1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "disallow_add_local_account_plugin.h"
17
18 #include "edm_ipc_interface_code.h"
19 #include "os_account_manager.h"
20 #include "plugin_manager.h"
21
22 namespace OHOS {
23 namespace EDM {
24 const bool REGISTER_RESULT = PluginManager::GetInstance()->AddPlugin(DisallowAddLocalAccountPlugin::GetPlugin());
25
InitPlugin(std::shared_ptr<IPluginTemplate<DisallowAddLocalAccountPlugin,bool>> ptr)26 void DisallowAddLocalAccountPlugin::InitPlugin(
27 std::shared_ptr<IPluginTemplate<DisallowAddLocalAccountPlugin, bool>> ptr)
28 {
29 EDMLOGI("DisallowAddLocalAccountPlugin InitPlugin...");
30 ptr->InitAttribute(EdmInterfaceCode::DISALLOW_ADD_LOCAL_ACCOUNT, "disallow_add_local_account",
31 "ohos.permission.ENTERPRISE_SET_ACCOUNT_POLICY", IPlugin::PermissionType::SUPER_DEVICE_ADMIN, true);
32 ptr->SetSerializer(BoolSerializer::GetInstance());
33 ptr->SetOnHandlePolicyListener(&DisallowAddLocalAccountPlugin::OnSetPolicy, FuncOperateType::SET);
34 ptr->SetOnAdminRemoveListener(&DisallowAddLocalAccountPlugin::OnAdminRemove);
35 }
36
OnSetPolicy(bool & data)37 ErrCode DisallowAddLocalAccountPlugin::OnSetPolicy(bool &data)
38 {
39 return SetGlobalOsAccountConstraints(data);
40 }
41
OnGetPolicy(std::string & policyData,MessageParcel & data,MessageParcel & reply,int32_t userId)42 ErrCode DisallowAddLocalAccountPlugin::OnGetPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply,
43 int32_t userId)
44 {
45 EDMLOGI("DisallowAddLocalAccountPlugin OnGetPolicy %{public}s...", policyData.c_str());
46 bool isDisallowed = false;
47 pluginInstance_->serializer_->Deserialize(policyData, isDisallowed);
48 reply.WriteInt32(ERR_OK);
49 reply.WriteBool(isDisallowed);
50 return ERR_OK;
51 }
52
OnAdminRemove(const std::string & adminName,bool & data,int32_t userId)53 ErrCode DisallowAddLocalAccountPlugin::OnAdminRemove(const std::string &adminName, bool &data, int32_t userId)
54 {
55 return data ? SetGlobalOsAccountConstraints(!data) : ERR_OK;
56 }
57
SetGlobalOsAccountConstraints(bool data)58 ErrCode DisallowAddLocalAccountPlugin::SetGlobalOsAccountConstraints(bool data)
59 {
60 std::vector<std::string> constraints = {"constraint.os.account.create.directly"};
61 std::vector<int32_t> ids;
62 AccountSA::OsAccountManager::QueryActiveOsAccountIds(ids);
63 if (ids.empty()) {
64 EDMLOGE("DisallowAddLocalAccountPlugin QueryActiveOsAccountIds failed");
65 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
66 }
67 ErrCode ret = AccountSA::OsAccountManager::SetGlobalOsAccountConstraints(constraints, data, ids.at(0), true);
68 if (FAILED(ret)) {
69 EDMLOGE("DisallowAddLocalAccountPlugin SetGlobalOsAccountConstraints failed");
70 return EdmReturnErrCode::SYSTEM_ABNORMALLY;
71 }
72 return ERR_OK;
73 }
74 } // namespace EDM
75 } // namespace OHOS
76