1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "permission_manager.h"
17 #include "edm_log.h"
18
19 namespace OHOS {
20 namespace EDM {
PermissionManager()21 PermissionManager::PermissionManager() {}
22
~PermissionManager()23 PermissionManager::~PermissionManager()
24 {
25 permissions_.clear();
26 }
27
AddPermission(const std::string & permission,IPlugin::PermissionType permissionType)28 ErrCode PermissionManager::AddPermission(const std::string &permission, IPlugin::PermissionType permissionType)
29 {
30 if (permission.empty()) {
31 return ERR_OK;
32 }
33 if (static_cast<std::int32_t>(permissionType) <
34 static_cast<std::int32_t>(IPlugin::PermissionType::NORMAL_DEVICE_ADMIN) ||
35 static_cast<std::int32_t>(permissionType) >= static_cast<std::int32_t>(IPlugin::PermissionType::UNKNOWN)) {
36 EDMLOGE("AddPermission::unknow permission type");
37 return ERR_EDM_UNKNOWN_PERMISSION;
38 }
39 auto entry = permissions_.find(permission);
40 if (entry == permissions_.end()) {
41 permissions_.insert(std::make_pair(permission, PermissionTypeToAdminType(permissionType)));
42 EDMLOGI("AddPermission::insert permission : %{public}s permissionType : %{public}d",
43 permission.c_str(), static_cast<int32_t>(permissionType));
44 } else if (entry->second != PermissionTypeToAdminType(permissionType)) {
45 EDMLOGE("AddPermission::conflict permission type");
46 return ERR_EDM_DENY_PERMISSION;
47 } else {
48 EDMLOGI("AddPermission::same permission has been added : %{public}s", permission.c_str());
49 }
50 EDMLOGD("AddPermission::return ok");
51 return ERR_OK;
52 }
53
PermissionTypeToAdminType(IPlugin::PermissionType permissionType)54 AdminType PermissionManager::PermissionTypeToAdminType(IPlugin::PermissionType permissionType)
55 {
56 if (permissionType == IPlugin::PermissionType::BYOD_DEVICE_ADMIN) {
57 return AdminType::BYOD;
58 }
59 return static_cast<AdminType>(permissionType);
60 }
61
GetAdminGrantedPermission(const std::vector<std::string> & permissions,AdminType adminType,std::vector<std::string> & reqPermission)62 void PermissionManager::GetAdminGrantedPermission(const std::vector<std::string> &permissions, AdminType adminType,
63 std::vector<std::string> &reqPermission)
64 {
65 reqPermission.clear();
66 for (const auto &item : permissions) {
67 auto entry = permissions_.find(item);
68 if (entry == permissions_.end()) {
69 continue;
70 }
71 if (adminType == AdminType::NORMAL && (entry->second == AdminType::ENT || entry->second == AdminType::BYOD)) {
72 EDMLOGE("GetAdminGrantedPermission normal admin can not request super and byod admin permission.");
73 continue;
74 }
75 if (adminType == AdminType::BYOD && entry->second == AdminType::ENT) {
76 EDMLOGE("GetAdminGrantedPermission byod admin can not request super admin permission.");
77 continue;
78 }
79 if (adminType == AdminType::ENT && entry->second == AdminType::BYOD) {
80 EDMLOGE("GetAdminGrantedPermission super admin can not request byod admin permission.");
81 continue;
82 }
83 reqPermission.emplace_back(entry->first);
84 EDMLOGI("reqPermission.emplace_back:%{public}s:", entry->first.c_str());
85 }
86 }
87 } // namespace EDM
88 } // namespace OHOS
89