1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "restrictions_proxy.h"
17
18 #include "edm_log.h"
19 #include "func_code.h"
20
21 namespace OHOS {
22 namespace EDM {
23 std::shared_ptr<RestrictionsProxy> RestrictionsProxy::instance_ = nullptr;
24 std::mutex RestrictionsProxy::mutexLock_;
25 const std::u16string DESCRIPTOR = u"ohos.edm.IEnterpriseDeviceMgr";
26
GetRestrictionsProxy()27 std::shared_ptr<RestrictionsProxy> RestrictionsProxy::GetRestrictionsProxy()
28 {
29 if (instance_ == nullptr) {
30 std::lock_guard<std::mutex> lock(mutexLock_);
31 if (instance_ == nullptr) {
32 std::shared_ptr<RestrictionsProxy> temp = std::make_shared<RestrictionsProxy>();
33 instance_ = temp;
34 }
35 }
36 return instance_;
37 }
38
SetDisallowedPolicy(const AppExecFwk::ElementName &admin, bool disallow, int policyCode, std::string permissionTag)39 int32_t RestrictionsProxy::SetDisallowedPolicy(const AppExecFwk::ElementName &admin, bool disallow, int policyCode,
40 std::string permissionTag)
41 {
42 return EnterpriseDeviceMgrProxy::GetInstance()->SetPolicyDisabled(admin, disallow, policyCode, permissionTag);
43 }
44
GetDisallowedPolicy(AppExecFwk::ElementName *admin, int policyCode, bool &result, std::string permissionTag)45 int32_t RestrictionsProxy::GetDisallowedPolicy(AppExecFwk::ElementName *admin, int policyCode, bool &result,
46 std::string permissionTag)
47 {
48 return EnterpriseDeviceMgrProxy::GetInstance()->IsPolicyDisabled(admin, policyCode, result, permissionTag);
49 }
50
SetFingerprintAuthDisabled(const AppExecFwk::ElementName &admin, bool disallow)51 int32_t RestrictionsProxy::SetFingerprintAuthDisabled(const AppExecFwk::ElementName &admin, bool disallow)
52 {
53 EDMLOGD("RestrictionsProxy::SetFingerprintAuthDisabled");
54 MessageParcel data;
55 std::uint32_t funcCode =
56 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, EdmInterfaceCode::FINGERPRINT_AUTH);
57 data.WriteInterfaceToken(DESCRIPTOR);
58 data.WriteInt32(WITHOUT_USERID);
59 data.WriteParcelable(&admin);
60 data.WriteString(WITHOUT_PERMISSION_TAG);
61 data.WriteString(EdmConstants::FINGERPRINT_AUTH_TYPE);
62 data.WriteBool(disallow);
63 return EnterpriseDeviceMgrProxy::GetInstance()->HandleDevicePolicy(funcCode, data);
64 }
65
IsFingerprintAuthDisabled(AppExecFwk::ElementName *admin, bool &result)66 int32_t RestrictionsProxy::IsFingerprintAuthDisabled(AppExecFwk::ElementName *admin, bool &result)
67 {
68 EDMLOGD("RestrictionsProxy::GetFingerprintAuthDisabled");
69 MessageParcel data;
70 MessageParcel reply;
71 data.WriteInterfaceToken(DESCRIPTOR);
72 data.WriteInt32(WITHOUT_USERID);
73 data.WriteString(WITHOUT_PERMISSION_TAG);
74 if (admin != nullptr) {
75 data.WriteInt32(HAS_ADMIN);
76 data.WriteParcelable(admin);
77 } else {
78 data.WriteInt32(WITHOUT_ADMIN);
79 }
80 data.WriteString(EdmConstants::FINGERPRINT_AUTH_TYPE);
81 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(EdmInterfaceCode::FINGERPRINT_AUTH, data, reply);
82 int32_t ret = ERR_INVALID_VALUE;
83 reply.ReadInt32(ret);
84 if (ret != ERR_OK) {
85 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
86 return ret;
87 }
88 reply.ReadBool(result);
89 return ERR_OK;
90 }
91
SetDisallowedPolicyForAccount(const AppExecFwk::ElementName &admin, bool disallow, uint32_t policyCode, std::string permissionTag, int32_t accountId)92 int32_t RestrictionsProxy::SetDisallowedPolicyForAccount(const AppExecFwk::ElementName &admin, bool disallow,
93 uint32_t policyCode, std::string permissionTag, int32_t accountId)
94 {
95 EDMLOGD("RestrictionsProxy::SetDisallowedPolicyForAccount");
96 MessageParcel data;
97 std::uint32_t funcCode =
98 POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, policyCode);
99 data.WriteInterfaceToken(DESCRIPTOR);
100 data.WriteInt32(WITHOUT_USERID);
101 data.WriteParcelable(&admin);
102 data.WriteString(permissionTag);
103 data.WriteString(EdmConstants::DISALLOW_FOR_ACCOUNT_TYPE);
104 data.WriteBool(disallow);
105 data.WriteInt32(accountId);
106 return EnterpriseDeviceMgrProxy::GetInstance()->HandleDevicePolicy(funcCode, data);
107 }
108
GetDisallowedPolicyForAccount(AppExecFwk::ElementName &admin, int policyCode, bool &result, std::string permissionTag, int32_t accountId)109 int32_t RestrictionsProxy::GetDisallowedPolicyForAccount(AppExecFwk::ElementName &admin, int policyCode, bool &result,
110 std::string permissionTag, int32_t accountId)
111 {
112 EDMLOGD("RestrictionsProxy::GetDisallowedPolicyForAccount");
113 MessageParcel data;
114 MessageParcel reply;
115 data.WriteInterfaceToken(DESCRIPTOR);
116 data.WriteInt32(WITHOUT_USERID);
117 data.WriteString(permissionTag);
118 data.WriteInt32(HAS_ADMIN);
119 data.WriteParcelable(&admin);
120 data.WriteString(EdmConstants::DISALLOW_FOR_ACCOUNT_TYPE);
121 data.WriteInt32(accountId);
122 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(policyCode, data, reply);
123 int32_t ret = ERR_INVALID_VALUE;
124 reply.ReadInt32(ret);
125 if (ret != ERR_OK) {
126 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
127 return ret;
128 }
129 reply.ReadBool(result);
130 return ERR_OK;
131 }
132
AddOrRemoveDisallowedListForAccount(const AppExecFwk::ElementName &admin, std::string feature, std::vector<std::string> &bundles, int32_t accountId, bool isAdd)133 int32_t RestrictionsProxy::AddOrRemoveDisallowedListForAccount(const AppExecFwk::ElementName &admin,
134 std::string feature, std::vector<std::string> &bundles, int32_t accountId, bool isAdd)
135 {
136 EDMLOGD("RestrictionsProxy::AddOrRemoveDisallowedListForAccount called");
137 MessageParcel data;
138 std::uint32_t interfaceCode = 0;
139 if (!GetDisallowedListInterfaceCode(feature, interfaceCode)) {
140 return EdmReturnErrCode::PARAM_ERROR;
141 }
142 std::uint32_t funcCode = 0;
143 if (isAdd) {
144 funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, interfaceCode);
145 } else {
146 funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::REMOVE, interfaceCode);
147 }
148 data.WriteInterfaceToken(DESCRIPTOR);
149 data.WriteInt32(HAS_USERID);
150 data.WriteInt32(accountId);
151 data.WriteParcelable(&admin);
152 data.WriteString(WITHOUT_PERMISSION_TAG);
153 data.WriteStringVector(bundles);
154 return EnterpriseDeviceMgrProxy::GetInstance()->HandleDevicePolicy(funcCode, data);
155 }
156
GetDisallowedListForAccount(AppExecFwk::ElementName &admin, std::string feature, int32_t accountId, std::vector<std::string> &result)157 int32_t RestrictionsProxy::GetDisallowedListForAccount(AppExecFwk::ElementName &admin, std::string feature,
158 int32_t accountId, std::vector<std::string> &result)
159 {
160 EDMLOGD("RestrictionsProxy::GetDisallowedListForAccount called");
161 std::uint32_t interfaceCode = 0;
162 if (!GetDisallowedListInterfaceCode(feature, interfaceCode)) {
163 return EdmReturnErrCode::PARAM_ERROR;
164 }
165 MessageParcel data;
166 MessageParcel reply;
167 data.WriteInterfaceToken(DESCRIPTOR);
168 data.WriteInt32(HAS_USERID);
169 data.WriteInt32(accountId);
170 data.WriteString(WITHOUT_PERMISSION_TAG);
171 data.WriteInt32(HAS_ADMIN);
172 data.WriteParcelable(&admin);
173 EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(interfaceCode, data, reply);
174 int32_t ret = ERR_INVALID_VALUE;
175 bool blRes = reply.ReadInt32(ret) && (ret == ERR_OK);
176 if (!blRes) {
177 EDMLOGW("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret);
178 return ret;
179 }
180 int32_t size = reply.ReadInt32();
181 if (size > EdmConstants::DISALLOW_LIST_FOR_ACCOUNT_MAX_SIZE) {
182 EDMLOGE("RestrictionsProxy:GetDisallowedListForAccount size=[%{public}d] is too large.", size);
183 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
184 }
185 reply.ReadStringVector(&result);
186 return ERR_OK;
187 }
188
GetDisallowedListInterfaceCode(std::string feature, std::uint32_t &interfaceCode)189 bool RestrictionsProxy::GetDisallowedListInterfaceCode(std::string feature, std::uint32_t &interfaceCode)
190 {
191 auto it = featureInterfaceMap_.find(feature);
192 if (it != featureInterfaceMap_.end()) {
193 interfaceCode = it->second;
194 return true;
195 }
196 return false;
197 }
198 } // namespace EDM
199 } // namespace OHOS
200