1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "deviceprofile_connector.h"
17 #include "dm_anonymous.h"
18 #include "dm_constants.h"
19 #include "dm_crypto.h"
20 #include "dm_log.h"
21 #include "multiple_user_connector.h"
22 #include "distributed_device_profile_client.h"
23
24 using namespace OHOS::DistributedDeviceProfile;
25
26 namespace OHOS {
27 namespace DistributedHardware {
28 DM_IMPLEMENT_SINGLE_INSTANCE(DeviceProfileConnector);
GetAccessControlProfile()29 std::vector<AccessControlProfile> DeviceProfileConnector::GetAccessControlProfile()
30 {
31 std::vector<AccessControlProfile> profiles;
32 std::map<std::string, std::string> queryParams;
33 int32_t userId = MultipleUserConnector::GetCurrentAccountUserID();
34 queryParams[USERID] = std::to_string(userId);
35 if (DistributedDeviceProfileClient::GetInstance().GetAccessControlProfile(queryParams, profiles) != DM_OK) {
36 LOGE("DP GetAccessControlProfile failed.");
37 }
38 return profiles;
39 }
40
GetAccessControlProfileByUserId(int32_t userId)41 std::vector<AccessControlProfile> DeviceProfileConnector::GetAccessControlProfileByUserId(int32_t userId)
42 {
43 std::vector<AccessControlProfile> profiles;
44 std::map<std::string, std::string> queryParams;
45 queryParams[USERID] = std::to_string(userId);
46 if (DistributedDeviceProfileClient::GetInstance().GetAccessControlProfile(queryParams, profiles) != DM_OK) {
47 LOGE("DP GetAccessControlProfileByUserId failed.");
48 }
49 return profiles;
50 }
51
GetAppTrustDeviceList(const std::string &pkgName, const std::string &deviceId)52 std::unordered_map<std::string, DmAuthForm> DeviceProfileConnector::GetAppTrustDeviceList(const std::string &pkgName,
53 const std::string &deviceId)
54 {
55 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
56 std::unordered_map<std::string, DmAuthForm> deviceIdMap;
57 for (auto &item : profiles) {
58 std::string trustDeviceId = item.GetTrustDeviceId();
59 if (trustDeviceId == deviceId || item.GetStatus() != ACTIVE) {
60 continue;
61 }
62 DmDiscoveryInfo discoveryInfo = {pkgName, deviceId};
63 int32_t bindType = HandleDmAuthForm(item, discoveryInfo);
64 LOGI("The udid %{public}s in ACL authForm is %{public}d.", GetAnonyString(trustDeviceId).c_str(), bindType);
65 if (bindType == DmAuthForm::INVALID_TYPE) {
66 continue;
67 }
68 if (deviceIdMap.find(trustDeviceId) == deviceIdMap.end()) {
69 deviceIdMap[trustDeviceId] = static_cast<DmAuthForm>(bindType);
70 continue;
71 }
72 DmAuthForm authForm = deviceIdMap.at(trustDeviceId);
73 if (bindType == authForm) {
74 continue;
75 }
76 if (bindType == DmAuthForm::IDENTICAL_ACCOUNT) {
77 deviceIdMap[trustDeviceId] = DmAuthForm::IDENTICAL_ACCOUNT;
78 continue;
79 }
80 if (bindType == DmAuthForm::PEER_TO_PEER && authForm == DmAuthForm::ACROSS_ACCOUNT) {
81 deviceIdMap[trustDeviceId] = DmAuthForm::PEER_TO_PEER;
82 continue;
83 }
84 }
85 return deviceIdMap;
86 }
87
GetDeviceAclParam(DmDiscoveryInfo discoveryInfo, bool &isOnline, int32_t &authForm)88 int32_t DeviceProfileConnector::GetDeviceAclParam(DmDiscoveryInfo discoveryInfo, bool &isOnline, int32_t &authForm)
89 {
90 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
91 if (profiles.size() == 0) {
92 return DM_OK;
93 }
94 std::vector<int32_t> bindTypes;
95 for (auto &item : profiles) {
96 char deviceIdHash[DM_MAX_DEVICE_ID_LEN] = {0};
97 if (Crypto::GetUdidHash(item.GetTrustDeviceId(), reinterpret_cast<uint8_t *>(deviceIdHash)) != DM_OK) {
98 LOGE("get deviceIdHash by deviceId: %{public}s failed.", GetAnonyString(deviceIdHash).c_str());
99 return ERR_DM_FAILED;
100 }
101 if (static_cast<std::string>(deviceIdHash) != discoveryInfo.remoteDeviceIdHash || item.GetStatus() != ACTIVE) {
102 continue;
103 }
104 int32_t bindType = HandleDmAuthForm(item, discoveryInfo);
105 if (bindType == DmAuthForm::INVALID_TYPE) {
106 continue;
107 }
108 bindTypes.push_back(bindType);
109 }
110 if (std::count(bindTypes.begin(), bindTypes.end(), DmAuthForm::IDENTICAL_ACCOUNT) > 0) {
111 isOnline = true;
112 authForm = DmAuthForm::IDENTICAL_ACCOUNT;
113 LOGI("The found device is identical account device bind type.");
114 return DM_OK;
115 }
116 if (std::count(bindTypes.begin(), bindTypes.end(), DmAuthForm::PEER_TO_PEER) > 0) {
117 isOnline = true;
118 authForm = DmAuthForm::PEER_TO_PEER;
119 LOGI("The found device is peer-to-peer device bind-level.");
120 return DM_OK;
121 }
122 if (std::count(bindTypes.begin(), bindTypes.end(), DmAuthForm::ACROSS_ACCOUNT) > 0) {
123 isOnline = true;
124 authForm = DmAuthForm::ACROSS_ACCOUNT;
125 LOGI("The found device is across-account device bind-level.");
126 return DM_OK;
127 }
128 authForm = DmAuthForm::INVALID_TYPE;
129 return DM_OK;
130 }
131
CheckAuthForm(DmAuthForm form, AccessControlProfile profiles, DmDiscoveryInfo discoveryInfo)132 int32_t DeviceProfileConnector::CheckAuthForm(DmAuthForm form, AccessControlProfile profiles,
133 DmDiscoveryInfo discoveryInfo)
134 {
135 if (profiles.GetBindLevel() == DEVICE || (profiles.GetBindLevel() == APP && discoveryInfo.pkgname == "")) {
136 return form;
137 }
138 if (profiles.GetBindLevel() == APP) {
139 if (discoveryInfo.pkgname == profiles.GetAccesser().GetAccesserBundleName() &&
140 discoveryInfo.localDeviceId == profiles.GetAccesser().GetAccesserDeviceId()) {
141 return form;
142 }
143 if (discoveryInfo.pkgname == profiles.GetAccessee().GetAccesseeBundleName() &&
144 discoveryInfo.localDeviceId == profiles.GetAccessee().GetAccesseeDeviceId()) {
145 return form;
146 }
147 }
148 return DmAuthForm::INVALID_TYPE;
149 }
150
HandleDmAuthForm(AccessControlProfile profiles, DmDiscoveryInfo discoveryInfo)151 int32_t DeviceProfileConnector::HandleDmAuthForm(AccessControlProfile profiles, DmDiscoveryInfo discoveryInfo)
152 {
153 if (profiles.GetBindType() == DM_IDENTICAL_ACCOUNT) {
154 return DmAuthForm::IDENTICAL_ACCOUNT;
155 }
156 if (profiles.GetBindType() == DM_POINT_TO_POINT) {
157 return CheckAuthForm(DmAuthForm::PEER_TO_PEER, profiles, discoveryInfo);
158 }
159 if (profiles.GetBindType() == DM_ACROSS_ACCOUNT) {
160 return CheckAuthForm(DmAuthForm::ACROSS_ACCOUNT, profiles, discoveryInfo);
161 }
162 return DmAuthForm::INVALID_TYPE;
163 }
164
CheckBindType(std::string trustDeviceId, std::string requestDeviceId)165 uint32_t DeviceProfileConnector::CheckBindType(std::string trustDeviceId, std::string requestDeviceId)
166 {
167 LOGI("Start.");
168 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
169 LOGI("AccessControlProfile size is %{public}zu", profiles.size());
170 uint32_t highestPriority = INVALIED_TYPE;
171 for (auto &item : profiles) {
172 if (trustDeviceId != item.GetTrustDeviceId() || item.GetStatus() != ACTIVE) {
173 continue;
174 }
175 uint32_t priority = static_cast<uint32_t>(GetAuthForm(item, trustDeviceId, requestDeviceId));
176 if (priority > highestPriority) {
177 highestPriority = priority;
178 }
179 }
180 return highestPriority;
181 }
182
GetAuthForm(DistributedDeviceProfile::AccessControlProfile profiles, const std::string &trustDev, const std::string &reqDev)183 int32_t DeviceProfileConnector::GetAuthForm(DistributedDeviceProfile::AccessControlProfile profiles,
184 const std::string &trustDev, const std::string &reqDev)
185 {
186 LOGI("BindType %{public}d, bindLevel %{public}d",
187 profiles.GetBindType(), profiles.GetBindLevel());
188 uint32_t priority = INVALIED_TYPE;
189 uint32_t bindType = profiles.GetBindType();
190 switch (bindType) {
191 case DM_IDENTICAL_ACCOUNT:
192 priority = IDENTICAL_ACCOUNT_TYPE;
193 break;
194 case DM_POINT_TO_POINT:
195 if (profiles.GetBindLevel() == DEVICE) {
196 priority = DEVICE_PEER_TO_PEER_TYPE;
197 } else if (profiles.GetBindLevel() == APP && profiles.GetAccesser().GetAccesserDeviceId() == reqDev &&
198 profiles.GetAccessee().GetAccesseeDeviceId() == trustDev) {
199 priority = APP_PEER_TO_PEER_TYPE;
200 } else if (profiles.GetBindLevel() == APP && profiles.GetAccessee().GetAccesseeDeviceId() == reqDev &&
201 profiles.GetAccesser().GetAccesserDeviceId() == trustDev) {
202 priority = APP_PEER_TO_PEER_TYPE;
203 }
204 break;
205 case DM_ACROSS_ACCOUNT:
206 if (profiles.GetBindLevel() == DEVICE) {
207 priority = DEVICE_ACROSS_ACCOUNT_TYPE;
208 } else if (profiles.GetBindLevel() == APP && profiles.GetAccesser().GetAccesserDeviceId() == reqDev &&
209 profiles.GetAccessee().GetAccesseeDeviceId() == trustDev) {
210 priority = APP_ACROSS_ACCOUNT_TYPE;
211 } else if (profiles.GetBindLevel() == APP && profiles.GetAccessee().GetAccesseeDeviceId() == reqDev &&
212 profiles.GetAccesser().GetAccesserDeviceId() == trustDev) {
213 priority = APP_ACROSS_ACCOUNT_TYPE;
214 }
215 break;
216 default:
217 LOGE("unknown bind type %{public}d.", bindType);
218 break;
219 }
220 return priority;
221 }
222
GetBindTypeByPkgName(std::string pkgName, std::string requestDeviceId, std::string trustUdid)223 std::vector<int32_t> DeviceProfileConnector::GetBindTypeByPkgName(std::string pkgName, std::string requestDeviceId,
224 std::string trustUdid)
225 {
226 LOGI("Start.");
227 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
228 LOGI("AccessControlProfile size is %{public}zu", profiles.size());
229 std::vector<int32_t> bindTypeVec;
230 for (auto &item : profiles) {
231 if (trustUdid != item.GetTrustDeviceId() || item.GetStatus() != ACTIVE) {
232 continue;
233 }
234 GetParamBindTypeVec(item, pkgName, requestDeviceId, bindTypeVec);
235 }
236 return bindTypeVec;
237 }
238
GetParamBindTypeVec(AccessControlProfile profiles, std::string pkgName, std::string requestDeviceId, std::vector<int32_t> &bindTypeVec)239 void DeviceProfileConnector::GetParamBindTypeVec(AccessControlProfile profiles, std::string pkgName,
240 std::string requestDeviceId, std::vector<int32_t> &bindTypeVec)
241 {
242 if (profiles.GetBindType() == DM_IDENTICAL_ACCOUNT) {
243 bindTypeVec.push_back(IDENTICAL_ACCOUNT_TYPE);
244 }
245 if (profiles.GetBindType() == DM_POINT_TO_POINT) {
246 if (profiles.GetBindLevel() == DEVICE) {
247 bindTypeVec.push_back(DEVICE_PEER_TO_PEER_TYPE);
248 }
249 if (profiles.GetBindLevel() == APP) {
250 if (profiles.GetAccesser().GetAccesserBundleName() == pkgName &&
251 profiles.GetAccesser().GetAccesserDeviceId() == requestDeviceId) {
252 bindTypeVec.push_back(APP_PEER_TO_PEER_TYPE);
253 }
254 if ((profiles.GetAccessee().GetAccesseeBundleName() == pkgName &&
255 profiles.GetAccessee().GetAccesseeDeviceId() == requestDeviceId)) {
256 bindTypeVec.push_back(APP_PEER_TO_PEER_TYPE);
257 }
258 }
259 }
260 if (profiles.GetBindType() == DM_ACROSS_ACCOUNT) {
261 if (profiles.GetBindLevel() == DEVICE) {
262 bindTypeVec.push_back(DEVICE_ACROSS_ACCOUNT_TYPE);
263 }
264 if (profiles.GetBindLevel() == APP) {
265 if (profiles.GetAccesser().GetAccesserBundleName() == pkgName &&
266 profiles.GetAccesser().GetAccesserDeviceId() == requestDeviceId) {
267 bindTypeVec.push_back(APP_ACROSS_ACCOUNT_TYPE);
268 }
269 if ((profiles.GetAccessee().GetAccesseeBundleName() == pkgName &&
270 profiles.GetAccessee().GetAccesseeDeviceId() == requestDeviceId)) {
271 bindTypeVec.push_back(APP_ACROSS_ACCOUNT_TYPE);
272 }
273 }
274 }
275 }
276
CompareBindType(std::vector<AccessControlProfile> profiles, std::string pkgName, std::vector<int32_t> &sinkBindType, std::string localDeviceId, std::string targetDeviceId)277 std::vector<int32_t> DeviceProfileConnector::CompareBindType(std::vector<AccessControlProfile> profiles,
278 std::string pkgName, std::vector<int32_t> &sinkBindType, std::string localDeviceId, std::string targetDeviceId)
279 {
280 std::vector<int32_t> bindTypeIndex;
281 for (uint32_t index = 0; index < profiles.size(); index++) {
282 if (profiles[index].GetTrustDeviceId() != targetDeviceId || profiles[index].GetStatus() != ACTIVE) {
283 continue;
284 }
285 DmDiscoveryInfo paramInfo = {
286 .pkgname = pkgName,
287 .localDeviceId = localDeviceId,
288 };
289 ProcessBindType(profiles[index], paramInfo, sinkBindType, bindTypeIndex, index);
290 }
291 return bindTypeIndex;
292 }
293
ProcessBindType(AccessControlProfile profiles, DmDiscoveryInfo paramInfo, std::vector<int32_t> &sinkBindType, std::vector<int32_t> &bindTypeIndex, uint32_t index)294 void DeviceProfileConnector::ProcessBindType(AccessControlProfile profiles, DmDiscoveryInfo paramInfo,
295 std::vector<int32_t> &sinkBindType, std::vector<int32_t> &bindTypeIndex, uint32_t index)
296 {
297 if (profiles.GetBindType() == DM_IDENTICAL_ACCOUNT) {
298 sinkBindType.push_back(IDENTICAL_ACCOUNT_TYPE);
299 bindTypeIndex.push_back(index);
300 }
301 if (profiles.GetBindType() == DM_POINT_TO_POINT) {
302 if (profiles.GetBindLevel() == DEVICE) {
303 sinkBindType.push_back(DEVICE_PEER_TO_PEER_TYPE);
304 bindTypeIndex.push_back(index);
305 }
306 if (profiles.GetBindLevel() == APP) {
307 if (profiles.GetAccesser().GetAccesserBundleName() == paramInfo.pkgname &&
308 profiles.GetAccesser().GetAccesserDeviceId() == paramInfo.localDeviceId) {
309 sinkBindType.push_back(APP_PEER_TO_PEER_TYPE);
310 bindTypeIndex.push_back(index);
311 }
312 if (profiles.GetAccessee().GetAccesseeBundleName() == paramInfo.pkgname &&
313 profiles.GetAccessee().GetAccesseeDeviceId() == paramInfo.localDeviceId) {
314 sinkBindType.push_back(APP_PEER_TO_PEER_TYPE);
315 bindTypeIndex.push_back(index);
316 }
317 }
318 }
319 if (profiles.GetBindType() == DM_ACROSS_ACCOUNT) {
320 if (profiles.GetBindLevel() == DEVICE) {
321 sinkBindType.push_back(DEVICE_ACROSS_ACCOUNT_TYPE);
322 bindTypeIndex.push_back(index);
323 }
324 if (profiles.GetBindLevel() == APP) {
325 if (profiles.GetAccesser().GetAccesserBundleName() == paramInfo.pkgname &&
326 profiles.GetAccesser().GetAccesserDeviceId() == paramInfo.localDeviceId) {
327 sinkBindType.push_back(APP_ACROSS_ACCOUNT_TYPE);
328 bindTypeIndex.push_back(index);
329 }
330 if (profiles.GetAccessee().GetAccesseeBundleName() == paramInfo.pkgname &&
331 profiles.GetAccessee().GetAccesseeDeviceId() == paramInfo.localDeviceId) {
332 sinkBindType.push_back(APP_ACROSS_ACCOUNT_TYPE);
333 bindTypeIndex.push_back(index);
334 }
335 }
336 }
337 }
338
SyncAclByBindType(std::string pkgName, std::vector<int32_t> bindTypeVec, std::string localDeviceId, std::string targetDeviceId)339 std::vector<int32_t> DeviceProfileConnector::SyncAclByBindType(std::string pkgName, std::vector<int32_t> bindTypeVec,
340 std::string localDeviceId, std::string targetDeviceId)
341 {
342 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
343 LOGI("AccessControlProfile size is %{public}zu", profiles.size());
344 std::vector<int32_t> sinkBindType;
345 std::vector<int32_t> bindType;
346 std::vector<int32_t> bindTypeIndex =
347 CompareBindType(profiles, pkgName, sinkBindType, localDeviceId, targetDeviceId);
348 for (uint32_t sinkIndex = 0; sinkIndex < sinkBindType.size(); sinkIndex++) {
349 bool deleteAclFlag = true;
350 for (uint32_t srcIndex = 0; srcIndex < bindTypeVec.size(); srcIndex++) {
351 if (sinkBindType[sinkIndex] == bindTypeVec[srcIndex]) {
352 deleteAclFlag = false;
353 bindType.push_back(bindTypeVec[sinkIndex]);
354 }
355 }
356 if (deleteAclFlag) {
357 int32_t deleteIndex = profiles[bindTypeIndex[sinkIndex]].GetAccessControlId();
358 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(deleteIndex);
359 }
360 }
361 return bindType;
362 }
363
GetPkgNameFromAcl(std::string &localDeviceId, std::string &targetDeviceId)364 std::vector<std::string> DeviceProfileConnector::GetPkgNameFromAcl(std::string &localDeviceId,
365 std::string &targetDeviceId)
366 {
367 LOGI("Start.");
368 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
369 LOGI("AccessControlProfile size is %{public}zu", profiles.size());
370 std::vector<std::string> pkgNameVec;
371 for (auto &item : profiles) {
372 if (item.GetTrustDeviceId() != targetDeviceId || item.GetStatus() != ACTIVE) {
373 continue;
374 }
375 if ((item.GetAccesser().GetAccesserDeviceId() == localDeviceId &&
376 item.GetAccessee().GetAccesseeDeviceId() == targetDeviceId) ||
377 (item.GetAccesser().GetAccesserDeviceId() == targetDeviceId &&
378 item.GetAccessee().GetAccesseeDeviceId() == localDeviceId)) {
379 pkgNameVec.push_back(item.GetAccesser().GetAccesserBundleName());
380 }
381 }
382 return pkgNameVec;
383 }
384
GetOfflineParamFromAcl(std::string trustDeviceId, std::string requestDeviceId)385 DmOfflineParam DeviceProfileConnector::GetOfflineParamFromAcl(std::string trustDeviceId, std::string requestDeviceId)
386 {
387 LOGI("TrustDeviceId = %{public}s and requestDeviceId = %{public}s",
388 GetAnonyString(trustDeviceId).c_str(), GetAnonyString(requestDeviceId).c_str());
389 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
390 LOGI("AccessControlProfile size is %{public}zu", profiles.size());
391 DmOfflineParam offlineParam;
392 offlineParam.leftAclNumber = 0;
393 offlineParam.bindType = INVALIED_TYPE;
394 for (auto &item : profiles) {
395 if (item.GetTrustDeviceId() != trustDeviceId || item.GetStatus() != ACTIVE) {
396 continue;
397 }
398 offlineParam.leftAclNumber++;
399 uint32_t priority = INVALIED_TYPE;
400 if (item.GetBindType() == DM_IDENTICAL_ACCOUNT) {
401 priority = IDENTICAL_ACCOUNT_TYPE;
402 } else if (item.GetBindLevel() == DEVICE && item.GetAuthenticationType() == ALLOW_AUTH_ALWAYS) {
403 priority = DEVICE_PEER_TO_PEER_TYPE;
404 } else if (item.GetBindLevel() == DEVICE && item.GetAuthenticationType() == ALLOW_AUTH_ONCE) {
405 priority = DEVICE_PEER_TO_PEER_TYPE;
406 offlineParam.pkgNameVec.push_back(item.GetAccesser().GetAccesserBundleName());
407 } else if ((item.GetAccesser().GetAccesserDeviceId() == requestDeviceId &&
408 item.GetAccessee().GetAccesseeDeviceId() == trustDeviceId) ||
409 (item.GetAccesser().GetAccesserDeviceId() == trustDeviceId &&
410 item.GetAccessee().GetAccesseeDeviceId() == requestDeviceId)) {
411 priority = APP_PEER_TO_PEER_TYPE;
412 offlineParam.pkgNameVec.push_back(item.GetAccesser().GetAccesserBundleName());
413 }
414 if (priority > offlineParam.bindType) {
415 offlineParam.bindType = priority;
416 }
417 }
418 return offlineParam;
419 }
420
PutAccessControlList(DmAclInfo aclInfo, DmAccesser dmAccesser, DmAccessee dmAccessee)421 int32_t DeviceProfileConnector::PutAccessControlList(DmAclInfo aclInfo, DmAccesser dmAccesser, DmAccessee dmAccessee)
422 {
423 LOGI("Start.");
424 Accesser accesser;
425 accesser.SetAccesserDeviceId(dmAccesser.requestDeviceId);
426 accesser.SetAccesserUserId(dmAccesser.requestUserId);
427 accesser.SetAccesserAccountId(dmAccesser.requestAccountId);
428 accesser.SetAccesserTokenId(dmAccesser.requestTokenId);
429 accesser.SetAccesserBundleName(dmAccesser.requestBundleName);
430 Accessee accessee;
431 accessee.SetAccesseeDeviceId(dmAccessee.trustDeviceId);
432 accessee.SetAccesseeUserId(dmAccessee.trustUserId);
433 accessee.SetAccesseeAccountId(dmAccessee.trustAccountId);
434 accessee.SetAccesseeTokenId(dmAccessee.trustTokenId);
435 accessee.SetAccesseeBundleName(dmAccessee.trustBundleName);
436 AccessControlProfile profile;
437 profile.SetBindType(aclInfo.bindType);
438 profile.SetBindLevel(aclInfo.bindLevel);
439 profile.SetStatus(ACTIVE);
440 profile.SetTrustDeviceId(aclInfo.trustDeviceId);
441 profile.SetDeviceIdType((int32_t)DeviceIdType::UDID);
442 profile.SetDeviceIdHash(aclInfo.deviceIdHash);
443 profile.SetAuthenticationType(aclInfo.authenticationType);
444 profile.SetAccessee(accessee);
445 profile.SetAccesser(accesser);
446 int32_t ret = DistributedDeviceProfileClient::GetInstance().PutAccessControlProfile(profile);
447 if (ret != DM_OK) {
448 LOGE("PutAccessControlProfile failed.");
449 }
450 return ret;
451 }
452
DeleteAclForAccountLogOut(const std::string &localUdid, int32_t userId, const std::string &remoteUdid)453 void DeviceProfileConnector::DeleteAclForAccountLogOut(const std::string &localUdid, int32_t userId,
454 const std::string &remoteUdid)
455 {
456 LOGI("localUdid %{public}s, userId %{public}d, remoteUdid %{public}s.", GetAnonyString(localUdid).c_str(), userId,
457 GetAnonyString(remoteUdid).c_str());
458 std::vector<AccessControlProfile> profiles = GetAccessControlProfileByUserId(userId);
459 for (const auto &item : profiles) {
460 if (item.GetTrustDeviceId() == remoteUdid) {
461 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
462 }
463 }
464 }
465
DeleteAclForUserRemoved(int32_t userId)466 void DeviceProfileConnector::DeleteAclForUserRemoved(int32_t userId)
467 {
468 LOGI("DeleteAclForUserRemoved userId %{public}d.", userId);
469 std::vector<AccessControlProfile> profiles = GetAccessControlProfileByUserId(userId);
470 for (const auto &item : profiles) {
471 if (item.GetAccesser().GetAccesserUserId() == userId || item.GetAccessee().GetAccesseeUserId() == userId) {
472 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
473 }
474 }
475 }
476
DeleteAccessControlList(const std::string &udid)477 void DeviceProfileConnector::DeleteAccessControlList(const std::string &udid)
478 {
479 LOGI("Udid: %{public}s.", GetAnonyString(udid).c_str());
480 if (udid.empty()) {
481 LOGE("DeleteAccessControlList udid is empty.");
482 return;
483 }
484 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
485 LOGI("Size is %{public}zu", profiles.size());
486 for (const auto &item : profiles) {
487 if (item.GetTrustDeviceId() == udid) {
488 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
489 }
490 }
491 }
492
DeleteAccessControlList(const std::string &pkgName, const std::string &localDeviceId, const std::string &remoteDeviceId, int32_t bindLevel)493 DmOfflineParam DeviceProfileConnector::DeleteAccessControlList(const std::string &pkgName,
494 const std::string &localDeviceId, const std::string &remoteDeviceId, int32_t bindLevel)
495 {
496 LOGI("pkgName %{public}s, localDeviceId %{public}s, remoteDeviceId %{public}s, bindLevel %{public}d.",
497 pkgName.c_str(), GetAnonyString(localDeviceId).c_str(), GetAnonyString(remoteDeviceId).c_str(), bindLevel);
498 DmOfflineParam offlineParam;
499 offlineParam.bindType = INVALIED_TYPE;
500 if (static_cast<uint32_t>(bindLevel) > APP || static_cast<uint32_t>(bindLevel) < DEVICE) {
501 LOGE("Invalied bindlevel.");
502 return offlineParam;
503 }
504 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
505 if (profiles.empty()) {
506 LOGE("Acl is empty.");
507 return offlineParam;
508 }
509 switch (bindLevel) {
510 case APP:
511 DeleteAppBindLevel(offlineParam, pkgName, profiles, localDeviceId, remoteDeviceId);
512 break;
513 case SERVICE:
514 DeleteServiceBindLevel(offlineParam, pkgName, profiles, localDeviceId, remoteDeviceId);
515 break;
516 case DEVICE:
517 DeleteDeviceBindLevel(offlineParam, profiles, localDeviceId, remoteDeviceId);
518 break;
519 default:
520 break;
521 }
522 return offlineParam;
523 }
524
DeleteAppBindLevel(DmOfflineParam &offlineParam, const std::string &pkgName, const std::vector<AccessControlProfile> &profiles, const std::string &localUdid, const std::string &remoteUdid)525 void DeviceProfileConnector::DeleteAppBindLevel(DmOfflineParam &offlineParam, const std::string &pkgName,
526 const std::vector<AccessControlProfile> &profiles, const std::string &localUdid, const std::string &remoteUdid)
527 {
528 int32_t bindNums = 0;
529 int32_t deleteNums = 0;
530 for (auto &item : profiles) {
531 if (item.GetTrustDeviceId() != remoteUdid || item.GetBindType() == DM_IDENTICAL_ACCOUNT ||
532 item.GetBindLevel() != APP) {
533 continue;
534 }
535 bindNums++;
536 if (item.GetAccesser().GetAccesserBundleName() == pkgName &&
537 item.GetAccesser().GetAccesserDeviceId() == localUdid &&
538 item.GetAccessee().GetAccesseeDeviceId() == remoteUdid) {
539 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
540 deleteNums++;
541 offlineParam.bindType = APP;
542 LOGI("Src delete acl pkgName %{public}s, bindType %{public}d, localUdid %{public}s, remoteUdid %{public}s",
543 pkgName.c_str(), item.GetBindType(), GetAnonyString(localUdid).c_str(),
544 GetAnonyString(remoteUdid).c_str());
545 continue;
546 }
547 if (item.GetAccessee().GetAccesseeBundleName() == pkgName &&
548 item.GetAccessee().GetAccesseeDeviceId() == localUdid &&
549 item.GetAccesser().GetAccesserDeviceId() == remoteUdid) {
550 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
551 deleteNums++;
552 offlineParam.bindType = APP;
553 LOGI("Sink delete acl pkgName %{public}s, bindType %{public}d, localUdid %{public}s, remoteUdid %{public}s",
554 pkgName.c_str(), item.GetBindType(), GetAnonyString(localUdid).c_str(),
555 GetAnonyString(remoteUdid).c_str());
556 continue;
557 }
558 }
559 offlineParam.leftAclNumber = bindNums - deleteNums;
560 }
561
DeleteDeviceBindLevel(DmOfflineParam &offlineParam, const std::vector<AccessControlProfile> &profiles, const std::string &localUdid, const std::string &remoteUdid)562 void DeviceProfileConnector::DeleteDeviceBindLevel(DmOfflineParam &offlineParam,
563 const std::vector<AccessControlProfile> &profiles, const std::string &localUdid, const std::string &remoteUdid)
564 {
565 int32_t bindNums = 0;
566 int32_t deleteNums = 0;
567 for (auto &item : profiles) {
568 if (item.GetTrustDeviceId() != remoteUdid || item.GetBindType() == DM_IDENTICAL_ACCOUNT) {
569 continue;
570 }
571 bindNums++;
572 if (item.GetAccesser().GetAccesserDeviceId() == localUdid &&
573 item.GetAccessee().GetAccesseeDeviceId() == remoteUdid) {
574 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
575 deleteNums++;
576 offlineParam.bindType = DEVICE;
577 LOGI("Src delete acl bindType %{public}d, localUdid %{public}s, remoteUdid %{public}s", item.GetBindType(),
578 GetAnonyString(localUdid).c_str(), GetAnonyString(remoteUdid).c_str());
579 continue;
580 }
581 if (item.GetAccessee().GetAccesseeDeviceId() == localUdid &&
582 item.GetAccesser().GetAccesserDeviceId() == remoteUdid) {
583 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
584 deleteNums++;
585 offlineParam.bindType = DEVICE;
586 LOGI("Sink delete acl bindType %{public}d, localUdid %{public}s, remoteUdid %{public}s", item.GetBindType(),
587 GetAnonyString(localUdid).c_str(), GetAnonyString(remoteUdid).c_str());
588 continue;
589 }
590 }
591 offlineParam.leftAclNumber = bindNums - deleteNums;
592 }
593
DeleteServiceBindLevel(DmOfflineParam &offlineParam, const std::string &pkgName, const std::vector<AccessControlProfile> &profiles, const std::string &localUdid, const std::string &remoteUdid)594 void DeviceProfileConnector::DeleteServiceBindLevel(DmOfflineParam &offlineParam, const std::string &pkgName,
595 const std::vector<AccessControlProfile> &profiles, const std::string &localUdid, const std::string &remoteUdid)
596 {
597 int32_t bindNums = 0;
598 int32_t deleteNums = 0;
599 for (auto &item : profiles) {
600 if (item.GetTrustDeviceId() != remoteUdid || item.GetBindType() == DM_IDENTICAL_ACCOUNT ||
601 item.GetBindLevel() != SERVICE) {
602 continue;
603 }
604 bindNums++;
605 if (item.GetAccesser().GetAccesserBundleName() == pkgName &&
606 item.GetAccesser().GetAccesserDeviceId() == localUdid &&
607 item.GetAccessee().GetAccesseeDeviceId() == remoteUdid) {
608 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
609 deleteNums++;
610 offlineParam.bindType = SERVICE;
611 LOGI("Src delete acl pkgName %{public}s, bindType %{public}d, localUdid %{public}s, remoteUdid %{public}s",
612 pkgName.c_str(), item.GetBindType(), GetAnonyString(localUdid).c_str(),
613 GetAnonyString(remoteUdid).c_str());
614 continue;
615 }
616 if (item.GetAccessee().GetAccesseeBundleName() == pkgName &&
617 item.GetAccessee().GetAccesseeDeviceId() == localUdid &&
618 item.GetAccesser().GetAccesserDeviceId() == remoteUdid) {
619 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
620 deleteNums++;
621 offlineParam.bindType = SERVICE;
622 LOGI("Sink delete acl pkgName %{public}s, bindType %{public}d, localUdid %{public}s, remoteUdid %{public}s",
623 pkgName.c_str(), item.GetBindType(), GetAnonyString(localUdid).c_str(),
624 GetAnonyString(remoteUdid).c_str());
625 continue;
626 }
627 }
628 offlineParam.leftAclNumber = bindNums - deleteNums;
629 }
630
UpdateAccessControlList(int32_t userId, std::string &oldAccountId, std::string &newAccountId)631 int32_t DeviceProfileConnector::UpdateAccessControlList(int32_t userId, std::string &oldAccountId,
632 std::string &newAccountId)
633 {
634 LOGI("Start.");
635 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
636 LOGI("AccessControlProfile size is %{public}zu", profiles.size());
637 for (auto &item : profiles) {
638 if ((item.GetAccesser().GetAccesserUserId() == userId &&
639 item.GetAccesser().GetAccesserAccountId() == oldAccountId) ||
640 (item.GetAccessee().GetAccesseeUserId() == userId &&
641 item.GetAccessee().GetAccesseeAccountId() == oldAccountId)) {
642 item.SetStatus(INACTIVE);
643 DistributedDeviceProfileClient::GetInstance().UpdateAccessControlProfile(item);
644 }
645 if ((item.GetAccesser().GetAccesserUserId() == userId &&
646 item.GetAccesser().GetAccesserAccountId() == newAccountId) ||
647 (item.GetAccessee().GetAccesseeUserId() == userId &&
648 item.GetAccessee().GetAccesseeAccountId() == newAccountId)) {
649 item.SetStatus(ACTIVE);
650 DistributedDeviceProfileClient::GetInstance().UpdateAccessControlProfile(item);
651 }
652 }
653 return DM_OK;
654 }
655
CheckIdenticalAccount(int32_t userId, const std::string &accountId)656 bool DeviceProfileConnector::CheckIdenticalAccount(int32_t userId, const std::string &accountId)
657 {
658 LOGI("Start");
659 std::vector<AccessControlProfile> profiles;
660 std::map<std::string, std::string> queryParams;
661 queryParams[USERID] = std::to_string(userId);
662 queryParams[ACCOUNTID] = accountId;
663 if (DistributedDeviceProfileClient::GetInstance().GetAccessControlProfile(queryParams, profiles) != DM_OK) {
664 LOGE("DP GetAccessControlProfile failed.");
665 }
666 for (auto &item : profiles) {
667 if (item.GetBindType() == DM_IDENTICAL_ACCOUNT && item.GetStatus() == ACTIVE) {
668 return true;
669 }
670 }
671 return false;
672 }
673
CheckSrcDevIdInAclForDevBind(const std::string &pkgName, const std::string &deviceId)674 bool DeviceProfileConnector::CheckSrcDevIdInAclForDevBind(const std::string &pkgName, const std::string &deviceId)
675 {
676 LOGI("Start");
677 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
678 LOGI("AccessControlProfile size is %{public}zu", profiles.size());
679 for (auto &item : profiles) {
680 if (item.GetTrustDeviceId() == deviceId && item.GetStatus() == ACTIVE &&
681 item.GetBindLevel() == DEVICE && (item.GetAccessee().GetAccesseeBundleName() == pkgName ||
682 item.GetAccesser().GetAccesserBundleName() == "") && item.GetAccessee().GetAccesseeUserId() == 0 &&
683 item.GetAccessee().GetAccesseeAccountId() == "") {
684 return true;
685 }
686 }
687 return false;
688 }
689
CheckSinkDevIdInAclForDevBind(const std::string &pkgName, const std::string &deviceId)690 bool DeviceProfileConnector::CheckSinkDevIdInAclForDevBind(const std::string &pkgName, const std::string &deviceId)
691 {
692 LOGI("Start");
693 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
694 LOGI("AccessControlProfile size is %{public}zu", profiles.size());
695 for (auto &item : profiles) {
696 if (item.GetTrustDeviceId() == deviceId && item.GetStatus() == ACTIVE &&
697 item.GetBindLevel() == DEVICE && (item.GetAccesser().GetAccesserBundleName() == pkgName ||
698 item.GetAccesser().GetAccesserBundleName() == "") && item.GetAccesser().GetAccesserUserId() == 0 &&
699 item.GetAccesser().GetAccesserAccountId() == "") {
700 return true;
701 }
702 }
703 return false;
704 }
705
CheckDevIdInAclForDevBind(const std::string &pkgName, const std::string &deviceId)706 bool DeviceProfileConnector::CheckDevIdInAclForDevBind(const std::string &pkgName, const std::string &deviceId)
707 {
708 return (CheckSinkDevIdInAclForDevBind(pkgName, deviceId) || CheckSrcDevIdInAclForDevBind(pkgName, deviceId));
709 }
710
DeleteTimeOutAcl(const std::string &deviceId)711 uint32_t DeviceProfileConnector::DeleteTimeOutAcl(const std::string &deviceId)
712 {
713 LOGI("Start");
714 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
715 LOGI("AccessControlProfile size is %{public}zu", profiles.size());
716 uint32_t res = 0;
717 for (auto &item : profiles) {
718 if (item.GetTrustDeviceId() != deviceId || item.GetStatus() != ACTIVE) {
719 continue;
720 }
721 res++;
722 if (item.GetAuthenticationType() == ALLOW_AUTH_ONCE) {
723 res--;
724 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
725 }
726 }
727 return res;
728 }
729
GetTrustNumber(const std::string &deviceId)730 int32_t DeviceProfileConnector::GetTrustNumber(const std::string &deviceId)
731 {
732 LOGI("Start");
733 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
734 LOGI("AccessControlProfile size is %{public}zu", profiles.size());
735 int32_t trustNumber = 0;
736 for (auto &item : profiles) {
737 if (item.GetTrustDeviceId() == deviceId && item.GetStatus() == ACTIVE) {
738 trustNumber++;
739 }
740 }
741 return trustNumber;
742 }
743
IsSameAccount(const std::string &udid)744 int32_t DeviceProfileConnector::IsSameAccount(const std::string &udid)
745 {
746 LOGI("Start.");
747 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
748 for (auto &item : profiles) {
749 if (item.GetTrustDeviceId() == udid && item.GetStatus() == ACTIVE) {
750 if (item.GetBindType() == DM_IDENTICAL_ACCOUNT) { // 同账号
751 LOGI("The udid %{public}s is identical bind.", GetAnonyString(udid).c_str());
752 return DM_OK;
753 }
754 }
755 }
756 return ERR_DM_FAILED;
757 }
758
CheckAccessControl(const DmAccessCaller &caller, const std::string &srcUdid, const DmAccessCallee &callee, const std::string &sinkUdid)759 int32_t DeviceProfileConnector::CheckAccessControl(const DmAccessCaller &caller, const std::string &srcUdid,
760 const DmAccessCallee &callee, const std::string &sinkUdid)
761 {
762 LOGI("PkgName %{public}s, srcUdid %{public}s, sinkUdid %{public}s",
763 caller.pkgName.c_str(), GetAnonyString(srcUdid).c_str(), GetAnonyString(sinkUdid).c_str());
764 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
765 for (auto &item : profiles) {
766 if (item.GetStatus() != ACTIVE || (item.GetTrustDeviceId() != sinkUdid &&
767 item.GetTrustDeviceId() != srcUdid)) {
768 continue;
769 }
770 if (SingleUserProcess(item, caller, callee)) {
771 return DM_OK;
772 }
773 }
774 return ERR_DM_FAILED;
775 }
776
SingleUserProcess(const DistributedDeviceProfile::AccessControlProfile &profile, const DmAccessCaller &caller, const DmAccessCallee &callee)777 bool DeviceProfileConnector::SingleUserProcess(const DistributedDeviceProfile::AccessControlProfile &profile,
778 const DmAccessCaller &caller, const DmAccessCallee &callee)
779 {
780 LOGI("BindType %{public}d, bindLevel %{public}d.",
781 profile.GetBindType(), profile.GetBindLevel());
782 uint32_t bindType = profile.GetBindType();
783 bool ret = false;
784 switch (bindType) {
785 case DM_IDENTICAL_ACCOUNT:
786 ret = true;
787 break;
788 case DM_POINT_TO_POINT:
789 if (profile.GetBindLevel() == DEVICE || profile.GetBindLevel() == SERVICE) {
790 ret = true;
791 } else if (profile.GetBindLevel() == APP &&
792 profile.GetAccesser().GetAccesserBundleName() == caller.pkgName) {
793 ret = true;
794 }
795 break;
796 case DM_ACROSS_ACCOUNT:
797 if (profile.GetBindLevel() == DEVICE || profile.GetBindLevel() == SERVICE) {
798 ret = true;
799 } else if (profile.GetBindLevel() == APP &&
800 profile.GetAccesser().GetAccesserBundleName() == caller.pkgName) {
801 ret = true;
802 }
803 break;
804 default:
805 LOGE("unknown bind type %{public}d.", bindType);
806 break;
807 }
808 return ret;
809 }
810
CheckIsSameAccount(const DmAccessCaller &caller, const std::string &srcUdid, const DmAccessCallee &callee, const std::string &sinkUdid)811 int32_t DeviceProfileConnector::CheckIsSameAccount(const DmAccessCaller &caller, const std::string &srcUdid,
812 const DmAccessCallee &callee, const std::string &sinkUdid)
813 {
814 LOGI("DeviceProfileConnector::CheckIsSameAccount pkgName %{public}s, srcUdid %{public}s, sinkUdid %{public}s",
815 caller.pkgName.c_str(), GetAnonyString(srcUdid).c_str(), GetAnonyString(sinkUdid).c_str());
816 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
817 for (auto &item : profiles) {
818 if (item.GetStatus() != ACTIVE || (item.GetTrustDeviceId() != sinkUdid &&
819 item.GetTrustDeviceId() != srcUdid)) {
820 continue;
821 }
822 if (item.GetBindType() == DM_IDENTICAL_ACCOUNT) {
823 LOGI("The udid %{public}s is identical bind.", GetAnonyString(item.GetTrustDeviceId()).c_str());
824 return DM_OK;
825 }
826 }
827 return ERR_DM_FAILED;
828 }
829
GetBindLevel(const std::string &pkgName, const std::string &localUdid, const std::string &udid, uint64_t &tokenId)830 int32_t DeviceProfileConnector::GetBindLevel(const std::string &pkgName, const std::string &localUdid,
831 const std::string &udid, uint64_t &tokenId)
832 {
833 LOGI("pkgName %{public}s, tokenId %{public}" PRId64", udid %{public}s.", pkgName.c_str(),
834 tokenId, GetAnonyString(udid).c_str());
835 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
836 int32_t bindLevel = INVALIED_TYPE;
837 for (auto &item : profiles) {
838 if (item.GetTrustDeviceId() != udid) {
839 continue;
840 }
841 if (item.GetAccesser().GetAccesserBundleName() == pkgName &&
842 item.GetAccesser().GetAccesserDeviceId() == localUdid &&
843 item.GetAccessee().GetAccesseeDeviceId() == udid) {
844 tokenId = static_cast<uint64_t>(item.GetAccesser().GetAccesserTokenId());
845 bindLevel = static_cast<int32_t>(item.GetBindLevel());
846 LOGI("Src get bindLevel %{public}d, tokenid %{public}" PRId64".", bindLevel, tokenId);
847 continue;
848 }
849 if (item.GetAccessee().GetAccesseeBundleName() == pkgName &&
850 item.GetAccessee().GetAccesseeDeviceId() == localUdid &&
851 item.GetAccesser().GetAccesserDeviceId() == udid) {
852 tokenId = item.GetAccessee().GetAccesseeTokenId();
853 bindLevel = static_cast<int32_t>(item.GetBindLevel());
854 LOGI("Sink get bindLevel %{public}d, tokenid %{public}" PRId64".", bindLevel, tokenId);
855 continue;
856 }
857 }
858 return bindLevel;
859 }
860
GetDeviceIdAndBindType(int32_t userId, const std::string &accountId, const std::string &localUdid)861 std::map<std::string, int32_t> DeviceProfileConnector::GetDeviceIdAndBindType(int32_t userId,
862 const std::string &accountId, const std::string &localUdid)
863 {
864 LOGI("userId %{public}d, accountId %{public}s.", userId, GetAnonyString(accountId).c_str());
865 std::vector<AccessControlProfile> profiles = GetAccessControlProfileByUserId(userId);
866 std::map<std::string, int32_t> deviceIdMap;
867 for (const auto &item : profiles) {
868 if (item.GetAccesser().GetAccesserUserId() == userId &&
869 item.GetAccesser().GetAccesserAccountId() == accountId &&
870 item.GetAccesser().GetAccesserDeviceId() == localUdid) {
871 LOGI("Account logout localUdid %{public}s is src.", GetAnonyString(localUdid).c_str());
872 UpdateBindType(item.GetTrustDeviceId(), item.GetBindType(), deviceIdMap);
873 continue;
874 }
875 if (item.GetAccessee().GetAccesseeUserId() == userId &&
876 item.GetAccessee().GetAccesseeAccountId() == accountId &&
877 item.GetAccessee().GetAccesseeDeviceId() == localUdid) {
878 LOGI("Account logout localUdid %{public}s is sink.", GetAnonyString(localUdid).c_str());
879 UpdateBindType(item.GetTrustDeviceId(), item.GetBindType(), deviceIdMap);
880 continue;
881 }
882 }
883 return deviceIdMap;
884 }
885
UpdateBindType(const std::string &udid, int32_t bindType, std::map<std::string, int32_t> &deviceMap)886 void DeviceProfileConnector::UpdateBindType(const std::string &udid, int32_t bindType,
887 std::map<std::string, int32_t> &deviceMap)
888 {
889 LOGI("BindType %{public}d.", bindType);
890 if (deviceMap.find(udid) == deviceMap.end()) {
891 deviceMap[udid] = bindType;
892 } else {
893 deviceMap[udid] = std::min(deviceMap[udid], bindType);
894 }
895 }
896
HandleAccountLogoutEvent(int32_t remoteUserId, const std::string &remoteAccountHash, const std::string &remoteUdid, const std::string &localUdid)897 int32_t DeviceProfileConnector::HandleAccountLogoutEvent(int32_t remoteUserId, const std::string &remoteAccountHash,
898 const std::string &remoteUdid, const std::string &localUdid)
899 {
900 LOGI("RemoteUserId %{public}d, remoteAccountHash %{public}s, remoteUdid %{public}s, localUdid %{public}s.",
901 remoteUserId, GetAnonyString(remoteAccountHash).c_str(), GetAnonyString(remoteUdid).c_str(),
902 GetAnonyString(localUdid).c_str());
903 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
904 int32_t bindType = DM_INVALIED_BINDTYPE;
905 for (const auto &item : profiles) {
906 if (item.GetTrustDeviceId() != remoteUdid) {
907 continue;
908 }
909 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
910 bindType = DM_IDENTICAL_ACCOUNT;
911 }
912 return bindType;
913 }
914
HandleDevUnBindEvent(int32_t remoteUserId, const std::string &remoteUdid, const std::string &localUdid)915 int32_t DeviceProfileConnector::HandleDevUnBindEvent(int32_t remoteUserId, const std::string &remoteUdid,
916 const std::string &localUdid)
917 {
918 LOGI("RemoteUserId %{public}d, remoteUdid %{public}s, localUdid %{public}s.", remoteUserId,
919 GetAnonyString(remoteUdid).c_str(), GetAnonyString(localUdid).c_str());
920 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
921 int32_t bindType = DM_INVALIED_BINDTYPE;
922 for (const auto &item : profiles) {
923 if (item.GetTrustDeviceId() != remoteUdid) {
924 continue;
925 }
926 if (item.GetBindType() == DM_IDENTICAL_ACCOUNT) {
927 bindType = DM_IDENTICAL_ACCOUNT;
928 continue;
929 }
930 if (item.GetAccesser().GetAccesserDeviceId() == remoteUdid &&
931 item.GetAccessee().GetAccesseeDeviceId() == localUdid) {
932 LOGI("Src device unbind.");
933 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
934 bindType = std::min(bindType, static_cast<int32_t>(item.GetBindType()));
935 continue;
936 }
937 if (item.GetAccessee().GetAccesseeDeviceId() == remoteUdid &&
938 item.GetAccesser().GetAccesserDeviceId() == localUdid) {
939 LOGI("Sink device unbind.");
940 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
941 bindType = std::min(bindType, static_cast<int32_t>(item.GetBindType()));
942 continue;
943 }
944 }
945 return bindType;
946 }
947
HandleAppUnBindEvent(int32_t remoteUserId, const std::string &remoteUdid, int32_t tokenId, const std::string &localUdid)948 std::string DeviceProfileConnector::HandleAppUnBindEvent(int32_t remoteUserId, const std::string &remoteUdid,
949 int32_t tokenId, const std::string &localUdid)
950 {
951 LOGI("RemoteUserId %{public}d, remoteUdid %{public}s, tokenId %{public}d, localUdid %{public}s.",
952 remoteUserId, GetAnonyString(remoteUdid).c_str(), tokenId, GetAnonyString(localUdid).c_str());
953 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
954 std::string pkgName = "";
955 for (const auto &item : profiles) {
956 if (item.GetTrustDeviceId() != remoteUdid || item.GetBindType() == DM_IDENTICAL_ACCOUNT ||
957 item.GetBindLevel() != APP) {
958 continue;
959 }
960 if (item.GetAccesser().GetAccesserUserId() == remoteUserId &&
961 item.GetAccesser().GetAccesserDeviceId() == remoteUdid &&
962 static_cast<int32_t>(item.GetAccesser().GetAccesserTokenId()) == tokenId &&
963 item.GetAccessee().GetAccesseeDeviceId() == localUdid) {
964 LOGI("Src device unbind.");
965 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
966 pkgName = item.GetAccesser().GetAccesserBundleName();
967 continue;
968 }
969 if (item.GetAccessee().GetAccesseeUserId() == remoteUserId &&
970 item.GetAccessee().GetAccesseeDeviceId() == remoteUdid &&
971 static_cast<int32_t>(item.GetAccessee().GetAccesseeTokenId()) == tokenId &&
972 item.GetAccesser().GetAccesserDeviceId() == localUdid) {
973 LOGI("Sink device unbind.");
974 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
975 pkgName = item.GetAccessee().GetAccesseeBundleName();
976 continue;
977 }
978 }
979 return pkgName;
980 }
981
GetAllAccessControlProfile()982 std::vector<AccessControlProfile> DeviceProfileConnector::GetAllAccessControlProfile()
983 {
984 std::vector<AccessControlProfile> profiles;
985 if (DistributedDeviceProfileClient::GetInstance().GetAllAccessControlProfile(profiles) != DM_OK) {
986 LOGE("DP failed.");
987 }
988 return profiles;
989 }
990
DeleteAccessControlById(int64_t accessControlId)991 void DeviceProfileConnector::DeleteAccessControlById(int64_t accessControlId)
992 {
993 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(accessControlId);
994 }
995
CreateDpConnectorInstance()996 IDeviceProfileConnector *CreateDpConnectorInstance()
997 {
998 return &DeviceProfileConnector::GetInstance();
999 }
1000 } // namespace DistributedHardware
1001 } // namespace OHOS
1002