1 /*
2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "account_stub.h"
17
18 #include <dlfcn.h>
19 #include <ipc_types.h>
20 #include "accesstoken_kit.h"
21 #include "account_error_no.h"
22 #include "account_helper_data.h"
23 #include "account_info.h"
24 #include "account_info_parcel.h"
25 #include "account_log_wrapper.h"
26 #include "account_mgr_service.h"
27 #include "bundle_manager_adapter.h"
28 #include "account_hisysevent_adapter.h"
29 #include "if_system_ability_manager.h"
30 #include "ipc_skeleton.h"
31 #include "iservice_registry.h"
32 #include "memory_guard.h"
33 #include "ohos_account_kits.h"
34 #include "account_constants.h"
35 #ifdef HICOLLIE_ENABLE
36 #include "xcollie/xcollie.h"
37 #endif // HICOLLIE_ENABLE
38
39 namespace OHOS {
40 namespace AccountSA {
41 namespace {
42 const std::string OHOS_ACCOUNT_QUIT_TIPS_TITLE = "";
43 const std::string OHOS_ACCOUNT_QUIT_TIPS_CONTENT = "";
44 const std::string PERMISSION_MANAGE_USERS = "ohos.permission.MANAGE_LOCAL_ACCOUNTS";
45 const std::string PERMISSION_GET_LOCAL_ACCOUNTS = "ohos.permission.GET_LOCAL_ACCOUNTS";
46 const std::string PERMISSION_MANAGE_DISTRIBUTED_ACCOUNTS = "ohos.permission.MANAGE_DISTRIBUTED_ACCOUNTS";
47 const std::string PERMISSION_GET_DISTRIBUTED_ACCOUNTS = "ohos.permission.GET_DISTRIBUTED_ACCOUNTS";
48 const std::string PERMISSION_DISTRIBUTED_DATASYNC = "ohos.permission.DISTRIBUTED_DATASYNC";
49 const std::string INTERACT_ACROSS_LOCAL_ACCOUNTS = "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS";
50 #ifndef IS_RELEASE_VERSION
51 constexpr std::int32_t ROOT_UID = 0;
52 #endif
53 #ifdef HICOLLIE_ENABLE
54 constexpr std::int32_t RECOVERY_TIMEOUT = 6; // timeout 6s
55 #endif // HICOLLIE_ENABLE
56 constexpr std::int32_t INVALID_USERID = -1;
57 const std::set<std::int32_t> WHITE_LIST = {
58 3012, // DISTRIBUTED_KV_DATA_SA_UID
59 3019, // DLP_UID
60 3553, // DLP_CREDENTIAL_SA_UID
61 };
62 #ifdef USE_MUSL
63 constexpr std::int32_t DSOFTBUS_UID = 1024;
64 #else
65 constexpr std::int32_t DSOFTBUS_UID = 5533;
66 #endif
67 } // namespace
AccountStub()68 AccountStub::AccountStub()
69 {
70 stubFuncMap_[AccountMgrInterfaceCode::UPDATE_OHOS_ACCOUNT_INFO] =
71 [this] (MessageParcel &data, MessageParcel &reply) { return this->CmdUpdateOhosAccountInfo(data, reply); };
72 stubFuncMap_[AccountMgrInterfaceCode::SET_OHOS_ACCOUNT_INFO] =
73 [this] (MessageParcel &data, MessageParcel &reply) { return this->CmdSetOhosAccountInfo(data, reply); };
74 stubFuncMap_[AccountMgrInterfaceCode::SET_OHOS_ACCOUNT_INFO_BY_USER_ID] =
75 [this] (MessageParcel &data, MessageParcel &reply) { return this->CmdSetOhosAccountInfoByUserId(data, reply); };
76 stubFuncMap_[AccountMgrInterfaceCode::QUERY_OHOS_ACCOUNT_INFO] =
77 [this] (MessageParcel &data, MessageParcel &reply) { return this->CmdQueryOhosAccountInfo(data, reply); };
78 stubFuncMap_[AccountMgrInterfaceCode::QUERY_DISTRIBUTE_VIRTUAL_DEVICE_ID] =
79 [this] (MessageParcel &data, MessageParcel &reply) {
80 return this->CmdQueryDistributedVirtualDeviceId(data, reply);
81 };
82 stubFuncMap_[AccountMgrInterfaceCode::GET_OHOS_ACCOUNT_INFO] =
83 [this] (MessageParcel &data, MessageParcel &reply) { return this->CmdGetOhosAccountInfo(data, reply); };
84 stubFuncMap_[AccountMgrInterfaceCode::QUERY_OHOS_ACCOUNT_INFO_BY_USER_ID] =
85 [this] (MessageParcel &data, MessageParcel &reply) {
86 return this->CmdQueryOhosAccountInfoByUserId(data, reply);
87 };
88 stubFuncMap_[AccountMgrInterfaceCode::GET_OHOS_ACCOUNT_INFO_BY_USER_ID] =
89 [this] (MessageParcel &data, MessageParcel &reply) { return this->CmdGetOhosAccountInfoByUserId(data, reply); };
90 stubFuncMap_[AccountMgrInterfaceCode::QUERY_DEVICE_ACCOUNT_ID] =
91 [this] (MessageParcel &data, MessageParcel &reply) { return this->CmdQueryDeviceAccountId(data, reply); };
92 stubFuncMap_[AccountMgrInterfaceCode::SUBSCRIBE_DISTRIBUTED_ACCOUNT_EVENT] =
93 [this] (MessageParcel &data, MessageParcel &reply) {
94 return this->CmdSubscribeDistributedAccountEvent(data, reply);
95 };
96 stubFuncMap_[AccountMgrInterfaceCode::UNSUBSCRIBE_DISTRIBUTED_ACCOUNT_EVENT] =
97 [this] (MessageParcel &data, MessageParcel &reply) {
98 return this->CmdUnsubscribeDistributedAccountEvent(data, reply);
99 };
100 stubFuncMap_[AccountMgrInterfaceCode::GET_APP_ACCOUNT_SERVICE] =
101 [this] (MessageParcel &data, MessageParcel &reply) { return this->CmdGetAppAccountService(data, reply); };
102 stubFuncMap_[AccountMgrInterfaceCode::GET_OS_ACCOUNT_SERVICE] =
103 [this] (MessageParcel &data, MessageParcel &reply) { return this->CmdGetOsAccountService(data, reply); };
104 stubFuncMap_[AccountMgrInterfaceCode::GET_ACCOUNT_IAM_SERVICE] =
105 [this] (MessageParcel &data, MessageParcel &reply) { return this->CmdGetAccountIAMService(data, reply); };
106 stubFuncMap_[AccountMgrInterfaceCode::GET_DOMAIN_ACCOUNT_SERVICE] =
107 [this] (MessageParcel &data, MessageParcel &reply) { return this->CmdGetDomainAccountService(data, reply); };
108 }
109
InnerUpdateOhosAccountInfo(MessageParcel & data,MessageParcel & reply)110 std::int32_t AccountStub::InnerUpdateOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
111 {
112 // ignore the real account name
113 const std::string accountName = Str16ToStr8(data.ReadString16());
114 if (accountName.empty()) {
115 ACCOUNT_LOGE("empty account name!");
116 return ERR_ACCOUNT_ZIDL_ACCOUNT_STUB_ERROR;
117 }
118 const std::string uid = Str16ToStr8(data.ReadString16());
119 if (uid.empty()) {
120 ACCOUNT_LOGE("empty uid!");
121 return ERR_ACCOUNT_ZIDL_ACCOUNT_STUB_ERROR;
122 }
123 const std::string eventStr = Str16ToStr8(data.ReadString16());
124
125 std::int32_t ret = ERR_OK;
126 bool result = UpdateOhosAccountInfo(accountName, uid, eventStr);
127 if (!result) {
128 ACCOUNT_LOGE("Update ohos account info failed");
129 ret = ERR_ACCOUNT_ZIDL_ACCOUNT_STUB_ERROR;
130 }
131 if (!reply.WriteInt32(ret)) {
132 ACCOUNT_LOGE("Write result data failed");
133 ret = ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
134 }
135 return ret;
136 }
137
InnerSetOhosAccountInfo(int32_t userId,MessageParcel & data,MessageParcel & reply)138 std::int32_t AccountStub::InnerSetOhosAccountInfo(int32_t userId, MessageParcel &data, MessageParcel &reply)
139 {
140 OhosAccountInfo info;
141 std::int32_t ret = ReadOhosAccountInfo(data, info);
142 if (ret != ERR_OK) {
143 return ret;
144 }
145 if (!info.IsValid()) {
146 ACCOUNT_LOGE("Check OhosAccountInfo failed");
147 return ERR_ACCOUNT_COMMON_INVALID_PARAMETER;
148 }
149 // ignore the real account name
150 const std::string eventStr = Str16ToStr8(data.ReadString16());
151
152 if (userId == INVALID_USERID) {
153 userId = AccountMgrService::GetInstance().GetCallingUserID();
154 }
155 ret = SetOhosAccountInfoByUserId(userId, info, eventStr);
156 if (ret != ERR_OK) {
157 ACCOUNT_LOGE("Set ohos account info failed");
158 }
159 if (!reply.WriteInt32(ret)) {
160 ACCOUNT_LOGE("Write result data failed");
161 ret = ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
162 }
163 return ret;
164 }
165
CmdUpdateOhosAccountInfo(MessageParcel & data,MessageParcel & reply)166 std::int32_t AccountStub::CmdUpdateOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
167 {
168 if (!HasAccountRequestPermission(PERMISSION_MANAGE_USERS)) {
169 ACCOUNT_LOGE("Check permission failed");
170 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
171 }
172
173 return InnerUpdateOhosAccountInfo(data, reply);
174 }
175
CmdSetOhosAccountInfo(MessageParcel & data,MessageParcel & reply)176 std::int32_t AccountStub::CmdSetOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
177 {
178 if (!HasAccountRequestPermission(PERMISSION_MANAGE_DISTRIBUTED_ACCOUNTS)) {
179 ACCOUNT_LOGE("Check permission failed");
180 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
181 }
182
183 return InnerSetOhosAccountInfo(INVALID_USERID, data, reply);
184 }
185
CheckUserIdValid(const int32_t userId)186 static int32_t CheckUserIdValid(const int32_t userId)
187 {
188 if ((userId >= 0) && (userId < Constants::START_USER_ID)) {
189 ACCOUNT_LOGE("userId %{public}d is system reserved", userId);
190 return ERR_OSACCOUNT_SERVICE_MANAGER_ID_ERROR;
191 }
192 bool isOsAccountExist = false;
193 IInnerOsAccountManager::GetInstance().IsOsAccountExists(userId, isOsAccountExist);
194 if (!isOsAccountExist) {
195 ACCOUNT_LOGE("os account is not exist");
196 return ERR_ACCOUNT_COMMON_ACCOUNT_NOT_EXIST_ERROR;
197 }
198 return ERR_OK;
199 }
200
CmdSetOhosAccountInfoByUserId(MessageParcel & data,MessageParcel & reply)201 std::int32_t AccountStub::CmdSetOhosAccountInfoByUserId(MessageParcel &data, MessageParcel &reply)
202 {
203 std::int32_t ret = AccountPermissionManager::CheckSystemApp();
204 if (ret != ERR_OK) {
205 ACCOUNT_LOGE("the caller is not system application, ret = %{public}d.", ret);
206 return ret;
207 }
208 if (!HasAccountRequestPermission(PERMISSION_MANAGE_DISTRIBUTED_ACCOUNTS)) {
209 ACCOUNT_LOGE("Check permission failed");
210 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
211 }
212 int32_t userId = data.ReadInt32();
213 ret = CheckUserIdValid(userId);
214 if (ret != ERR_OK) {
215 ACCOUNT_LOGE("CheckUserIdValid failed, ret = %{public}d", ret);
216 return ret;
217 }
218 return InnerSetOhosAccountInfo(userId, data, reply);
219 }
220
InnerQueryDistributedVirtualDeviceId(MessageParcel & data,MessageParcel & reply)221 ErrCode AccountStub::InnerQueryDistributedVirtualDeviceId(MessageParcel &data, MessageParcel &reply)
222 {
223 std::string dvid = "";
224 ErrCode result = QueryDistributedVirtualDeviceId(dvid);
225 if (!reply.WriteInt32(result)) {
226 ACCOUNT_LOGE("Failed to write reply, result=%{public}d.", result);
227 return IPC_STUB_WRITE_PARCEL_ERR;
228 }
229 if (result != ERR_OK) {
230 ACCOUNT_LOGE("Failed to get dvid");
231 return result;
232 }
233 if (!reply.WriteString(dvid)) {
234 ACCOUNT_LOGE("Failed to write dvid");
235 return IPC_STUB_WRITE_PARCEL_ERR;
236 }
237 return result;
238 }
239
InnerQueryOhosAccountInfo(MessageParcel & data,MessageParcel & reply)240 std::int32_t AccountStub::InnerQueryOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
241 {
242 OhosAccountInfo info;
243 #ifdef HICOLLIE_ENABLE
244 int timerId = HiviewDFX::XCollie::GetInstance().SetTimer(
245 TIMER_NAME, RECOVERY_TIMEOUT, nullptr, nullptr, HiviewDFX::XCOLLIE_FLAG_RECOVERY);
246 #endif // HICOLLIE_ENABLE
247 ErrCode result = QueryOhosAccountInfo(info);
248 if (result != ERR_OK) {
249 ACCOUNT_LOGE("Query ohos account info failed");
250 #ifdef HICOLLIE_ENABLE
251 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
252 #endif // HICOLLIE_ENABLE
253 return result;
254 }
255
256 std::string name = info.name_;
257 std::string id = info.uid_;
258 if (!reply.WriteString16(Str8ToStr16(name))) {
259 ACCOUNT_LOGE("Write name data failed");
260 #ifdef HICOLLIE_ENABLE
261 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
262 #endif // HICOLLIE_ENABLE
263 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
264 }
265 if (!reply.WriteString16(Str8ToStr16(id))) {
266 ACCOUNT_LOGE("Write id data failed");
267 #ifdef HICOLLIE_ENABLE
268 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
269 #endif // HICOLLIE_ENABLE
270 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
271 }
272 if (!reply.WriteInt32(info.status_)) {
273 ACCOUNT_LOGE("Write status data failed");
274 #ifdef HICOLLIE_ENABLE
275 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
276 #endif // HICOLLIE_ENABLE
277 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
278 }
279 #ifdef HICOLLIE_ENABLE
280 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
281 #endif // HICOLLIE_ENABLE
282 return ERR_OK;
283 }
284
InnerGetOhosAccountInfo(MessageParcel & data,MessageParcel & reply)285 std::int32_t AccountStub::InnerGetOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
286 {
287 OhosAccountInfo ohosAccountInfo;
288 int ret = GetOhosAccountInfo(ohosAccountInfo);
289 ohosAccountInfo.SetRawUid("");
290 if (ret != ERR_OK) {
291 ACCOUNT_LOGE("Get ohos account info failed");
292 return ERR_ACCOUNT_ZIDL_ACCOUNT_STUB_ERROR;
293 }
294 if (!WriteOhosAccountInfo(reply, ohosAccountInfo)) {
295 ACCOUNT_LOGE("Write ohosAccountInfo failed!");
296 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
297 }
298 return ERR_OK;
299 }
300
CmdQueryDistributedVirtualDeviceId(MessageParcel & data,MessageParcel & reply)301 ErrCode AccountStub::CmdQueryDistributedVirtualDeviceId(MessageParcel &data, MessageParcel &reply)
302 {
303 if (!HasAccountRequestPermission(PERMISSION_MANAGE_USERS) &&
304 !HasAccountRequestPermission(PERMISSION_DISTRIBUTED_DATASYNC)) {
305 ACCOUNT_LOGE("Check permission failed");
306 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
307 }
308 return InnerQueryDistributedVirtualDeviceId(data, reply);
309 }
310
CmdQueryOhosAccountInfo(MessageParcel & data,MessageParcel & reply)311 std::int32_t AccountStub::CmdQueryOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
312 {
313 if (!HasAccountRequestPermission(PERMISSION_MANAGE_USERS) &&
314 !HasAccountRequestPermission(PERMISSION_DISTRIBUTED_DATASYNC) &&
315 !HasAccountRequestPermission(PERMISSION_GET_LOCAL_ACCOUNTS)) {
316 ACCOUNT_LOGE("Check permission failed");
317 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
318 }
319
320 return InnerQueryOhosAccountInfo(data, reply);
321 }
322
CmdGetOhosAccountInfo(MessageParcel & data,MessageParcel & reply)323 ErrCode AccountStub::CmdGetOhosAccountInfo(MessageParcel &data, MessageParcel &reply)
324 {
325 if (!HasAccountRequestPermission(PERMISSION_MANAGE_DISTRIBUTED_ACCOUNTS) &&
326 !HasAccountRequestPermission(PERMISSION_DISTRIBUTED_DATASYNC) &&
327 !HasAccountRequestPermission(PERMISSION_GET_DISTRIBUTED_ACCOUNTS)) {
328 ACCOUNT_LOGE("Check permission failed");
329 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
330 }
331
332 return InnerGetOhosAccountInfo(data, reply);
333 }
334
CmdGetOhosAccountInfoByUserId(MessageParcel & data,MessageParcel & reply)335 ErrCode AccountStub::CmdGetOhosAccountInfoByUserId(MessageParcel &data, MessageParcel &reply)
336 {
337 ErrCode errCode = AccountPermissionManager::CheckSystemApp();
338 if (errCode != ERR_OK) {
339 ACCOUNT_LOGE("the caller is not system application, errCode = %{public}d.", errCode);
340 return errCode;
341 }
342 if (!HasAccountRequestPermission(PERMISSION_MANAGE_DISTRIBUTED_ACCOUNTS) &&
343 !HasAccountRequestPermission(INTERACT_ACROSS_LOCAL_ACCOUNTS) &&
344 !HasAccountRequestPermission(PERMISSION_DISTRIBUTED_DATASYNC) &&
345 !HasAccountRequestPermission(PERMISSION_GET_DISTRIBUTED_ACCOUNTS)) {
346 ACCOUNT_LOGE("Check permission failed");
347 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
348 }
349 int32_t userId = data.ReadInt32();
350 bool isOsAccountExits = false;
351 errCode = IInnerOsAccountManager::GetInstance().IsOsAccountExists(userId, isOsAccountExits);
352 if (errCode != ERR_OK) {
353 ACCOUNT_LOGE("IsOsAccountExists failed errCode is %{public}d", errCode);
354 return errCode;
355 }
356 if (!isOsAccountExits) {
357 ACCOUNT_LOGE("os account is not exit");
358 return ERR_ACCOUNT_COMMON_ACCOUNT_NOT_EXIST_ERROR;
359 }
360 OhosAccountInfo ohosAccountInfo;
361 errCode = GetOhosAccountInfoByUserId(userId, ohosAccountInfo);
362 if (errCode != ERR_OK) {
363 ACCOUNT_LOGE("Get ohos account info failed");
364 return errCode;
365 }
366 int32_t uid = IPCSkeleton::GetCallingUid();
367 if (WHITE_LIST.find(uid) == WHITE_LIST.end()) {
368 ohosAccountInfo.SetRawUid("");
369 }
370 if (!WriteOhosAccountInfo(reply, ohosAccountInfo)) {
371 ACCOUNT_LOGE("Write ohosAccountInfo failed!");
372 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
373 }
374 return ERR_OK;
375 }
376
CmdQueryOhosAccountInfoByUserId(MessageParcel & data,MessageParcel & reply)377 std::int32_t AccountStub::CmdQueryOhosAccountInfoByUserId(MessageParcel &data, MessageParcel &reply)
378 {
379 if ((!HasAccountRequestPermission(PERMISSION_MANAGE_USERS)) &&
380 (!HasAccountRequestPermission(PERMISSION_DISTRIBUTED_DATASYNC)) &&
381 (IPCSkeleton::GetCallingUid() != DSOFTBUS_UID)) {
382 ACCOUNT_LOGE("Check permission failed");
383 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
384 }
385
386 std::int32_t userId = data.ReadInt32();
387 if (userId < 0) {
388 ACCOUNT_LOGE("negative userID %{public}d detected!", userId);
389 return ERR_ACCOUNT_ZIDL_ACCOUNT_STUB_USERID_ERROR;
390 }
391
392 OhosAccountInfo info;
393 ErrCode result = QueryOhosAccountInfoByUserId(userId, info);
394 if (result != ERR_OK) {
395 ACCOUNT_LOGE("Query ohos account info failed! userId %{public}d.", userId);
396 return result;
397 }
398
399 std::string name = info.name_;
400 std::string id = info.uid_;
401 if (!reply.WriteString16(Str8ToStr16(name))) {
402 ACCOUNT_LOGE("Write name data failed! userId %{public}d.", userId);
403 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
404 }
405 if (!reply.WriteString16(Str8ToStr16(id))) {
406 ACCOUNT_LOGE("Write id data failed! userId %{public}d.", userId);
407 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
408 }
409 if (!reply.WriteInt32(info.status_)) {
410 ACCOUNT_LOGE("Write status data failed! userId %{public}d.", userId);
411 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
412 }
413 return ERR_OK;
414 }
415
CmdQueryDeviceAccountId(MessageParcel & data,MessageParcel & reply)416 std::int32_t AccountStub::CmdQueryDeviceAccountId(MessageParcel &data, MessageParcel &reply)
417 {
418 std::int32_t id;
419 auto ret = QueryDeviceAccountId(id);
420 if (ret != ERR_OK) {
421 ACCOUNT_LOGE("QueryDevice AccountId failed: %{public}d", ret);
422 return ret;
423 }
424
425 if (!reply.WriteInt32(id)) {
426 ACCOUNT_LOGE("Write result data failed");
427 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
428 }
429 return ERR_OK;
430 }
431
CmdSubscribeDistributedAccountEvent(MessageParcel & data,MessageParcel & reply)432 std::int32_t AccountStub::CmdSubscribeDistributedAccountEvent(MessageParcel &data, MessageParcel &reply)
433 {
434 int32_t type;
435 if (!data.ReadInt32(type)) {
436 ACCOUNT_LOGE("Read type failed.");
437 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
438 }
439
440 sptr<IRemoteObject> eventListener = data.ReadRemoteObject();
441 if (eventListener == nullptr) {
442 ACCOUNT_LOGE("Read remote object for eventListener failed.");
443 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
444 }
445
446 ErrCode result = SubscribeDistributedAccountEvent(
447 static_cast<DISTRIBUTED_ACCOUNT_SUBSCRIBE_TYPE>(type), eventListener);
448 if (!reply.WriteInt32(result)) {
449 ACCOUNT_LOGE("Write reply failed, result=%{public}d.", result);
450 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
451 }
452
453 return ERR_OK;
454 }
455
CmdUnsubscribeDistributedAccountEvent(MessageParcel & data,MessageParcel & reply)456 std::int32_t AccountStub::CmdUnsubscribeDistributedAccountEvent(MessageParcel &data, MessageParcel &reply)
457 {
458 int32_t type;
459 if (!data.ReadInt32(type)) {
460 ACCOUNT_LOGE("Read type failed.");
461 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
462 }
463
464 sptr<IRemoteObject> eventListener = data.ReadRemoteObject();
465 if (eventListener == nullptr) {
466 ACCOUNT_LOGE("Read remote object for eventListener failed.");
467 return ERR_ACCOUNT_COMMON_READ_PARCEL_ERROR;
468 }
469
470 ErrCode result = UnsubscribeDistributedAccountEvent(
471 static_cast<DISTRIBUTED_ACCOUNT_SUBSCRIBE_TYPE>(type), eventListener);
472 if (!reply.WriteInt32(result)) {
473 ACCOUNT_LOGE("Write reply failed, result=%{public}d.", result);
474 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
475 }
476
477 return ERR_OK;
478 }
479
CmdGetAppAccountService(MessageParcel & data,MessageParcel & reply)480 std::int32_t AccountStub::CmdGetAppAccountService(MessageParcel &data, MessageParcel &reply)
481 {
482 auto remoteObject = GetAppAccountService();
483 if (!reply.WriteRemoteObject(remoteObject)) {
484 ACCOUNT_LOGE("Write result data failed");
485 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
486 }
487
488 return ERR_OK;
489 }
CmdGetOsAccountService(MessageParcel & data,MessageParcel & reply)490 std::int32_t AccountStub::CmdGetOsAccountService(MessageParcel &data, MessageParcel &reply)
491 {
492 auto remoteObject = GetOsAccountService();
493 if (!reply.WriteRemoteObject(remoteObject)) {
494 ACCOUNT_LOGE("Write result data failed");
495 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
496 }
497
498 return ERR_OK;
499 }
500
CmdGetAccountIAMService(MessageParcel & data,MessageParcel & reply)501 std::int32_t AccountStub::CmdGetAccountIAMService(MessageParcel &data, MessageParcel &reply)
502 {
503 auto remoteObject = GetAccountIAMService();
504 if (!reply.WriteRemoteObject(remoteObject)) {
505 ACCOUNT_LOGE("Write result data failed");
506 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
507 }
508
509 return ERR_OK;
510 }
511
CmdGetDomainAccountService(MessageParcel & data,MessageParcel & reply)512 std::int32_t AccountStub::CmdGetDomainAccountService(MessageParcel &data, MessageParcel &reply)
513 {
514 auto remoteObject = GetDomainAccountService();
515 if (!reply.WriteRemoteObject(remoteObject)) {
516 ACCOUNT_LOGE("failed to write remote object");
517 return ERR_ACCOUNT_COMMON_WRITE_PARCEL_ERROR;
518 }
519 return ERR_OK;
520 }
521
OnRemoteRequest(std::uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)522 std::int32_t AccountStub::OnRemoteRequest(
523 std::uint32_t code, MessageParcel &data, MessageParcel &reply, MessageOption &option)
524 {
525 ACCOUNT_LOGD("Received stub message: %{public}d, callingUid: %{public}d", code, IPCSkeleton::GetCallingUid());
526 MemoryGuard cacheGuard;
527 if (!IsServiceStarted()) {
528 ACCOUNT_LOGE("account mgr not ready");
529 return ERR_ACCOUNT_ZIDL_MGR_NOT_READY_ERROR;
530 }
531
532 if (data.ReadInterfaceToken() != GetDescriptor()) {
533 ACCOUNT_LOGE("check descriptor failed! code %{public}u.", code);
534 return ERR_ACCOUNT_COMMON_CHECK_DESCRIPTOR_ERROR;
535 }
536
537 #ifdef HICOLLIE_ENABLE
538 int timerId =
539 HiviewDFX::XCollie::GetInstance().SetTimer(TIMER_NAME, TIMEOUT, nullptr, nullptr, HiviewDFX::XCOLLIE_FLAG_LOG);
540 #endif // HICOLLIE_ENABLE
541
542 AccountMgrInterfaceCode interfaceCode = static_cast<AccountMgrInterfaceCode>(code);
543 const auto &itFunc = stubFuncMap_.find(interfaceCode);
544 if (itFunc == stubFuncMap_.end()) {
545 #ifdef HICOLLIE_ENABLE
546 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
547 #endif // HICOLLIE_ENABLE
548 ACCOUNT_LOGW("remote request unhandled: %{public}d", code);
549 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
550 }
551 int32_t ret = (itFunc->second)(data, reply);
552 #ifdef HICOLLIE_ENABLE
553 HiviewDFX::XCollie::GetInstance().CancelTimer(timerId);
554 #endif // HICOLLIE_ENABLE
555 return ret;
556 }
557
HasAccountRequestPermission(const std::string & permissionName)558 bool AccountStub::HasAccountRequestPermission(const std::string &permissionName)
559 {
560 std::int32_t uid = IPCSkeleton::GetCallingUid();
561 #ifndef IS_RELEASE_VERSION
562 // root check in none release version for test
563 if (uid == ROOT_UID) {
564 return true;
565 }
566 #endif
567
568 // check permission
569 Security::AccessToken::AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
570 if (Security::AccessToken::AccessTokenKit::VerifyAccessToken(callingTokenID, permissionName) ==
571 Security::AccessToken::TypePermissionState::PERMISSION_GRANTED) {
572 return true;
573 }
574
575 ReportPermissionFail(uid, IPCSkeleton::GetCallingRealPid(), permissionName);
576 ACCOUNT_LOGE("permission %{public}s denied!", permissionName.c_str());
577 return false;
578 }
579
CheckCallerForTrustList()580 bool AccountStub::CheckCallerForTrustList()
581 {
582 std::string bundleName;
583 std::int32_t uid = IPCSkeleton::GetCallingUid();
584 if (BundleManagerAdapter::GetInstance()->GetNameForUid(uid, bundleName) != ERR_OK) {
585 return false;
586 }
587
588 std::vector<std::string> trustList = AccountHelperData::GetBundleNameTrustList();
589 if (std::find(trustList.begin(), trustList.end(), bundleName) == trustList.end()) {
590 return false;
591 }
592
593 return true;
594 }
595 } // namespace AccountSA
596 } // namespace OHOS
597