1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "admin_manager.h"
17
18 #include <algorithm>
19 #include <ctime>
20 #include <fstream>
21 #include <iostream>
22
23 #include "directory_ex.h"
24 #include "edm_constants.h"
25 #include "edm_log.h"
26
27 namespace OHOS {
28 namespace EDM {
29 std::shared_ptr<AdminManager> AdminManager::instance_;
30 std::mutex AdminManager::mutexLock_;
31
GetInstance()32 std::shared_ptr<AdminManager> AdminManager::GetInstance()
33 {
34 if (instance_ == nullptr) {
35 std::lock_guard<std::mutex> autoLock(mutexLock_);
36 if (instance_ == nullptr) {
37 instance_.reset(new (std::nothrow) AdminManager());
38 }
39 }
40 return instance_;
41 }
42
AdminManager()43 AdminManager::AdminManager()
44 {
45 EDMLOGI("AdminManager::AdminManager");
46 }
47
~AdminManager()48 AdminManager::~AdminManager()
49 {
50 EDMLOGI("AdminManager::~AdminManager");
51 admins_.clear();
52 }
53
GetAdminByUserId(int32_t userId,std::vector<std::shared_ptr<Admin>> & userAdmin)54 bool AdminManager::GetAdminByUserId(int32_t userId, std::vector<std::shared_ptr<Admin>> &userAdmin)
55 {
56 userAdmin.clear();
57 auto iter = admins_.find(userId);
58 if (iter == admins_.end()) {
59 EDMLOGW("GetAdminByUserId::get userId Admin failed. userId = %{public}d", userId);
60 return false;
61 }
62 userAdmin = iter->second;
63 return true;
64 }
65
GetAdminBySubscribeEvent(ManagedEvent event,std::unordered_map<int32_t,std::vector<std::shared_ptr<Admin>>> & subscribeAdmins)66 void AdminManager::GetAdminBySubscribeEvent(ManagedEvent event,
67 std::unordered_map<int32_t, std::vector<std::shared_ptr<Admin>>> &subscribeAdmins)
68 {
69 for (const auto &adminItem : admins_) {
70 std::vector<std::shared_ptr<Admin>> subAdmin;
71 for (const auto &it : adminItem.second) {
72 std::vector<ManagedEvent> events = it->adminInfo_.managedEvents_;
73 if (std::find(events.begin(), events.end(), event) != events.end()) {
74 subAdmin.push_back(it);
75 }
76 }
77 if (!subAdmin.empty()) {
78 subscribeAdmins[adminItem.first] = subAdmin;
79 }
80 }
81 }
82
SetAdminValue(int32_t userId,const Admin & adminItem)83 ErrCode AdminManager::SetAdminValue(int32_t userId, const Admin &adminItem)
84 {
85 std::shared_ptr<Admin> getAdmin = GetAdminByPkgName(adminItem.adminInfo_.packageName_, userId);
86 if (getAdmin != nullptr) {
87 return UpdateAdmin(getAdmin, userId, adminItem);
88 }
89 if (!AdminPoliciesStorageRdb::GetInstance()->InsertAdmin(userId, adminItem)) {
90 EDMLOGE("AdminManager::SetAdminValue insert failed.");
91 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
92 }
93 std::vector<std::shared_ptr<Admin>> admins;
94 GetAdminByUserId(userId, admins);
95 std::shared_ptr<Admin> admin = std::make_shared<Admin>(adminItem);
96 admins.emplace_back(admin);
97 admins_[userId] = admins;
98 return ERR_OK;
99 }
100
GetAdminByPkgName(const std::string & packageName,int32_t userId)101 std::shared_ptr<Admin> AdminManager::GetAdminByPkgName(const std::string &packageName, int32_t userId)
102 {
103 std::shared_ptr<Admin> subOrSuperAdmin;
104 if (userId != EdmConstants::DEFAULT_USER_ID &&
105 SUCCEEDED(GetSubOrSuperAdminByPkgName(packageName, subOrSuperAdmin))) {
106 EDMLOGD("GetAdminByPkgName::get sub-super or super admin: %{public}s", packageName.c_str());
107 return subOrSuperAdmin;
108 }
109 std::vector<std::shared_ptr<Admin>> userAdmin;
110 if (!GetAdminByUserId(userId, userAdmin)) {
111 EDMLOGW("GetAdminByPkgName::get userId Admin failed. userId = %{public}d", userId);
112 return nullptr;
113 }
114 for (const auto &item : userAdmin) {
115 if (item->adminInfo_.packageName_ == packageName) {
116 return item;
117 }
118 }
119 EDMLOGD("GetAdminByPkgName::get admin failed. admin size = %{public}u, packageName = %{public}s",
120 (uint32_t)userAdmin.size(), packageName.c_str());
121 return nullptr;
122 }
123
DeleteAdmin(const std::string & packageName,int32_t userId)124 ErrCode AdminManager::DeleteAdmin(const std::string &packageName, int32_t userId)
125 {
126 auto iterMap = admins_.find(userId);
127 if (iterMap == admins_.end()) {
128 EDMLOGW("DeleteAdmin::get userId Admin failed. userId = %{public}d", userId);
129 return ERR_EDM_UNKNOWN_ADMIN;
130 }
131 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
132 if (adminPoliciesStorageRdb == nullptr) {
133 EDMLOGE("AdminManager::DeleteAdmin get adminPoliciesStorageRdb failed.");
134 return ERR_GET_STORAGE_RDB_FAILED;
135 }
136 if (!adminPoliciesStorageRdb->DeleteAdmin(userId, packageName)) {
137 EDMLOGW("delete admin (%{public}s) failed!", packageName.c_str());
138 return ERR_EDM_DEL_ADMIN_FAILED;
139 }
140 auto iter = std::remove_if(iterMap->second.begin(), iterMap->second.end(),
141 [&](std::shared_ptr<Admin> admin) { return admin->adminInfo_.packageName_ == packageName; });
142 iterMap->second.erase(iter, iterMap->second.end());
143 if (iterMap->second.empty()) {
144 admins_.erase(iterMap);
145 }
146 return ERR_OK;
147 }
148
UpdateAdmin(std::shared_ptr<Admin> getAdmin,int32_t userId,const Admin & adminItem)149 ErrCode AdminManager::UpdateAdmin(std::shared_ptr<Admin> getAdmin, int32_t userId, const Admin &adminItem)
150 {
151 if (getAdmin == nullptr) {
152 EDMLOGW("UpdateAdmin::get null admin, never get here");
153 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
154 }
155 if (getAdmin->GetAdminType() != AdminType::NORMAL && getAdmin->GetAdminType() != adminItem.GetAdminType()) {
156 EDMLOGE("AdminManager::UpdateAdmin sub-super or delegated admin can not update to another type.");
157 return EdmReturnErrCode::ADMIN_EDM_PERMISSION_DENIED;
158 }
159 if (getAdmin->GetAdminType() == AdminType::NORMAL && adminItem.GetAdminType() != AdminType::NORMAL &&
160 adminItem.GetAdminType() != AdminType::ENT) {
161 EDMLOGE("AdminManager::UpdateAdmin normal admin can not update to sub-super admin or delegated admin.");
162 return EdmReturnErrCode::ADMIN_EDM_PERMISSION_DENIED;
163 }
164 if (!AdminPoliciesStorageRdb::GetInstance()->UpdateAdmin(userId, adminItem)) {
165 EDMLOGW("UpdateAdmin::update admin failed.");
166 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
167 }
168 getAdmin->adminInfo_.adminType_ = adminItem.adminInfo_.adminType_;
169 getAdmin->adminInfo_.entInfo_ = adminItem.adminInfo_.entInfo_;
170 getAdmin->adminInfo_.permission_ = adminItem.adminInfo_.permission_;
171 getAdmin->adminInfo_.accessiblePolicies_ = adminItem.adminInfo_.accessiblePolicies_;
172 return ERR_OK;
173 }
174
175 // success is returned as long as there is a super administrator
IsSuperAdminExist()176 bool AdminManager::IsSuperAdminExist()
177 {
178 std::vector<std::shared_ptr<Admin>> userAdmin;
179 bool ret = GetAdminByUserId(EdmConstants::DEFAULT_USER_ID, userAdmin);
180 if (!ret) {
181 EDMLOGD("IsSuperAdminExist::not find super Admin");
182 return false;
183 }
184 return std::any_of(userAdmin.begin(), userAdmin.end(),
185 [](const std::shared_ptr<Admin> &admin) { return admin->adminInfo_.adminType_ == AdminType::ENT; });
186 }
187
IsSuperAdmin(const std::string & bundleName)188 bool AdminManager::IsSuperAdmin(const std::string &bundleName)
189 {
190 std::shared_ptr<Admin> admin = GetAdminByPkgName(bundleName, EdmConstants::DEFAULT_USER_ID);
191 if (admin == nullptr) {
192 EDMLOGW("IsSuperAdmin: admin == nullptr.");
193 return false;
194 }
195 if (admin->adminInfo_.adminType_ == AdminType::ENT) {
196 EDMLOGW("IsSuperAdmin: admin->adminInfo_.adminType_ == AdminType::ENT.");
197 return true;
198 }
199 return false;
200 }
201
IsAdminExist()202 bool AdminManager::IsAdminExist()
203 {
204 return !admins_.empty();
205 }
206
IsSuperOrSubSuperAdmin(const std::string & bundleName)207 bool AdminManager::IsSuperOrSubSuperAdmin(const std::string &bundleName)
208 {
209 std::shared_ptr<Admin> superAdmin;
210 superAdmin = GetAdminByPkgName(bundleName, EdmConstants::DEFAULT_USER_ID);
211 if (superAdmin == nullptr) {
212 return false;
213 }
214 return superAdmin->adminInfo_.adminType_ == AdminType::ENT ||
215 superAdmin->adminInfo_.adminType_ == AdminType::SUB_SUPER_ADMIN;
216 }
217
218 /*
219 * There are different administrator types according to the input parameters.
220 * Returns a list of package names
221 */
GetEnabledAdmin(AdminType role,std::vector<std::string> & packageNameList,int32_t userId)222 void AdminManager::GetEnabledAdmin(AdminType role, std::vector<std::string> &packageNameList, int32_t userId)
223 {
224 packageNameList.clear();
225 std::vector<std::shared_ptr<Admin>> userAdmin;
226 bool ret = GetAdminByUserId(userId, userAdmin);
227 if (!ret) {
228 EDMLOGW("GetEnabledAdmin::not find enabled Admin. userId = %{public}d", userId);
229 return;
230 }
231 EDMLOGD("AdminManager:GetEnabledAdmin adminType: %{public}d , admin size: %{public}zu", role, userAdmin.size());
232 if (static_cast<int32_t>(role) >= static_cast<int32_t>(AdminType::UNKNOWN) ||
233 static_cast<int32_t>(role) < static_cast<int32_t>(AdminType::NORMAL)) {
234 EDMLOGD("there is no admin(%{public}u) device manager package name list!", role);
235 return;
236 }
237
238 for (const auto &item : userAdmin) {
239 if (item->adminInfo_.adminType_ == role) {
240 std::string adminName = item->adminInfo_.packageName_ + "/" + item->adminInfo_.className_;
241 packageNameList.push_back(adminName);
242 }
243 }
244 }
245
GetSubOrSuperAdminByPkgName(const std::string & subAdminName,std::shared_ptr<Admin> & subOrSuperAdmin)246 ErrCode AdminManager::GetSubOrSuperAdminByPkgName(const std::string &subAdminName,
247 std::shared_ptr<Admin> &subOrSuperAdmin)
248 {
249 std::vector<std::shared_ptr<Admin>> userAdmin;
250 if (!GetAdminByUserId(EdmConstants::DEFAULT_USER_ID, userAdmin)) {
251 EDMLOGW("GetSubOrSuperAdminByPkgName::not find Admin under default user id");
252 return ERR_EDM_SUPER_ADMIN_NOT_FOUND;
253 }
254 auto adminItem = std::find_if(userAdmin.begin(), userAdmin.end(), [&](const std::shared_ptr<Admin> &admin) {
255 return admin->adminInfo_.packageName_ == subAdminName && (admin->GetAdminType() == AdminType::ENT ||
256 admin->GetAdminType() == AdminType::SUB_SUPER_ADMIN || admin->GetAdminType() == AdminType::VIRTUAL_ADMIN);
257 });
258 if (adminItem == userAdmin.end()) {
259 EDMLOGW("GetSubOrSuperAdminByPkgName::not find sub-super admin or super Admin");
260 return ERR_EDM_SUPER_ADMIN_NOT_FOUND;
261 }
262 subOrSuperAdmin = *adminItem;
263 return ERR_OK;
264 }
265
GetSubSuperAdminsByParentName(const std::string & parentName,std::vector<std::string> & subAdmins)266 ErrCode AdminManager::GetSubSuperAdminsByParentName(const std::string &parentName, std::vector<std::string> &subAdmins)
267 {
268 if (subAdmins.size() > 0) {
269 subAdmins.clear();
270 }
271 std::vector<std::shared_ptr<Admin>> userAdmin;
272 if (!GetAdminByUserId(EdmConstants::DEFAULT_USER_ID, userAdmin)) {
273 EDMLOGE("GetSubSuperAdminsByParentName::not find Admin under default user id.");
274 return ERR_EDM_SUPER_ADMIN_NOT_FOUND;
275 }
276 for (const auto &admin : userAdmin) {
277 if ((admin->GetAdminType() == AdminType::SUB_SUPER_ADMIN ||
278 admin->GetAdminType() == AdminType::VIRTUAL_ADMIN) &&
279 admin->GetParentAdminName() == parentName) {
280 subAdmins.push_back(admin->adminInfo_.packageName_);
281 }
282 }
283 return ERR_OK;
284 }
285
GetEntInfo(const std::string & packageName,EntInfo & entInfo,int32_t userId)286 ErrCode AdminManager::GetEntInfo(const std::string &packageName, EntInfo &entInfo, int32_t userId)
287 {
288 std::vector<std::shared_ptr<Admin>> userAdmin;
289 bool ret = GetAdminByUserId(userId, userAdmin);
290 if (!ret) {
291 EDMLOGW("GetEntInfo::not find Admin. userId = %{public}d", userId);
292 return ERR_EDM_UNKNOWN_ADMIN;
293 }
294 for (const auto &item : userAdmin) {
295 if (item->adminInfo_.packageName_ == packageName) {
296 entInfo = item->adminInfo_.entInfo_;
297 return ERR_OK;
298 }
299 }
300 return ERR_EDM_UNKNOWN_ADMIN;
301 }
302
SetEntInfo(const std::string & packageName,EntInfo & entInfo,int32_t userId)303 ErrCode AdminManager::SetEntInfo(const std::string &packageName, EntInfo &entInfo, int32_t userId)
304 {
305 std::vector<std::shared_ptr<Admin>> userAdmin;
306 bool ret = GetAdminByUserId(userId, userAdmin);
307 if (!ret) {
308 EDMLOGW("SetEntInfo::not find Admin. userId = %{public}d", userId);
309 return ERR_EDM_UNKNOWN_ADMIN;
310 }
311 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
312 if (adminPoliciesStorageRdb == nullptr) {
313 EDMLOGE("AdminManager::SetEntInfo get adminPoliciesStorageRdb failed.");
314 return ERR_GET_STORAGE_RDB_FAILED;
315 }
316 for (auto &item : userAdmin) {
317 if (item->adminInfo_.packageName_ == packageName &&
318 adminPoliciesStorageRdb->UpdateEntInfo(userId, packageName, entInfo)) {
319 item->adminInfo_.entInfo_ = entInfo;
320 return ERR_OK;
321 }
322 }
323 return ERR_EDM_UNKNOWN_ADMIN;
324 }
325
SaveSubscribeEvents(const std::vector<uint32_t> & events,const std::string & bundleName,int32_t userId)326 ErrCode AdminManager::SaveSubscribeEvents(const std::vector<uint32_t> &events, const std::string &bundleName,
327 int32_t userId)
328 {
329 std::shared_ptr<Admin> admin = GetAdminByPkgName(bundleName, userId);
330 if (admin == nullptr) {
331 return ERR_EDM_UNKNOWN_ADMIN;
332 }
333 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
334 if (adminPoliciesStorageRdb == nullptr) {
335 EDMLOGE("AdminManager::SaveSubscribeEvents get adminPoliciesStorageRdb failed.");
336 return ERR_GET_STORAGE_RDB_FAILED;
337 }
338 std::vector<ManagedEvent> oldManagedEvents = admin->adminInfo_.managedEvents_;
339 size_t eventsNumber = admin->adminInfo_.managedEvents_.size();
340 for (const auto &event : events) {
341 std::vector<ManagedEvent> managedEvents = admin->adminInfo_.managedEvents_;
342 ManagedEvent subEvent = static_cast<ManagedEvent>(event);
343 if (std::find(managedEvents.begin(), managedEvents.end(), subEvent) == managedEvents.end()) {
344 admin->adminInfo_.managedEvents_.push_back(subEvent);
345 }
346 }
347 if (admin->adminInfo_.managedEvents_.size() > eventsNumber &&
348 !adminPoliciesStorageRdb->UpdateManagedEvents(userId, admin->adminInfo_.packageName_,
349 admin->adminInfo_.managedEvents_)) {
350 admin->adminInfo_.managedEvents_ = oldManagedEvents;
351 return ERR_EDM_UNKNOWN_ADMIN;
352 }
353 return ERR_OK;
354 }
355
RemoveSubscribeEvents(const std::vector<uint32_t> & events,const std::string & bundleName,int32_t userId)356 ErrCode AdminManager::RemoveSubscribeEvents(const std::vector<uint32_t> &events, const std::string &bundleName,
357 int32_t userId)
358 {
359 std::shared_ptr<Admin> admin = GetAdminByPkgName(bundleName, userId);
360 if (admin == nullptr) {
361 return ERR_EDM_UNKNOWN_ADMIN;
362 }
363 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
364 if (adminPoliciesStorageRdb == nullptr) {
365 EDMLOGE("AdminManager::RemoveSubscribeEvents get adminPoliciesStorageRdb failed.");
366 return ERR_GET_STORAGE_RDB_FAILED;
367 }
368
369 std::vector<ManagedEvent> oldManagedEvents = admin->adminInfo_.managedEvents_;
370 size_t eventsNumber = admin->adminInfo_.managedEvents_.size();
371 auto iter = std::remove_if(admin->adminInfo_.managedEvents_.begin(), admin->adminInfo_.managedEvents_.end(),
372 [&](ManagedEvent managedEvent) {
373 return std::find(events.begin(), events.end(), static_cast<uint32_t>(managedEvent)) != events.end();
374 });
375 admin->adminInfo_.managedEvents_.erase(iter, admin->adminInfo_.managedEvents_.end());
376
377 if (admin->adminInfo_.managedEvents_.size() < eventsNumber &&
378 !adminPoliciesStorageRdb->UpdateManagedEvents(userId, admin->adminInfo_.packageName_,
379 admin->adminInfo_.managedEvents_)) {
380 admin->adminInfo_.managedEvents_ = oldManagedEvents;
381 return ERR_EDM_UNKNOWN_ADMIN;
382 }
383 return ERR_OK;
384 }
385
GetPoliciesByVirtualAdmin(const std::string & bundleName,const std::string & parentName,std::vector<std::string> & policies)386 ErrCode AdminManager::GetPoliciesByVirtualAdmin(const std::string &bundleName, const std::string &parentName,
387 std::vector<std::string> &policies)
388 {
389 policies.clear();
390 std::shared_ptr<Admin> virtualAdmin = GetAdminByPkgName(bundleName, EdmConstants::DEFAULT_USER_ID);
391 if (virtualAdmin == nullptr) {
392 return EdmReturnErrCode::PARAM_ERROR;
393 }
394 if (virtualAdmin->GetAdminType() != AdminType::VIRTUAL_ADMIN || virtualAdmin->GetParentAdminName() != parentName) {
395 EDMLOGE("GetPoliciesByVirtualAdmin the administrator does not have permission to get delegated policies.");
396 return EdmReturnErrCode::ADMIN_EDM_PERMISSION_DENIED;
397 }
398 policies = virtualAdmin->adminInfo_.accessiblePolicies_;
399 return ERR_OK;
400 }
401
GetVirtualAdminsByPolicy(const std::string & policyName,const std::string & parentName,std::vector<std::string> & bundleNames)402 void AdminManager::GetVirtualAdminsByPolicy(const std::string &policyName, const std::string &parentName,
403 std::vector<std::string> &bundleNames)
404 {
405 bundleNames.clear();
406 std::vector<std::shared_ptr<Admin>> admins;
407 GetAdminByUserId(EdmConstants::DEFAULT_USER_ID, admins);
408 for (auto adminItem : admins) {
409 if (adminItem->GetAdminType() != AdminType::VIRTUAL_ADMIN || adminItem->GetParentAdminName() != parentName) {
410 continue;
411 }
412 auto policies = adminItem->adminInfo_.accessiblePolicies_;
413 if (std::find(policies.begin(), policies.end(), policyName) != policies.end()) {
414 bundleNames.emplace_back(adminItem->adminInfo_.packageName_);
415 }
416 }
417 }
418
HasPermissionToHandlePolicy(std::shared_ptr<Admin> admin,const std::string & policyName)419 bool AdminManager::HasPermissionToHandlePolicy(std::shared_ptr<Admin> admin, const std::string &policyName)
420 {
421 if (admin->GetAdminType() != AdminType::VIRTUAL_ADMIN) {
422 return true;
423 }
424 auto policies = admin->adminInfo_.accessiblePolicies_;
425 return std::find(policies.begin(), policies.end(), policyName) != policies.end();
426 }
427
GetSuperAdmin()428 std::shared_ptr<Admin> AdminManager::GetSuperAdmin()
429 {
430 if (admins_.find(EdmConstants::DEFAULT_USER_ID) != admins_.end()) {
431 auto item = std::find_if(admins_[EdmConstants::DEFAULT_USER_ID].begin(),
432 admins_[EdmConstants::DEFAULT_USER_ID].end(),
433 [&](const std::shared_ptr<Admin>& admin) { return admin->GetAdminType() == AdminType::ENT; });
434 if (item != admins_[EdmConstants::DEFAULT_USER_ID].end()) {
435 return *item;
436 }
437 }
438 return nullptr;
439 }
440
441 // init
Init()442 void AdminManager::Init()
443 {
444 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
445 if (adminPoliciesStorageRdb != nullptr) {
446 admins_ = adminPoliciesStorageRdb->QueryAllAdmin();
447 } else {
448 EDMLOGE("AdminManager::Init failed.");
449 }
450 }
451
Dump()452 void AdminManager::Dump()
453 {
454 for (const auto &entry : admins_) {
455 EDMLOGI("AdminManager::Dump %{public}d.", entry.first);
456 for (const auto &admin : entry.second) {
457 EDMLOGI("AdminManager::Dump admin info adminType_ %{public}d.",
458 admin->adminInfo_.adminType_);
459 EDMLOGI("AdminManager::Dump admin info packageName_ %{public}s.",
460 admin->adminInfo_.packageName_.c_str());
461 EDMLOGI("AdminManager::Dump admin info parentAdminName_ %{public}s.",
462 admin->adminInfo_.parentAdminName_.c_str());
463 }
464 }
465 }
466 } // namespace EDM
467 } // namespace OHOS
468