrStub:IsSuperAdminInner");
369 ErrCode ret = GetSuperAdmin(reply);
370 reply.WriteInt32(ERR_OK);
371 reply.WriteBool(ret);
372 return ERR_OK;
373 }
374
SetDelegatedPoliciesInner(MessageParcel & data,MessageParcel & reply)375 ErrCode EnterpriseDeviceMgrStub::SetDelegatedPoliciesInner(MessageParcel &data, MessageParcel &reply)
376 {
377 EDMLOGD("EnterpriseDeviceMgrStub:SetDelegatedPoliciesInner.");
378 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
379 if (!admin) {
380 return EdmReturnErrCode::PARAM_ERROR;
381 }
382 std::string bundleName = data.ReadString();
383 std::vector<std::string> policies;
384 data.ReadStringVector(&policies);
385 if (policies.size() > EdmConstants::POLICIES_MAX_SIZE) {
386 return EdmReturnErrCode::PARAM_ERROR;
387 }
388 return SetDelegatedPolicies(admin->GetBundleName(), bundleName, policies);
389 }
390
GetDelegatedPoliciesInner(MessageParcel & data,MessageParcel & reply)391 ErrCode EnterpriseDeviceMgrStub::GetDelegatedPoliciesInner(MessageParcel &data, MessageParcel &reply)
392 {
393 EDMLOGD("EnterpriseDeviceMgrStub:GetDelegatedPoliciesInner.");
394 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
395 if (!admin) {
396 return EdmReturnErrCode::PARAM_ERROR;
397 }
398 std::string bundleName = data.ReadString();
399 std::vector<std::string> policies;
400 ErrCode ret = GetDelegatedPolicies(admin->GetBundleName(), bundleName, policies);
401 if (FAILED(ret)) {
402 return ret;
403 }
404 reply.WriteUint32(policies.size());
405 reply.WriteStringVector(policies);
406 return ERR_OK;
407 }
408
GetDelegatedBundleNamesInner(MessageParcel & data,MessageParcel & reply)409 ErrCode EnterpriseDeviceMgrStub::GetDelegatedBundleNamesInner(MessageParcel &data, MessageParcel &reply)
410 {
411 EDMLOGD("EnterpriseDeviceMgrStub:GetDelegatedBundleNamesInner.");
412 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
413 if (!admin) {
414 return EdmReturnErrCode::PARAM_ERROR;
415 }
416 std::string policyName = data.ReadString();
417 std::vector<std::string> bundleNames;
418 ErrCode ret = GetDelegatedBundleNames(admin->GetBundleName(), policyName, bundleNames);
419 if (FAILED(ret)) {
420 return ret;
421 }
422 reply.WriteUint32(bundleNames.size());
423 reply.WriteStringVector(bundleNames);
424 return ERR_OK;
425 }
426
GetAdminsInner(MessageParcel & data,MessageParcel & reply)427 ErrCode EnterpriseDeviceMgrStub::GetAdminsInner(MessageParcel &data, MessageParcel &reply)
428 {
429 EDMLOGD("EnterpriseDeviceMgrStub:GetAdminsInner");
430 std::string bundleName = data.ReadString();
431 EDMLOGD("GetAdminsInner bundleName:: %{public}s :", bundleName.c_str());
432 std::vector<std::shared_ptr<AAFwk::Want>> wants;
433 ErrCode ret = GetAdmins(wants);
434 if (FAILED(ret)) {
435 return ret;
436 }
437 reply.WriteInt32(ERR_OK);
438 reply.WriteUint32(wants.size());
439 for (std::shared_ptr<AAFwk::Want> want : wants) {
440 reply.WriteParcelable(want.get());
441 }
442 return ERR_OK;
443 }
444 } // namespace EDM
445 } // namespace OHOS