1 /*
2  * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "permission_manager.h"
17 #include "edm_log.h"
18 
19 namespace OHOS {
20 namespace EDM {
PermissionManager()21 PermissionManager::PermissionManager() {}
22 
~PermissionManager()23 PermissionManager::~PermissionManager()
24 {
25     permissions_.clear();
26 }
27 
AddPermission(const std::string & permission,IPlugin::PermissionType permissionType)28 ErrCode PermissionManager::AddPermission(const std::string &permission, IPlugin::PermissionType permissionType)
29 {
30     if (permission.empty()) {
31         return ERR_OK;
32     }
33     if (static_cast<std::int32_t>(permissionType) <
34         static_cast<std::int32_t>(IPlugin::PermissionType::NORMAL_DEVICE_ADMIN) ||
35         static_cast<std::int32_t>(permissionType) >= static_cast<std::int32_t>(IPlugin::PermissionType::UNKNOWN)) {
36         EDMLOGE("AddPermission::unknow permission type");
37         return ERR_EDM_UNKNOWN_PERMISSION;
38     }
39     auto entry = permissions_.find(permission);
40     if (entry == permissions_.end()) {
41         permissions_.insert(std::make_pair(permission, static_cast<AdminType>(permissionType)));
42         EDMLOGI("AddPermission::insert permission : %{public}s permissionType : %{public}d",
43             permission.c_str(), static_cast<int32_t>(permissionType));
44     } else if (entry->second != static_cast<AdminType>(permissionType)) {
45         EDMLOGE("AddPermission::conflict permission type");
46         return ERR_EDM_DENY_PERMISSION;
47     } else {
48         EDMLOGI("AddPermission::same permission has been added : %{public}s", permission.c_str());
49     }
50     EDMLOGD("AddPermission::return ok");
51     return ERR_OK;
52 }
53 
GetAdminGrantedPermission(const std::vector<std::string> & permissions,AdminType adminType,std::vector<std::string> & reqPermission)54 void PermissionManager::GetAdminGrantedPermission(const std::vector<std::string> &permissions, AdminType adminType,
55     std::vector<std::string> &reqPermission)
56 {
57     reqPermission.clear();
58     for (const auto &item : permissions) {
59         auto entry = permissions_.find(item);
60         if (entry == permissions_.end()) {
61             continue;
62         }
63         if (adminType == AdminType::NORMAL && entry->second == AdminType::ENT) {
64             EDMLOGE("GetAdminGrantedPermission normal admin can request super admin permission.");
65             continue;
66         }
67         reqPermission.emplace_back(entry->first);
68     }
69 }
70 } // namespace EDM
71 } // namespace OHOS
72