1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "enterprise_device_mgr_stub.h"
17
18 #include "admin.h"
19 #include "edm_constants.h"
20 #include "ent_info.h"
21 #include "string_ex.h"
22
23 using namespace OHOS::HiviewDFX;
24
25 namespace OHOS {
26 namespace EDM {
27 #ifdef EDM_SUPPORT_ALL_ENABLE
28 constexpr int32_t DEFAULT_USER_ID = 100;
29 constexpr int32_t WITHOUT_FUNCTION_CODE = -1;
30 #endif
EnterpriseDeviceMgrStub()31 EnterpriseDeviceMgrStub::EnterpriseDeviceMgrStub() : IRemoteStub(true)
32 {
33 InitSystemCodeList();
34 EDMLOGI("EnterpriseDeviceMgrStub()");
35 }
36
37 #ifdef EDM_SUPPORT_ALL_ENABLE
CallFuncByCode(uint32_t code,MessageParcel & data,MessageParcel & reply)38 ErrCode EnterpriseDeviceMgrStub::CallFuncByCode(uint32_t code, MessageParcel &data, MessageParcel &reply)
39 {
40 switch (code) {
41 case EdmInterfaceCode::ADD_DEVICE_ADMIN:
42 return EnableAdminInner(data, reply);
43 case EdmInterfaceCode::REMOVE_DEVICE_ADMIN:
44 return DisableAdminInner(data, reply);
45 case EdmInterfaceCode::REMOVE_SUPER_ADMIN:
46 return DisableSuperAdminInner(data, reply);
47 case EdmInterfaceCode::GET_ENABLED_ADMIN:
48 return GetEnabledAdminInner(data, reply);
49 case EdmInterfaceCode::GET_ENT_INFO:
50 return GetEnterpriseInfoInner(data, reply);
51 case EdmInterfaceCode::SET_ENT_INFO:
52 return SetEnterpriseInfoInner(data, reply);
53 case EdmInterfaceCode::IS_SUPER_ADMIN:
54 return IsSuperAdminInner(data, reply);
55 case EdmInterfaceCode::IS_ADMIN_ENABLED:
56 return IsAdminEnabledInner(data, reply);
57 case EdmInterfaceCode::SUBSCRIBE_MANAGED_EVENT:
58 return SubscribeManagedEventInner(data, reply);
59 case EdmInterfaceCode::UNSUBSCRIBE_MANAGED_EVENT:
60 return UnsubscribeManagedEventInner(data, reply);
61 case EdmInterfaceCode::AUTHORIZE_ADMIN:
62 return AuthorizeAdminInner(data, reply);
63 case EdmInterfaceCode::GET_SUPER_ADMIN_WANT_INFO:
64 return GetSuperAdminInner(data, reply);
65 case EdmInterfaceCode::SET_DELEGATED_POLICIES:
66 return SetDelegatedPoliciesInner(data, reply);
67 case EdmInterfaceCode::GET_DELEGATED_POLICIES:
68 return GetDelegatedPoliciesInner(data, reply);
69 case EdmInterfaceCode::GET_DELEGATED_BUNDLE_NAMES:
70 return GetDelegatedBundleNamesInner(data, reply);
71 default:
72 return WITHOUT_FUNCTION_CODE;
73 }
74 }
75 #endif
76
InitSystemCodeList()77 void EnterpriseDeviceMgrStub::InitSystemCodeList()
78 {
79 systemCodeList = {
80 EdmInterfaceCode::ADD_DEVICE_ADMIN,
81 EdmInterfaceCode::REMOVE_SUPER_ADMIN,
82 EdmInterfaceCode::GET_ENABLED_ADMIN,
83 EdmInterfaceCode::GET_ENT_INFO,
84 EdmInterfaceCode::SET_ENT_INFO,
85 EdmInterfaceCode::IS_SUPER_ADMIN,
86 EdmInterfaceCode::IS_ADMIN_ENABLED,
87 EdmInterfaceCode::AUTHORIZE_ADMIN,
88 EdmInterfaceCode::GET_SUPER_ADMIN_WANT_INFO,
89 };
90 }
91
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)92 int32_t EnterpriseDeviceMgrStub::OnRemoteRequest(uint32_t code, MessageParcel &data, MessageParcel &reply,
93 MessageOption &option)
94 {
95 #ifdef EDM_SUPPORT_ALL_ENABLE
96 std::u16string descriptor = GetDescriptor();
97 std::u16string remoteDescriptor = data.ReadInterfaceToken();
98 EDMLOGI("EnterpriseDeviceMgrStub code %{public}u", code);
99 if (descriptor != remoteDescriptor) {
100 EDMLOGE("EnterpriseDeviceMgrStub code %{public}d client and service descriptors are inconsistent", code);
101 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
102 return ERR_OK;
103 }
104 if (SERVICE_FLAG(code)) {
105 if (std::find(systemCodeList.begin(), systemCodeList.end(), code) != systemCodeList.end() &&
106 !GetAccessTokenMgr()->IsSystemAppOrNative()) {
107 EDMLOGE("EnterpriseDeviceMgrStub not system app or native process");
108 reply.WriteInt32(EdmReturnErrCode::SYSTEM_API_DENIED);
109 return ERR_OK;
110 }
111 ErrCode ret = CallFuncByCode(code, data, reply);
112 if (ret != WITHOUT_FUNCTION_CODE) {
113 return ret;
114 }
115 }
116 if (POLICY_FLAG(code)) {
117 EDMLOGD("POLICY_FLAG(code:%{public}x)\n", code);
118 int32_t hasUserId;
119 int32_t userId = DEFAULT_USER_ID;
120 data.ReadInt32(hasUserId);
121 if (hasUserId == 1) {
122 data.ReadInt32(userId);
123 }
124 if (FUNC_TO_OPERATE(code) == static_cast<int>(FuncOperateType::GET)) {
125 EDMLOGD("GetDevicePolicyInner");
126 return GetDevicePolicyInner(code, data, reply, userId);
127 } else {
128 EDMLOGD("HandleDevicePolicyInner");
129 return HandleDevicePolicyInner(code, data, reply, userId);
130 }
131 } else {
132 EDMLOGE("!POLICY_FLAG(code)");
133 }
134
135 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
136 #else
137 EDMLOGI("EnterpriseDeviceMgrStub edm unsupport.");
138 reply.WriteInt32(EdmReturnErrCode::INTERFACE_UNSUPPORTED);
139 return ERR_OK;
140 #endif
141 }
142
GetExternalManagerFactory()143 std::shared_ptr<IExternalManagerFactory> EnterpriseDeviceMgrStub::GetExternalManagerFactory()
144 {
145 return externalManagerFactory_;
146 }
147
GetAccessTokenMgr()148 std::shared_ptr<IEdmAccessTokenManager> EnterpriseDeviceMgrStub::GetAccessTokenMgr()
149 {
150 return GetExternalManagerFactory()->CreateAccessTokenManager();
151 }
152
EnableAdminInner(MessageParcel & data,MessageParcel & reply)153 ErrCode EnterpriseDeviceMgrStub::EnableAdminInner(MessageParcel &data, MessageParcel &reply)
154 {
155 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
156 if (!admin) {
157 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
158 return ERR_OK;
159 }
160 EDMLOGD("EnableAdminInner bundleName:: %{public}s : abilityName : %{public}s ", admin->GetBundleName().c_str(),
161 admin->GetAbilityName().c_str());
162 EntInfo entInfo;
163 if (!EntInfo::Unmarshalling(data, entInfo)) {
164 EDMLOGE("EnterpriseDeviceMgrStub::EnableAdminInner read parcel fail");
165 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
166 return ERR_OK;
167 }
168 int32_t type = data.ReadInt32();
169 int32_t userId = data.ReadInt32();
170 AdminType adminType = AdminType::UNKNOWN;
171 if (type != static_cast<int32_t>(AdminType::NORMAL) && type != static_cast<int32_t>(AdminType::ENT)) {
172 EDMLOGE("EnableAdminInner: admin type is invalid.");
173 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
174 return ERR_OK;
175 }
176 adminType = static_cast<AdminType>(type);
177 ErrCode retCode = EnableAdmin(*admin, entInfo, adminType, userId);
178 reply.WriteInt32(retCode);
179 return ERR_OK;
180 }
181
DisableAdminInner(MessageParcel & data,MessageParcel & reply)182 ErrCode EnterpriseDeviceMgrStub::DisableAdminInner(MessageParcel &data, MessageParcel &reply)
183 {
184 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
185 if (!admin) {
186 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
187 return ERR_OK;
188 }
189 int32_t userId = data.ReadInt32();
190 ErrCode retCode = DisableAdmin(*admin, userId);
191 reply.WriteInt32(retCode);
192 return ERR_OK;
193 }
194
DisableSuperAdminInner(MessageParcel & data,MessageParcel & reply)195 ErrCode EnterpriseDeviceMgrStub::DisableSuperAdminInner(MessageParcel &data, MessageParcel &reply)
196 {
197 std::string bundleName = data.ReadString();
198 EDMLOGD("DisableSuperAdminInner bundleName:: %{public}s :", bundleName.c_str());
199 ErrCode retCode = DisableSuperAdmin(bundleName);
200 reply.WriteInt32(retCode);
201 return retCode;
202 }
203
HandleDevicePolicyInner(uint32_t code,MessageParcel & data,MessageParcel & reply,int32_t userId)204 ErrCode EnterpriseDeviceMgrStub::HandleDevicePolicyInner(uint32_t code, MessageParcel &data, MessageParcel &reply,
205 int32_t userId)
206 {
207 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
208 if (!admin) {
209 EDMLOGW("HandleDevicePolicyInner: ReadParcelable failed");
210 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
211 return ERR_OK;
212 }
213 ErrCode errCode = HandleDevicePolicy(code, *admin, data, reply, userId);
214 reply.WriteInt32(errCode);
215 return ERR_OK;
216 }
217
GetDevicePolicyInner(uint32_t code,MessageParcel & data,MessageParcel & reply,int32_t userId)218 ErrCode EnterpriseDeviceMgrStub::GetDevicePolicyInner(uint32_t code, MessageParcel &data, MessageParcel &reply,
219 int32_t userId)
220 {
221 ErrCode errCode = GetDevicePolicy(code, data, reply, userId);
222 reply.WriteInt32(errCode);
223 return ERR_OK;
224 }
225
GetEnabledAdminInner(MessageParcel & data,MessageParcel & reply)226 ErrCode EnterpriseDeviceMgrStub::GetEnabledAdminInner(MessageParcel &data, MessageParcel &reply)
227 {
228 EDMLOGD("EnterpriseDeviceMgrStub:GetEnabledAdmin");
229 int32_t type = static_cast<int32_t>(AdminType::UNKNOWN);
230 if (!data.ReadInt32(type)) {
231 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
232 EDMLOGE("EnterpriseDeviceMgrStub:GetEnabledAdminInner read type fail %{public}u", type);
233 return ERR_OK;
234 }
235 std::vector<std::string> enabledAdminList;
236 ErrCode res = GetEnabledAdmin((AdminType)type, enabledAdminList);
237 if (FAILED(res)) {
238 EDMLOGE("EnterpriseDeviceMgrStub:GetEnabledAdmin failed:%{public}d", res);
239 reply.WriteInt32(res);
240 return ERR_OK;
241 }
242 reply.WriteInt32(ERR_OK);
243 reply.WriteStringVector(enabledAdminList);
244 return ERR_OK;
245 }
246
GetEnterpriseInfoInner(MessageParcel & data,MessageParcel & reply)247 ErrCode EnterpriseDeviceMgrStub::GetEnterpriseInfoInner(MessageParcel &data, MessageParcel &reply)
248 {
249 EDMLOGD("EnterpriseDeviceMgrStub:GetEnterpriseInfoInner");
250 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
251 if (!admin) {
252 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
253 return ERR_OK;
254 }
255 EDMLOGD("GetEnterpriseInfoInner bundleName:: %{public}s : abilityName : %{public}s ",
256 admin->GetBundleName().c_str(), admin->GetAbilityName().c_str());
257
258 return GetEnterpriseInfo(*admin, reply);
259 }
260
IsSuperAdminInner(MessageParcel & data,MessageParcel & reply)261 ErrCode EnterpriseDeviceMgrStub::IsSuperAdminInner(MessageParcel &data, MessageParcel &reply)
262 {
263 EDMLOGD("EnterpriseDeviceMgrStub:IsSuperAdminInner");
264 std::string bundleName = data.ReadString();
265 EDMLOGD("IsSuperAdminInner bundleName:: %{public}s :", bundleName.c_str());
266 bool ret = IsSuperAdmin(bundleName);
267 reply.WriteInt32(ERR_OK);
268 reply.WriteBool(ret);
269 return ERR_OK;
270 }
271
IsAdminEnabledInner(MessageParcel & data,MessageParcel & reply)272 ErrCode EnterpriseDeviceMgrStub::IsAdminEnabledInner(MessageParcel &data, MessageParcel &reply)
273 {
274 EDMLOGD("EnterpriseDeviceMgrStub:IsAdminEnabled");
275 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
276 if (!admin) {
277 EDMLOGE("EnterpriseDeviceMgrStub::IsAdminEnabledInner read parcel fail");
278 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
279 return ERR_OK;
280 }
281 int32_t userId = data.ReadInt32();
282 bool ret = IsAdminEnabled(*admin, userId);
283 reply.WriteInt32(ERR_OK);
284 reply.WriteBool(ret);
285 return ERR_OK;
286 }
287
SetEnterpriseInfoInner(MessageParcel & data,MessageParcel & reply)288 ErrCode EnterpriseDeviceMgrStub::SetEnterpriseInfoInner(MessageParcel &data, MessageParcel &reply)
289 {
290 EDMLOGD("EnterpriseDeviceMgrStub:SetEnterpriseInfoInner");
291 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
292 if (!admin) {
293 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
294 return ERR_OK;
295 }
296 EntInfo entInfo;
297 if (!EntInfo::Unmarshalling(data, entInfo)) {
298 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
299 return ERR_OK;
300 }
301 ErrCode ret = SetEnterpriseInfo(*admin, entInfo);
302 reply.WriteInt32(ret);
303 return ERR_OK;
304 }
305
SubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply)306 ErrCode EnterpriseDeviceMgrStub::SubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply)
307 {
308 EDMLOGD("EnterpriseDeviceMgrStub:SubscribeManagedEventInner");
309 return SubscribeManagedEventInner(data, reply, true);
310 }
311
UnsubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply)312 ErrCode EnterpriseDeviceMgrStub::UnsubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply)
313 {
314 EDMLOGD("EnterpriseDeviceMgrStub:UnsubscribeManagedEventInner");
315 return SubscribeManagedEventInner(data, reply, false);
316 }
317
SubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply,bool subscribe)318 ErrCode EnterpriseDeviceMgrStub::SubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply, bool subscribe)
319 {
320 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
321 if (!admin) {
322 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
323 return ERR_OK;
324 }
325 std::vector<uint32_t> events;
326 data.ReadUInt32Vector(&events);
327 ErrCode code;
328 if (subscribe) {
329 code = SubscribeManagedEvent(*admin, events);
330 } else {
331 code = UnsubscribeManagedEvent(*admin, events);
332 }
333 reply.WriteInt32(code);
334 return ERR_OK;
335 }
336
AuthorizeAdminInner(MessageParcel & data,MessageParcel & reply)337 ErrCode EnterpriseDeviceMgrStub::AuthorizeAdminInner(MessageParcel &data, MessageParcel &reply)
338 {
339 EDMLOGD("EnterpriseDeviceMgrStub:AuthorizeAdminInner.");
340 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
341 if (!admin) {
342 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
343 return ERR_OK;
344 }
345 std::string bundleName = data.ReadString();
346 ErrCode ret = AuthorizeAdmin(*admin, bundleName);
347 reply.WriteInt32(ret);
348 return ERR_OK;
349 }
350
GetSuperAdminInner(MessageParcel & data,MessageParcel & reply)351 ErrCode EnterpriseDeviceMgrStub::GetSuperAdminInner(MessageParcel &data, MessageParcel &reply)
352 {
353 EDMLOGD("EnterpriseDeviceMgrStub:IsSuperAdminInner");
354 ErrCode ret = GetSuperAdmin(reply);
355 reply.WriteInt32(ERR_OK);
356 reply.WriteBool(ret);
357 return ERR_OK;
358 }
359
SetDelegatedPoliciesInner(MessageParcel & data,MessageParcel & reply)360 ErrCode EnterpriseDeviceMgrStub::SetDelegatedPoliciesInner(MessageParcel &data, MessageParcel &reply)
361 {
362 EDMLOGD("EnterpriseDeviceMgrStub:SetDelegatedPoliciesInner.");
363 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
364 if (!admin) {
365 return EdmReturnErrCode::PARAM_ERROR;
366 }
367 std::string bundleName = data.ReadString();
368 std::vector<std::string> policies;
369 data.ReadStringVector(&policies);
370 if (policies.size() > EdmConstants::POLICIES_MAX_SIZE) {
371 return EdmReturnErrCode::PARAM_ERROR;
372 }
373 return SetDelegatedPolicies(admin->GetBundleName(), bundleName, policies);
374 }
375
GetDelegatedPoliciesInner(MessageParcel & data,MessageParcel & reply)376 ErrCode EnterpriseDeviceMgrStub::GetDelegatedPoliciesInner(MessageParcel &data, MessageParcel &reply)
377 {
378 EDMLOGD("EnterpriseDeviceMgrStub:GetDelegatedPoliciesInner.");
379 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
380 if (!admin) {
381 return EdmReturnErrCode::PARAM_ERROR;
382 }
383 std::string bundleName = data.ReadString();
384 std::vector<std::string> policies;
385 ErrCode ret = GetDelegatedPolicies(admin->GetBundleName(), bundleName, policies);
386 if (FAILED(ret)) {
387 return ret;
388 }
389 reply.WriteUint32(policies.size());
390 reply.WriteStringVector(policies);
391 return ERR_OK;
392 }
393
GetDelegatedBundleNamesInner(MessageParcel & data,MessageParcel & reply)394 ErrCode EnterpriseDeviceMgrStub::GetDelegatedBundleNamesInner(MessageParcel &data, MessageParcel &reply)
395 {
396 EDMLOGD("EnterpriseDeviceMgrStub:GetDelegatedBundleNamesInner.");
397 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
398 if (!admin) {
399 return EdmReturnErrCode::PARAM_ERROR;
400 }
401 std::string policyName = data.ReadString();
402 std::vector<std::string> bundleNames;
403 ErrCode ret = GetDelegatedBundleNames(admin->GetBundleName(), policyName, bundleNames);
404 if (FAILED(ret)) {
405 return ret;
406 }
407 reply.WriteUint32(bundleNames.size());
408 reply.WriteStringVector(bundleNames);
409 return ERR_OK;
410 }
411 } // namespace EDM
412 } // namespace OHOS