diff --git a/common/native/include/edm_constants.h b/common/native/include/edm_constants.h index 0ed053972d3d7015289625a83507bce1126787af..54375514d1a738594331a666cf8e08bb21b302d3 100644 --- a/common/native/include/edm_constants.h +++ b/common/native/include/edm_constants.h @@ -163,6 +163,9 @@ namespace EdmConstants { const char* const LABEL_DISALLOWED_POLICY_PRIVATE_SPACE = "privateSpace"; const char* const LABEL_DISALLOWED_POLICY_EXPORT_RECOVERY_KEY = "diskRecoveryKey"; const char* const LABEL_DISALLOWED_POLICY_PRINT = "print"; + const char* const LABEL_DISALLOWED_POLICY_RANDOM_MAC_ADDRESS = "randomMac"; + const char* const LABEL_DISALLOWED_POLICY_EXTERNAL_STORAGE_CARD = "externalStorageCard"; + const char* const LABEL_DISALLOWED_POLICY_APP_CLONE = "appClone"; } // namespace Restrictions namespace SecurityManager { @@ -271,6 +274,7 @@ namespace PolicyName { const char* const POLICY_ALLOWED_INSTALL_BUNDLES = "allowed_install_bundles"; const char* const POLICY_ALLOWED_USB_DEVICES = "allowed_usb_devices"; const char* const POLICY_CLIPBOARD_POLICY = "clipboard_policy"; + const char* const POLICY_DISABLED_APP_CLONE = "disabled_app_clone"; const char* const POLICY_DISABLED_BLUETOOTH = "disabled_bluetooth"; const char* const POLICY_DISABLE_CAMERA = "disable_camera"; const char* const POLICY_DISABLED_HDC = "disabled_hdc"; @@ -307,8 +311,7 @@ namespace PolicyName { const char* const POLICY_GET_NETWORK_INTERFACES = "get_network_interfaces"; const char* const POLICY_GET_BLUETOOTH_INFO = "get_bluetooth_info"; const char* const POLICY_GET_DEVICE_INFO = "get_device_info"; - const char* const POLICY_GET_IP_ADDRESS = "get_ip_address"; - const char* const POLICY_GET_MAC = "get_mac"; + const char* const POLICY_GET_IP_OR_MAC_ADDRESS = "get_ip_or_mac_address"; const char* const POLICY_GLOBAL_PROXY = "global_proxy"; const char* const POLICY_INACTIVE_USER_FREEZE = "inactive_user_freeze"; const char* const POLICY_INSTALL = "install"; @@ -370,6 +373,8 @@ namespace PolicyName { const char* const POLICY_GET_SECURITY_PATCH_TAG = "get_security_patch_tag"; const char* const POLICY_POLICY_SCREEN_SHOT = "policy_screen_shot"; const char* const POLICY_POLICY_SCREEN_RECORD = "policy_screen_record"; + const char* const POLICY_DISALLOWED_RANDOM_MAC_ADDRESS = "disallowed_random_mac_address"; + const char* const POLICY_DISALLOWED_EXTERNAL_STORAGE_CARD = "disallowed_external_storage_card"; const char* const POLICY_ALLOW_ALL = "allow_all"; const char* const POLICY_DISABLED_PRINT = "disabled_print"; } // namespace PolicyName diff --git a/common/native/include/edm_errors.h b/common/native/include/edm_errors.h index 846eb274c2fe342d0998609557f74400e4a78014..373e919d4ce02c84162418a9b0c2495b8987b909 100644 --- a/common/native/include/edm_errors.h +++ b/common/native/include/edm_errors.h @@ -51,6 +51,7 @@ namespace EdmReturnErrCode { constexpr uint32_t CONFIGURATION_CONFLICT_FAILED = 9200010; constexpr uint32_t REPLACE_ADMIN_FAILED = 9200011; constexpr uint32_t PARAMETER_VERIFICATION_FAILED = 9200012; + constexpr uint32_t DISALLOW_NOT_TAKE_EFFECT = 9200013; constexpr uint32_t MANAGED_CERTIFICATE_FAILED = 9201001; constexpr uint32_t APPLICATION_INSTALL_FAILED = 9201002; diff --git a/interfaces/inner_api/BUILD.gn b/interfaces/inner_api/BUILD.gn index 1605ebe3373dd6d61e94e3bbf7fcd635329eadff..68e375ed97269e6a40baed3d14d1c63e07a4e2ce 100644 --- a/interfaces/inner_api/BUILD.gn +++ b/interfaces/inner_api/BUILD.gn @@ -77,6 +77,7 @@ ohos_shared_library("edmservice_kits") { "./wifi_manager/src/wifi_manager_proxy.cpp", "./telephony_manager/src/telephony_manager_proxy.cpp", "./telephony_manager/src/telephony_call_policy_serializer.cpp", + "../../common/native/src/edm_utils.cpp" ] innerapi_tags = [ "platformsdk" ] diff --git a/interfaces/inner_api/application_manager/src/application_manager_proxy.cpp b/interfaces/inner_api/application_manager/src/application_manager_proxy.cpp index 9bc08046f288b4e1fce8fab310079d9e506faf73..48c9a4b436abba030f7f8586816ffcb79dea85e2 100644 --- a/interfaces/inner_api/application_manager/src/application_manager_proxy.cpp +++ b/interfaces/inner_api/application_manager/src/application_manager_proxy.cpp @@ -293,7 +293,6 @@ int32_t ApplicationManagerProxy::IsAppKioskAllowed(const std::string &appIdentif return ERR_OK; } - int32_t ApplicationManagerProxy::ClearUpApplicationData( const AppExecFwk::ElementName &admin, const ClearUpApplicationDataParam ¶m) { diff --git a/interfaces/inner_api/common/include/edm_ipc_interface_code.h b/interfaces/inner_api/common/include/edm_ipc_interface_code.h index 7c063922b25ea67c7d7727b8e817546b62d47eca..2b016dc1da3ddc23d553f0011d5792933af6c844 100644 --- a/interfaces/inner_api/common/include/edm_ipc_interface_code.h +++ b/interfaces/inner_api/common/include/edm_ipc_interface_code.h @@ -154,10 +154,13 @@ enum EdmInterfaceCode : uint32_t { DISALLOWED_TELEPHONY_CALL = 1109, DISALLOWED_NEARLINK_PROTOCOLS = 1110, DISABLE_PRIVATE_SPACE = 1111, - DISALLOWED_EXPORT_RECOVERY_KEY = 1112, + DISALLOWED_EXPORT_RECOVERY_KEY = 1112, DISABLED_PRINT = 1113, PERMISSION_MANAGED_STATE = 1114, SET_WALL_PAPER = 1115, + DISABLED_APP_CLONE = 1116, + DISALLOWED_RANDOM_MAC_ADDRESS = 1117, + DISALLOWED_EXTERNAL_STORAGE_CARD = 1118, POLICY_CODE_END = 3000, }; } // namespace EDM diff --git a/interfaces/inner_api/network_manager/include/network_address.h b/interfaces/inner_api/network_manager/include/network_address.h new file mode 100644 index 0000000000000000000000000000000000000000..0d73916f8b007ae7394665a0a1eca8f93db5c287 --- /dev/null +++ b/interfaces/inner_api/network_manager/include/network_address.h @@ -0,0 +1,28 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_INNER_API_NETWORK_MANAGER_INCLUDE_NETWORK_ADDRESS_H +#define INTERFACES_INNER_API_NETWORK_MANAGER_INCLUDE_NETWORK_ADDRESS_H + +namespace OHOS { +namespace EDM { +enum NetworkAddress : int32_t { + IPADDRESS = 0, + MAC = 1 +}; +} // namespace EDM +} // namespace OHOS + +#endif // INTERFACES_INNER_API_NETWORK_MANAGER_INCLUDE_NETWORK_ADDRESS_H \ No newline at end of file diff --git a/interfaces/inner_api/network_manager/src/network_manager_proxy.cpp b/interfaces/inner_api/network_manager/src/network_manager_proxy.cpp index 66af7728ce7b7fdd25647fbe0bb855fbe6e2ea6b..4439751eb8720e4a2026c13412b00ef01dc71593 100644 --- a/interfaces/inner_api/network_manager/src/network_manager_proxy.cpp +++ b/interfaces/inner_api/network_manager/src/network_manager_proxy.cpp @@ -25,6 +25,7 @@ namespace EDM { std::shared_ptr NetworkManagerProxy::instance_ = nullptr; std::once_flag NetworkManagerProxy::flag_; const std::u16string DESCRIPTOR = u"ohos.edm.IEnterpriseDeviceMgr"; +constexpr int32_t POLICIES_MAX_SIZE = 200; NetworkManagerProxy::NetworkManagerProxy() {} @@ -496,7 +497,7 @@ int32_t NetworkManagerProxy::QueryApn(const AppExecFwk::ElementName &admin, cons } int32_t size = reply.ReadInt32(); - if (size > EdmConstants::POLICIES_MAX_SIZE) { + if (size > POLICIES_MAX_SIZE) { EDMLOGE("EnterpriseDeviceMgrProxy:QueryApn invalid size: %{public}d", size); return EdmReturnErrCode::SYSTEM_ABNORMALLY; } @@ -544,7 +545,7 @@ int32_t NetworkManagerProxy::QueryApnIds(const AppExecFwk::ElementName &admin, } int32_t size = reply.ReadInt32(); - if (size > EdmConstants::POLICIES_MAX_SIZE) { + if (size > POLICIES_MAX_SIZE) { EDMLOGE("EnterpriseDeviceMgrProxy:QueryApnIds invalid size: %{public}d", size); return EdmReturnErrCode::SYSTEM_ABNORMALLY; } diff --git a/interfaces/inner_api/plugin_kits/include/iplugin_template.tpp b/interfaces/inner_api/plugin_kits/include/iplugin_template.tpp index ede6fa9560db820a377ec4a8e599a55176135236..1f9d1c19d5c817d56ab44083a1e5925bc478f154 100644 --- a/interfaces/inner_api/plugin_kits/include/iplugin_template.tpp +++ b/interfaces/inner_api/plugin_kits/include/iplugin_template.tpp @@ -303,7 +303,6 @@ void IPluginTemplate::SetOnAdminRemoveListener(BiAdminFunction &&listene } auto adminRemove = [this](const std::string &adminName, const std::string ¤tJsonData, const std::string &mergeJsonData, int32_t userId) -> ErrCode { - EDMLOGI("currentJsonData = %{public}s, mergeJsonData=%{public}s", currentJsonData.c_str(), mergeJsonData.c_str()); DT currentData; if (!serializer_->Deserialize(currentJsonData, currentData)) { return ERR_EDM_OPERATE_JSON; diff --git a/interfaces/inner_api/plugin_kits/src/utils/array_int_serializer.cpp b/interfaces/inner_api/plugin_kits/src/utils/array_int_serializer.cpp index de38831a994a95fe2b7698910192519e0ee9238d..bd7e1ef7eeca8b2f53b994f41c99fa16a53c07df 100644 --- a/interfaces/inner_api/plugin_kits/src/utils/array_int_serializer.cpp +++ b/interfaces/inner_api/plugin_kits/src/utils/array_int_serializer.cpp @@ -16,7 +16,6 @@ #include "array_int_serializer.h" #include "cJSON.h" #include "cjson_check.h" -#include "edm_constants.h" namespace OHOS { namespace EDM { diff --git a/interfaces/inner_api/system_manager/src/system_manager_proxy.cpp b/interfaces/inner_api/system_manager/src/system_manager_proxy.cpp index c99c2364245b382b683c19ef614be8e746668a1a..b20d1c9dbdc1820e37d07440952120f58692a9b5 100644 --- a/interfaces/inner_api/system_manager/src/system_manager_proxy.cpp +++ b/interfaces/inner_api/system_manager/src/system_manager_proxy.cpp @@ -195,7 +195,6 @@ int32_t SystemManagerProxy::GetInstallLocalEnterpriseAppEnabled(MessageParcel &d return ERR_OK; } - int32_t SystemManagerProxy::AddOrRemoveDisallowedNearlinkProtocols(MessageParcel &data, FuncOperateType operateType) { EDMLOGD("SystemManagerProxy::AddOrRemoveDisallowedNearlinkProtocols"); diff --git a/interfaces/kits/bluetooth_manager/BUILD.gn b/interfaces/kits/bluetooth_manager/BUILD.gn index 521a1ac14f3c01f6876551f2c497bd2d22381ea5..772c250cadd582f523cec636ed52bd76454c50f1 100644 --- a/interfaces/kits/bluetooth_manager/BUILD.gn +++ b/interfaces/kits/bluetooth_manager/BUILD.gn @@ -20,7 +20,8 @@ ohos_shared_library("bluetoothmanager") { ] sources = [ - "./src/bluetooth_manager_addon.cpp" + "./src/bluetooth_manager_addon.cpp", + "../../../common/native/src/edm_utils.cpp" ] configs = [ "../../../common/config:coverage_flags" ] diff --git a/interfaces/kits/bluetooth_manager/src/bluetooth_manager_addon.cpp b/interfaces/kits/bluetooth_manager/src/bluetooth_manager_addon.cpp index 8c73f65b3e16614fe3f6d5e75ab4321720a2d81b..fbe038227afcdb6c496f7c02dcef1c26618b02ea 100644 --- a/interfaces/kits/bluetooth_manager/src/bluetooth_manager_addon.cpp +++ b/interfaces/kits/bluetooth_manager/src/bluetooth_manager_addon.cpp @@ -17,6 +17,7 @@ #include "edm_constants.h" #include "edm_log.h" +#include "edm_utils.h" #include "errors.h" #include "js_native_api.h" #include "napi_edm_adapter.h" @@ -174,6 +175,7 @@ napi_value BluetoothManagerAddon::GetBluetoothDevices(napi_env env, napi_callbac for (size_t i = 0; i < deviceIds.size(); i++) { napi_value allowedDevices = nullptr; NAPI_CALL(env, napi_create_string_utf8(env, deviceIds[i].c_str(), NAPI_AUTO_LENGTH, &allowedDevices)); + EdmUtils::ClearString(deviceIds[i]); NAPI_CALL(env, napi_set_element(env, result, i, allowedDevices)); } return result; diff --git a/interfaces/kits/browser/include/browser_addon.h b/interfaces/kits/browser/include/browser_addon.h index f0a2a5a71fa9c7f965b9130c90e95b6d792c52ac..272b51b8838c5324153a704c60217294265401f7 100644 --- a/interfaces/kits/browser/include/browser_addon.h +++ b/interfaces/kits/browser/include/browser_addon.h @@ -31,6 +31,7 @@ struct AsyncBrowserCallbackInfo : AsyncCallbackInfo { std::string policies; napi_value value; }; +constexpr int32_t MAX_POLICY_FILE_SIZE = 134217728; // 128*1024*1024 class BrowserAddon { public: diff --git a/interfaces/kits/browser/src/browser_addon.cpp b/interfaces/kits/browser/src/browser_addon.cpp index 8329cf36fc1e66b4f2c1214e7571616bc63f11f9..b0c80a8ffbcd94fbc383dc026efb364b581d9684 100644 --- a/interfaces/kits/browser/src/browser_addon.cpp +++ b/interfaces/kits/browser/src/browser_addon.cpp @@ -343,7 +343,7 @@ napi_value BrowserAddon::CreateArrayBuffer(napi_env env, void* data, int32_t siz napi_throw(env, CreateError(env, EdmReturnErrCode::SYSTEM_ABNORMALLY)); return nullptr; } - if (size < 0) { + if (size < 0 || size > MAX_POLICY_FILE_SIZE) { EDMLOGE("BrowserAddon::CreateArrayBuffer size error.size:%{public}d", size); napi_throw(env, CreateError(env, EdmReturnErrCode::SYSTEM_ABNORMALLY)); return nullptr; diff --git a/interfaces/kits/network_manager/BUILD.gn b/interfaces/kits/network_manager/BUILD.gn index 41bf1ecbb138eff5e5df593e82099a675bb1cb73..ac33eca1d4fc9f06e28e6c59bcb4a3fa0f9d7b62 100644 --- a/interfaces/kits/network_manager/BUILD.gn +++ b/interfaces/kits/network_manager/BUILD.gn @@ -57,7 +57,7 @@ ohos_shared_library("networkmanager") { if (!enterprise_device_management_feature_pc_only && cellular_data_edm_enable) { defines += [ "CELLULAR_DATA_EDM_ENABLE" ] } - + relative_install_dir = "module/enterprise" sanitize = { boundary_sanitize = true diff --git a/interfaces/kits/network_manager/include/network_manager_addon.h b/interfaces/kits/network_manager/include/network_manager_addon.h index 84dfe23062575b06048071c5bda1f664f16bdf68..40eaedde8a10e42dc30801c812a1cdeb2223f7af 100644 --- a/interfaces/kits/network_manager/include/network_manager_addon.h +++ b/interfaces/kits/network_manager/include/network_manager_addon.h @@ -46,7 +46,9 @@ private: static napi_value GetAllNetworkInterfaces(napi_env env, napi_callback_info info); static napi_value GetIpAddress(napi_env env, napi_callback_info info); static napi_value GetMac(napi_env env, napi_callback_info info); - static napi_value GetIpOrMacAddress(napi_env env, napi_callback_info info, int policyCode); + static napi_value GetIpOrMacAddress(napi_env env, napi_callback_info info, int32_t networkAddress); + static void NativeGetIpAddress(napi_env env, void *data); + static void NativeGetMac(napi_env env, void *data); static napi_value SetNetworkInterfaceDisabled(napi_env env, napi_callback_info info); static napi_value IsNetworkInterfaceDisabled(napi_env env, napi_callback_info info); static napi_value AddIptablesFilterRule(napi_env env, napi_callback_info info); @@ -59,7 +61,7 @@ private: static napi_value RemoveDomainFilterRule(napi_env env, napi_callback_info info); static napi_value GetDomainFilterRules(napi_env env, napi_callback_info info); static void NativeGetAllNetworkInterfaces(napi_env env, void *data); - static void NativeGetIpOrMacAddress(napi_env env, void *data); + static void NativeGetIpOrMacAddress(napi_env env, void *data, int32_t networkAddress); static void NativeSetNetworkInterfaceDisabled(napi_env env, void *data); static void NativeIsNetworkInterfaceDisabled(napi_env env, void *data); static void NativeAddIptalbsFilterRule(napi_env env, void *data); @@ -92,7 +94,7 @@ private: static napi_value GetAllNetworkInterfacesSync(napi_env env, napi_callback_info info); static napi_value GetIpAddressSync(napi_env env, napi_callback_info info); static napi_value GetMacSync(napi_env env, napi_callback_info info); - static napi_value GetIpOrMacAddressSync(napi_env env, napi_callback_info info, int policyCode); + static napi_value GetIpOrMacAddressSync(napi_env env, napi_callback_info info, int32_t networkAddress); static napi_value SetNetworkInterfaceDisabledSync(napi_env env, napi_callback_info info); static napi_value IsNetworkInterfaceDisabledSync(napi_env env, napi_callback_info info); static napi_value SetGlobalHttpProxySync(napi_env env, napi_callback_info info); @@ -104,8 +106,7 @@ private: static napi_value GetGlobalHttpProxyCommon(napi_env env, napi_value *argv, size_t argc, bool hasAdmin, OHOS::AppExecFwk::ElementName &elementName, int32_t accountId); static void SetNetworkInterfaceDisabledCommon(AddonMethodSign &addonMethodSign, const std::string &apiVersionTag); - static void GetIpOrMacAddressCommon(AddonMethodSign &addonMethodSign, const std::string &apiVersionTag, - int32_t policyCode); + static void GetIpOrMacAddressCommon(AddonMethodSign &addonMethodSign, const std::string &apiVersionTag); static void IsNetworkInterfaceDisabledCommon(AddonMethodSign &addonMethodSign, const std::string &apiVersionTag); static void SetGlobalHttpProxyCommon(AddonMethodSign &addonMethodSign); static void SetGlobalHttpProxyCommonForAccount(AddonMethodSign &addonMethodSign); diff --git a/interfaces/kits/network_manager/src/network_manager_addon.cpp b/interfaces/kits/network_manager/src/network_manager_addon.cpp index 797df02b04200295f12c526856ee416f63e86a83..96d5ce2e9c1667abdd295b076512683c08015460 100644 --- a/interfaces/kits/network_manager/src/network_manager_addon.cpp +++ b/interfaces/kits/network_manager/src/network_manager_addon.cpp @@ -18,7 +18,7 @@ #include "edm_ipc_interface_code.h" #include "edm_log.h" #include "iptables_utils.h" -#include "os_account_manager.h" +#include "network_address.h" using namespace OHOS::EDM; using namespace OHOS::EDM::IPTABLES; @@ -198,36 +198,47 @@ void NetworkManagerAddon::NativeGetAllNetworkInterfaces(napi_env env, void *data asyncCallbackInfo->arrayStringRet); } -void NetworkManagerAddon::GetIpOrMacAddressCommon(AddonMethodSign &addonMethodSign, const std::string &apiVersionTag, - int32_t policyCode) +void NetworkManagerAddon::GetIpOrMacAddressCommon(AddonMethodSign &addonMethodSign, const std::string &apiVersionTag) { addonMethodSign.name = "GetIpOrMacAddress"; addonMethodSign.argsType = {EdmAddonCommonType::ELEMENT, EdmAddonCommonType::STRING}; addonMethodSign.methodAttribute = MethodAttribute::GET; addonMethodSign.apiVersionTag = apiVersionTag; - addonMethodSign.policyCode = policyCode; } napi_value NetworkManagerAddon::GetIpAddress(napi_env env, napi_callback_info info) { EDMLOGI("NetworkManagerAddon::GetIpAddress called"); - return GetIpOrMacAddress(env, info, EdmInterfaceCode::GET_IP_ADDRESS); + return GetIpOrMacAddress(env, info, NetworkAddress::IPADDRESS); } napi_value NetworkManagerAddon::GetMac(napi_env env, napi_callback_info info) { EDMLOGI("NetworkManagerAddon::GetMac called"); - return GetIpOrMacAddress(env, info, EdmInterfaceCode::GET_MAC); + return GetIpOrMacAddress(env, info, NetworkAddress::MAC); } -napi_value NetworkManagerAddon::GetIpOrMacAddress(napi_env env, napi_callback_info info, int policyCode) +napi_value NetworkManagerAddon::GetIpOrMacAddress(napi_env env, napi_callback_info info, int32_t networkAddress) { AddonMethodSign addonMethodSign; - GetIpOrMacAddressCommon(addonMethodSign, EdmConstants::PERMISSION_TAG_VERSION_11, policyCode); - return AddonMethodAdapter(env, info, addonMethodSign, NativeGetIpOrMacAddress, NativeStringCallbackComplete); + GetIpOrMacAddressCommon(addonMethodSign, EdmConstants::PERMISSION_TAG_VERSION_11); + if (networkAddress == NetworkAddress::IPADDRESS) { + return AddonMethodAdapter(env, info, addonMethodSign, NativeGetIpAddress, NativeStringCallbackComplete); + } + return AddonMethodAdapter(env, info, addonMethodSign, NativeGetMac, NativeStringCallbackComplete); +} + +void NetworkManagerAddon::NativeGetIpAddress(napi_env env, void *data) +{ + NativeGetIpOrMacAddress(env, data, NetworkAddress::IPADDRESS); +} + +void NetworkManagerAddon::NativeGetMac(napi_env env, void *data) +{ + NativeGetIpOrMacAddress(env, data, NetworkAddress::MAC); } -void NetworkManagerAddon::NativeGetIpOrMacAddress(napi_env env, void *data) +void NetworkManagerAddon::NativeGetIpOrMacAddress(napi_env env, void *data, int32_t networkAddress) { EDMLOGI("NAPI_NativeGetIpOrMacAddress called"); if (data == nullptr) { @@ -235,13 +246,14 @@ void NetworkManagerAddon::NativeGetIpOrMacAddress(napi_env env, void *data) return; } AdapterAddonData *asyncCallbackInfo = static_cast(data); + asyncCallbackInfo->data.WriteInt32(networkAddress); auto networkManagerProxy = NetworkManagerProxy::GetNetworkManagerProxy(); if (networkManagerProxy == nullptr) { EDMLOGE("can not get GetNetworkManagerProxy"); return; } asyncCallbackInfo->ret = networkManagerProxy->GetIpOrMacAddress(asyncCallbackInfo->data, - asyncCallbackInfo->policyCode, asyncCallbackInfo->stringRet); + EdmInterfaceCode::GET_IP_ADDRESS, asyncCallbackInfo->stringRet); } void NetworkManagerAddon::IsNetworkInterfaceDisabledCommon(AddonMethodSign &addonMethodSign, @@ -1062,19 +1074,19 @@ napi_value NetworkManagerAddon::GetAllNetworkInterfacesSync(napi_env env, napi_c napi_value NetworkManagerAddon::GetIpAddressSync(napi_env env, napi_callback_info info) { EDMLOGI("NAPI_GetIpAddressSync called"); - return GetIpOrMacAddressSync(env, info, EdmInterfaceCode::GET_IP_ADDRESS); + return GetIpOrMacAddressSync(env, info, NetworkAddress::IPADDRESS); } napi_value NetworkManagerAddon::GetMacSync(napi_env env, napi_callback_info info) { EDMLOGI("NAPI_GetMacSync called"); - return GetIpOrMacAddressSync(env, info, EdmInterfaceCode::GET_MAC); + return GetIpOrMacAddressSync(env, info, NetworkAddress::MAC); } -napi_value NetworkManagerAddon::GetIpOrMacAddressSync(napi_env env, napi_callback_info info, int policyCode) +napi_value NetworkManagerAddon::GetIpOrMacAddressSync(napi_env env, napi_callback_info info, int32_t networkAddress) { AddonMethodSign addonMethodSign; - GetIpOrMacAddressCommon(addonMethodSign, EdmConstants::PERMISSION_TAG_VERSION_12, policyCode); + GetIpOrMacAddressCommon(addonMethodSign, EdmConstants::PERMISSION_TAG_VERSION_12); AdapterAddonData adapterAddonData{}; if (JsObjectToData(env, info, addonMethodSign, &adapterAddonData) == nullptr) { return nullptr; @@ -1084,8 +1096,10 @@ napi_value NetworkManagerAddon::GetIpOrMacAddressSync(napi_env env, napi_callbac EDMLOGE("can not get GetNetworkManagerProxy"); return nullptr; } + adapterAddonData.data.WriteInt32(networkAddress); std::string ipOrMacInfo; - int32_t ret = networkManagerProxy->GetIpOrMacAddress(adapterAddonData.data, policyCode, ipOrMacInfo); + int32_t ret = networkManagerProxy->GetIpOrMacAddress( + adapterAddonData.data, EdmInterfaceCode::GET_IP_ADDRESS, ipOrMacInfo); if (FAILED(ret)) { napi_throw(env, CreateError(env, ret)); return nullptr; diff --git a/interfaces/kits/restrictions/src/restrictions_addon.cpp b/interfaces/kits/restrictions/src/restrictions_addon.cpp index e4840b955690993b3799b516093cd830b92cb81f..389a5e5a1bbf7886e2b2fd8884857eb8a8d1e74b 100644 --- a/interfaces/kits/restrictions/src/restrictions_addon.cpp +++ b/interfaces/kits/restrictions/src/restrictions_addon.cpp @@ -57,9 +57,14 @@ std::unordered_map RestrictionsAddon::labelCodeMap = { {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_MOBILE_DATA, EdmInterfaceCode::DISALLOWED_MOBILE_DATA}, {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_AIRPLANE_MODE, EdmInterfaceCode::DISALLOWED_AIRPLANE_MODE}, {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_NOTIFICATION, EdmInterfaceCode::DISALLOWED_NOTIFICATION}, + {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_APP_CLONE, EdmInterfaceCode::DISABLED_APP_CLONE}, {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_TELEPHONY_CALL, EdmInterfaceCode::DISALLOWED_TELEPHONY_CALL}, {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_VPN, EdmInterfaceCode::DISALLOW_VPN}, {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_OTA, POLICY_CODE_END + EdmConstants::PolicyCode::DISABLE_OTA}, + {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_RANDOM_MAC_ADDRESS, + EdmInterfaceCode::DISALLOWED_RANDOM_MAC_ADDRESS}, + {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_EXTERNAL_STORAGE_CARD, + EdmInterfaceCode::DISALLOWED_EXTERNAL_STORAGE_CARD}, {EdmConstants::Restrictions::LABEL_DISALLOWED_POLICY_PRIVATE_SPACE, EdmInterfaceCode::DISABLE_PRIVATE_SPACE}, }; diff --git a/interfaces/kits/wifi_manager/src/wifi_manager_addon.cpp b/interfaces/kits/wifi_manager/src/wifi_manager_addon.cpp index 52c829b282b72f8dd68499946d691290dfb14cc5..d1454f13e71537edd657849ab5f1e1b6fb526395 100644 --- a/interfaces/kits/wifi_manager/src/wifi_manager_addon.cpp +++ b/interfaces/kits/wifi_manager/src/wifi_manager_addon.cpp @@ -18,6 +18,7 @@ #include "edm_log.h" #include "message_parcel_utils.h" #include "securec.h" +#include "edm_utils.h" #include "napi_edm_adapter.h" using namespace OHOS::EDM; @@ -334,11 +335,7 @@ bool WifiManagerAddon::GetWifiIdFromNAPI(napi_env env, napi_value value, WifiId return false; } std::string bssid; - if (!JsObjectToString(env, value, "bssid", isAllowed, bssid)) { - EDMLOGE("AddOrRemoveAllowedWifiList bssid parse error!"); - return false; - } - if (isAllowed && bssid.empty()) { + if (!JsObjectToString(env, value, "bssid", false, bssid)) { EDMLOGE("AddOrRemoveAllowedWifiList bssid parse error!"); return false; } @@ -347,7 +344,9 @@ bool WifiManagerAddon::GetWifiIdFromNAPI(napi_env env, napi_value value, WifiId return false; } wifiId.SetSsid(ssid); + EdmUtils::ClearString(ssid); wifiId.SetBssid(bssid); + EdmUtils::ClearString(bssid); return true; } @@ -533,6 +532,8 @@ bool WifiManagerAddon::JsObjToDeviceConfig(napi_env env, napi_value object, Wifi !JsObjectToInt(env, object, "netId", false, config.networkId) || !JsObjectToInt(env, object, "ipType", false, ipType) || !ProcessIpType(ipType, env, object, config.wifiIpConfig)) { + EdmUtils::ClearString(config.ssid); + EdmUtils::ClearString(config.bssid); return false; } if (ret.size() != 0) { diff --git a/services/edm/BUILD.gn b/services/edm/BUILD.gn index b47979842229165e0fd2bfdcdfa3630f949deccc..f320d42d69023d9ebea433b510f9a7d2dc184a16 100644 --- a/services/edm/BUILD.gn +++ b/services/edm/BUILD.gn @@ -95,6 +95,7 @@ ohos_shared_library("edmservice") { "./src/permission_manager.cpp", "./src/plugin_manager.cpp", "./src/policy_manager.cpp", + "./src/query_policy/disable_app_clone_query.cpp", "./src/query_policy/allowed_app_distribution_types_query.cpp", "./src/query_policy/allowed_install_bundles_query.cpp", "./src/query_policy/disable_maintenance_mode_query.cpp", @@ -119,6 +120,7 @@ ohos_shared_library("edmservice") { "./src/query_policy/permission_managed_state_query.cpp", "./src/query_policy/plugin_policy_reader.cpp", "./src/query_policy/snapshot_skip_query.cpp", + "./src/query_policy/disallow_random_mac_address_query.cpp", "./src/strategy/enhance_execute_strategy.cpp", "./src/strategy/replace_execute_strategy.cpp", "./src/strategy/single_execute_strategy.cpp", @@ -206,6 +208,11 @@ ohos_shared_library("edmservice") { defines += [ "USB_STORAGE_SERVICE_EDM_ENABLE" ] } + if (storage_service_edm_enable) { + sources += [ "./src/query_policy/disallow_external_storage_card_query.cpp" ] + defines += [ "EXTERNAL_STORAGE_SERVICE_EDM_ENABLE" ] + } + if (pasteboard_edm_enable) { sources += [ "./src/query_policy/clipboard_policy_query.cpp" ] defines += [ "PASTEBOARD_EDM_ENABLE" ] diff --git a/services/edm/include/query_policy/disable_app_clone_query.h b/services/edm/include/query_policy/disable_app_clone_query.h new file mode 100644 index 0000000000000000000000000000000000000000..b424a941bfceab6e3c19db0c83ee0ff4548e4387 --- /dev/null +++ b/services/edm/include/query_policy/disable_app_clone_query.h @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SERVICES_EDM_INCLUDE_QUERY_POLICY_DISALBE_APP_CLONE_QUERY_H +#define SERVICES_EDM_INCLUDE_QUERY_POLICY_DISALBE_APP_CLONE_QUERY_H + +#include "ipolicy_query.h" + +namespace OHOS { +namespace EDM { + +class DisableAppCloneQuery : public IPolicyQuery { +public: + ~DisableAppCloneQuery() override = default; + + std::string GetPolicyName() override; + + std::string GetPermission(IPlugin::PermissionType, const std::string &permissionTag) override; + + ErrCode QueryPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) override; +}; +} // namespace EDM +} // namespace OHOS + +#endif // SERVICES_EDM_INCLUDE_QUERY_POLICY_DISALBE_APP_CLONE_QUERY_H diff --git a/services/edm/include/query_policy/disable_maintenance_mode_query.h b/services/edm/include/query_policy/disable_maintenance_mode_query.h index 3e0a6696859318a4bd8635f51779ccb31b32d1e0..10c5b7c0a479f54f3db9ce8929fb00cdeb6d9294 100644 --- a/services/edm/include/query_policy/disable_maintenance_mode_query.h +++ b/services/edm/include/query_policy/disable_maintenance_mode_query.h @@ -15,9 +15,9 @@ #ifndef SERVICES_EDM_INCLUDE_QUERY_POLICY_DISALBE_MAINTENANCE_MODE_QUERY_H #define SERVICES_EDM_INCLUDE_QUERY_POLICY_DISALBE_MAINTENANCE_MODE_QUERY_H - + #include "ipolicy_query.h" - + namespace OHOS { namespace EDM { diff --git a/services/edm/include/query_policy/disallow_external_storage_card_query.h b/services/edm/include/query_policy/disallow_external_storage_card_query.h new file mode 100644 index 0000000000000000000000000000000000000000..189613a14e3f60181bb9d473a75b861a5f6d7ad8 --- /dev/null +++ b/services/edm/include/query_policy/disallow_external_storage_card_query.h @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SERVICES_EDM_INCLUDE_QUERY_POLICY_DISALLOW_EXTERNAL_STORAGE_CARD_QUERY_H +#define SERVICES_EDM_INCLUDE_QUERY_POLICY_DISALLOW_EXTERNAL_STORAGE_CARD_QUERY_H + +#include "ipolicy_query.h" + +namespace OHOS { +namespace EDM { + +class DisableExternalStorageCardQuery : public IPolicyQuery { +public: + ~DisableExternalStorageCardQuery() override = default; + + std::string GetPolicyName() override; + + std::string GetPermission(IPlugin::PermissionType, const std::string &permissionTag) override; + + ErrCode QueryPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) override; +}; +} // namespace EDM +} // namespace OHOS + +#endif // SERVICES_EDM_INCLUDE_QUERY_POLICY_DISALLOW_EXTERNAL_STORAGE_CARD_QUERY_H \ No newline at end of file diff --git a/services/edm/include/query_policy/disallow_random_mac_address_query.h b/services/edm/include/query_policy/disallow_random_mac_address_query.h new file mode 100644 index 0000000000000000000000000000000000000000..61396c44590d396d625592fd531344e77483e775 --- /dev/null +++ b/services/edm/include/query_policy/disallow_random_mac_address_query.h @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SERVICES_EDM_INCLUDE_QUERY_POLICY_DISALLOW_RANDOM_MAC_ADDRESS_QUERY_H +#define SERVICES_EDM_INCLUDE_QUERY_POLICY_DISALLOW_RANDOM_MAC_ADDRESS_QUERY_H + +#include "ipolicy_query.h" + +namespace OHOS { +namespace EDM { + +class DisallowRandomMacAddressQuery : public IPolicyQuery { +public: + ~DisallowRandomMacAddressQuery() override = default; + + std::string GetPolicyName() override; + + std::string GetPermission(IPlugin::PermissionType, const std::string &permissionTag) override; + + ErrCode QueryPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) override; +}; +} // namespace EDM +} // namespace OHOS + +#endif // SERVICES_EDM_INCLUDE_QUERY_POLICY_DISALLOW_RANDOM_MAC_ADDRESS_QUERY_H \ No newline at end of file diff --git a/services/edm/src/enterprise_device_mgr_ability.cpp b/services/edm/src/enterprise_device_mgr_ability.cpp index 612e2ab2e78fa7e7955584fa5370e46c93c12110..b86712426ac3b8912866e44c4f7e4b9b1fa3638d 100644 --- a/services/edm/src/enterprise_device_mgr_ability.cpp +++ b/services/edm/src/enterprise_device_mgr_ability.cpp @@ -948,13 +948,13 @@ ErrCode EnterpriseDeviceMgrAbility::CheckReplaceAdmins(const AppExecFwk::Element AAFwk::Want want; want.SetElement(newAdmin); if (!GetBundleMgr()->QueryExtensionAbilityInfos(want, AppExecFwk::ExtensionAbilityType::ENTERPRISE_ADMIN, - AppExecFwk::ExtensionAbilityInfoFlag::GET_EXTENSION_INFO_WITH_PERMISSION, DEFAULT_USER_ID, abilityInfo) || - abilityInfo.empty()) { + AppExecFwk::ExtensionAbilityInfoFlag::GET_EXTENSION_INFO_WITH_PERMISSION, EdmConstants::DEFAULT_USER_ID, + abilityInfo) || abilityInfo.empty()) { EDMLOGW("ReplaceSuperAdmin: QueryExtensionAbilityInfos_newAdmin failed"); return EdmReturnErrCode::COMPONENT_INVALID; } - if (FAILED(VerifyEnableAdminCondition(newAdmin, AdminType::ENT, DEFAULT_USER_ID, false))) { + if (FAILED(VerifyEnableAdminCondition(newAdmin, AdminType::ENT, EdmConstants::DEFAULT_USER_ID, false))) { EDMLOGW("ReplaceSuperAdmin: VerifyEnableAdminCondition failed."); return EdmReturnErrCode::REPLACE_ADMIN_FAILED; } @@ -1006,7 +1006,7 @@ ErrCode EnterpriseDeviceMgrAbility::HandleKeepPolicy(std::string &adminName, std std::string combinedPolicyValue; policyMgr_->GetPolicy("", PolicyName::POLICY_DISALLOWED_UNINSTALL_BUNDLES, combinedPolicyValue); - if (FAILED(policyMgr_->ReplaceAllPolicy(DEFAULT_USER_ID, adminName, newAdminName))) { + if (FAILED(policyMgr_->ReplaceAllPolicy(EdmConstants::DEFAULT_USER_ID, adminName, newAdminName))) { EDMLOGE("ReplaceSuperAdmin update device Policies Failed"); AdminManager::GetInstance()->ReplaceSuperAdminByPackageName(newAdminName, *adminPtr); return EdmReturnErrCode::REPLACE_ADMIN_FAILED; @@ -1073,8 +1073,8 @@ ErrCode EnterpriseDeviceMgrAbility::ReplaceSuperAdmin(const AppExecFwk::ElementN return EdmReturnErrCode::REPLACE_ADMIN_FAILED; } if (FAILED(AdminManager::GetInstance()->SetAdminValue(DEFAULT_USER_ID, edmAdmin))) { - EDMLOGE("EnableAdmin: SetAdminValue failed."); - return EdmReturnErrCode::ENABLE_ADMIN_FAILED; + EDMLOGE("ReplaceSuperAdmin: SetAdminValue failed."); + return EdmReturnErrCode::REPLACE_ADMIN_FAILED; } } system::SetParameter(PARAM_EDM_ENABLE, "true"); @@ -1083,7 +1083,6 @@ ErrCode EnterpriseDeviceMgrAbility::ReplaceSuperAdmin(const AppExecFwk::ElementN DEFAULT_USER_ID, true); EDMLOGI("EnableAdmin: SetAdminEnabled success %{public}s", newAdmin.GetBundleName().c_str()); - EDMLOGD("ReportEdmEventManagerAdmin ReplaceSuperAdmin"); HiSysEventAdapter::ReportEdmEventManagerAdmin(newAdmin.GetBundleName().c_str(), static_cast(AdminAction::REPLACE), static_cast(AdminType::ENT), oldAdmin.GetBundleName().c_str()); @@ -1306,7 +1305,7 @@ ErrCode EnterpriseDeviceMgrAbility::DisableSuperAdmin(const std::string &bundleN { EDMLOGI("EnterpriseDeviceMgrAbility::DisableSuperAdmin bundle name = %{public}s", bundleName.c_str()); std::unique_lock autoLock(adminLock_); - return DoDisableAdmin(bundleName, DEFAULT_USER_ID, AdminType::ENT); + return DoDisableAdmin(bundleName, EdmConstants::DEFAULT_USER_ID, AdminType::ENT); } bool EnterpriseDeviceMgrAbility::CheckDisableAdmin(const std::string &bundleName, AdminType adminType, bool isDebug) @@ -1951,9 +1950,7 @@ ErrCode EnterpriseDeviceMgrAbility::SetDelegatedPolicies(const AppExecFwk::Eleme GetCurrentUserId()); ErrCode ret = GetPermissionChecker()->CheckCallerPermission(adminItem, EdmPermission::PERMISSION_ENTERPRISE_MANAGE_DELEGATED_POLICY, true); - if (FAILED(ret)) { - return ret; - } + if (FAILED(ret)) return ret; if (parentAdminName == bundleName) { EDMLOGE("SetDelegatedPolicies does not delegated policies to self."); return EdmReturnErrCode::PARAM_ERROR; @@ -1968,9 +1965,7 @@ ErrCode EnterpriseDeviceMgrAbility::SetDelegatedPolicies(const AppExecFwk::Eleme return ret; } ret = CheckDelegatedPolicies(adminItem, policies); - if (FAILED(ret)) { - return ret; - } + if (FAILED(ret)) return ret; if (!GetBundleMgr()->IsBundleInstalled(bundleName, GetCurrentUserId())) { EDMLOGE("SetDelegatedPolicies the delegated application does not installed."); return EdmReturnErrCode::AUTHORIZE_PERMISSION_FAILED; diff --git a/services/edm/src/permission_checker.cpp b/services/edm/src/permission_checker.cpp index 6814fbe9cf2a1da11cd38c11eeed02b05f649358..408329a3acee9624b09c810e1278957dcaf12b6a 100644 --- a/services/edm/src/permission_checker.cpp +++ b/services/edm/src/permission_checker.cpp @@ -71,6 +71,8 @@ std::vector PermissionChecker::supportAdminNullPolicyCode_ = { EdmInterfaceCode::DISALLOW_VPN, EdmInterfaceCode::DISALLOWED_TELEPHONY_CALL, EdmInterfaceCode::DISABLE_PRIVATE_SPACE, + EdmInterfaceCode::DISABLED_APP_CLONE, + EdmInterfaceCode::DISALLOWED_EXTERNAL_STORAGE_CARD, EdmInterfaceCode::POLICY_CODE_END + EdmConstants::PolicyCode::DISALLOW_SCREEN_SHOT, EdmInterfaceCode::POLICY_CODE_END + EdmConstants::PolicyCode::DISALLOW_SCREEN_RECORD, EdmInterfaceCode::POLICY_CODE_END + EdmConstants::PolicyCode::DISABLE_DISK_RECOVERY_KEY, @@ -79,6 +81,7 @@ std::vector PermissionChecker::supportAdminNullPolicyCode_ = { EdmInterfaceCode::POLICY_CODE_END + EdmConstants::PolicyCode::DISABLE_RESET_FACTORY, EdmInterfaceCode::DISALLOWED_NOTIFICATION, EdmInterfaceCode::DISABLED_PRINT, + EdmInterfaceCode::DISALLOWED_RANDOM_MAC_ADDRESS, EdmInterfaceCode::POLICY_CODE_END + EdmConstants::PolicyCode::DISABLE_OTA, EdmInterfaceCode::POLICY_CODE_END + EdmConstants::PolicyCode::DISALLOWED_NFC, EdmInterfaceCode::POLICY_CODE_END + EdmConstants::PolicyCode::DISALLOW_REMOTE_DESK, diff --git a/services/edm/src/plugin_manager.cpp b/services/edm/src/plugin_manager.cpp index 45e3613f36c35a8bac78fc7bf70179a9d117412f..4fc44c1505b9eec5eeb8203981b7b76c9194d874 100644 --- a/services/edm/src/plugin_manager.cpp +++ b/services/edm/src/plugin_manager.cpp @@ -67,7 +67,9 @@ std::vector PluginManager::deviceCoreSoCodes_ = { EdmInterfaceCode::ALLOWED_INSTALL_APP_TYPE, EdmInterfaceCode::DISABLE_PRIVATE_SPACE, EdmInterfaceCode::SET_INSTALL_LOCAL_ENTERPRISE_APP_ENABLED, EdmInterfaceCode::DISALLOWED_NEARLINK_PROTOCOLS, EdmInterfaceCode::DISALLOWED_EXPORT_RECOVERY_KEY, EdmInterfaceCode::DISALLOWED_USB_STORAGE_DEVICE_WRITE, - EdmInterfaceCode::DISABLED_PRINT, EdmInterfaceCode::DISALLOWED_DISTRIBUTED_TRANSMISSION + EdmInterfaceCode::DISABLED_PRINT, EdmInterfaceCode::DISALLOWED_DISTRIBUTED_TRANSMISSION, + EdmInterfaceCode::DISALLOWED_RANDOM_MAC_ADDRESS, + EdmInterfaceCode::DISABLED_APP_CLONE }; std::vector PluginManager::communicationSoCodes_ = { @@ -88,7 +90,7 @@ std::vector PluginManager::communicationSoCodes_ = { EdmInterfaceCode::DISALLOWED_SIM, EdmInterfaceCode::DISALLOWED_MOBILE_DATA, EdmInterfaceCode::DISALLOW_MODIFY_ETHERNET_IP, EdmInterfaceCode::DISALLOWED_AIRPLANE_MODE, EdmInterfaceCode::TELEPHONY_CALL_POLICY, EdmInterfaceCode::DISALLOWED_TELEPHONY_CALL, - EdmInterfaceCode::DISALLOW_VPN, + EdmInterfaceCode::DISALLOW_VPN, EdmInterfaceCode::DISALLOWED_EXTERNAL_STORAGE_CARD }; std::vector PluginManager::sysServiceSoCodes_ = { diff --git a/services/edm/src/query_policy/allowed_bluetooth_devices_query.cpp b/services/edm/src/query_policy/allowed_bluetooth_devices_query.cpp index de5427de69716ee364454ef187edb52cbc7af78e..8ae13c54237304d979e1a147a3a02a0485754bba 100644 --- a/services/edm/src/query_policy/allowed_bluetooth_devices_query.cpp +++ b/services/edm/src/query_policy/allowed_bluetooth_devices_query.cpp @@ -33,7 +33,6 @@ std::string AllowedBluetoothDevicesQuery::GetPermission(IPlugin::PermissionType, ErrCode AllowedBluetoothDevicesQuery::QueryPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) { - EDMLOGI("AllowedBluetoothDevicesQuery OnGetPolicy policyData : %{public}s", policyData.c_str()); return GetArrayStringPolicy(policyData, reply); } } // namespace EDM diff --git a/services/edm/src/query_policy/disable_app_clone_query.cpp b/services/edm/src/query_policy/disable_app_clone_query.cpp new file mode 100644 index 0000000000000000000000000000000000000000..ec80bf5bac65422882d525d826de5fbba6ea1bd2 --- /dev/null +++ b/services/edm/src/query_policy/disable_app_clone_query.cpp @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "disable_app_clone_query.h" + +#include "bool_serializer.h" +#include "edm_constants.h" +#include "edm_log.h" +#include "parameters.h" + +namespace OHOS { +namespace EDM { +std::string DisableAppCloneQuery::GetPolicyName() +{ + return PolicyName::POLICY_DISABLED_APP_CLONE; +} + +std::string DisableAppCloneQuery::GetPermission(IPlugin::PermissionType, const std::string &permissionTag) +{ + return EdmPermission::PERMISSION_ENTERPRISE_MANAGE_RESTRICTIONS; +} + +ErrCode DisableAppCloneQuery::QueryPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, + int32_t userId) +{ + return GetBoolPolicy(policyData, reply); +} +} // namespace EDM +} // namespace OHOS \ No newline at end of file diff --git a/services/edm/src/query_policy/disallow_external_storage_card_query.cpp b/services/edm/src/query_policy/disallow_external_storage_card_query.cpp new file mode 100644 index 0000000000000000000000000000000000000000..62085f725f0b76deb714d8b7e4363f0e69ec752f --- /dev/null +++ b/services/edm/src/query_policy/disallow_external_storage_card_query.cpp @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "disallow_external_storage_card_query.h" + +#include "bool_serializer.h" +#include "edm_constants.h" +#include "parameters.h" + + +namespace OHOS { +namespace EDM { +std::string DisableExternalStorageCardQuery::GetPolicyName() +{ + return PolicyName::POLICY_DISALLOWED_EXTERNAL_STORAGE_CARD; +} + +std::string DisableExternalStorageCardQuery::GetPermission( + IPlugin::PermissionType, const std::string &permissionTag) +{ + return EdmPermission::PERMISSION_ENTERPRISE_MANAGE_RESTRICTIONS; +} + +ErrCode DisableExternalStorageCardQuery::QueryPolicy( + std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) +{ + return GetBoolPolicy(policyData, reply); +} +} // namespace EDM +} // namespace OHOS \ No newline at end of file diff --git a/services/edm/src/query_policy/disallow_random_mac_address_query.cpp b/services/edm/src/query_policy/disallow_random_mac_address_query.cpp new file mode 100644 index 0000000000000000000000000000000000000000..322962ce00cc7e4f7805fa5cbcd3231da8fb4e5c --- /dev/null +++ b/services/edm/src/query_policy/disallow_random_mac_address_query.cpp @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "disallow_random_mac_address_query.h" + +#include "bool_serializer.h" +#include "edm_constants.h" +#include "parameters.h" + +namespace OHOS { +namespace EDM { +std::string DisallowRandomMacAddressQuery::GetPolicyName() +{ + return PolicyName::POLICY_DISALLOWED_RANDOM_MAC_ADDRESS; +} + +std::string DisallowRandomMacAddressQuery::GetPermission( + IPlugin::PermissionType, const std::string &permissionTag) +{ + return EdmPermission::PERMISSION_ENTERPRISE_MANAGE_RESTRICTIONS; +} + +ErrCode DisallowRandomMacAddressQuery::QueryPolicy( + std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) +{ + return GetBoolPolicy(policyData, reply); +} +} // namespace EDM +} // namespace OHOS \ No newline at end of file diff --git a/services/edm/src/query_policy/disallowed_mobile_data_query.cpp b/services/edm/src/query_policy/disallowed_mobile_data_query.cpp index d88c0ec2bc8f4383b5e30c3cf1d23ff62168c577..e7ed2c383095b65668096d181fc6aebbd8ab9195 100644 --- a/services/edm/src/query_policy/disallowed_mobile_data_query.cpp +++ b/services/edm/src/query_policy/disallowed_mobile_data_query.cpp @@ -34,6 +34,8 @@ std::string DisallowedMobileDataQuery::GetPermission(IPlugin::PermissionType per ErrCode DisallowedMobileDataQuery::QueryPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) { + EDMLOGI("DisallowedMobileDataQuery QueryPolicy policyData : %{public}s", policyData.c_str()); + policyData = (policyData == "disallow") ? "true" : "false"; return GetBoolPolicy(policyData, reply); } } // namespace EDM diff --git a/services/edm/src/query_policy/plugin_policy_reader.cpp b/services/edm/src/query_policy/plugin_policy_reader.cpp index ce8d4197d6c8bbc5e321a2e3443e36554884b088..89b68d1a5e7ff27a3b4cf3853df541c88b3a0c2d 100644 --- a/services/edm/src/query_policy/plugin_policy_reader.cpp +++ b/services/edm/src/query_policy/plugin_policy_reader.cpp @@ -141,8 +141,13 @@ #include "disable_private_space_query.h" #endif +#ifdef EXTERNAL_STORAGE_SERVICE_EDM_ENABLE +#include "disallow_external_storage_card_query.h" +#endif + #include "allowed_app_distribution_types_query.h" #include "allowed_install_bundles_query.h" +#include "disable_app_clone_query.h" #include "disable_maintenance_mode_query.h" #include "disable_mtp_client_query.h" #include "disable_mtp_server_query.h" @@ -166,6 +171,7 @@ #include "ntp_server_query.h" #include "parameters.h" #include "snapshot_skip_query.h" +#include "disallow_random_mac_address_query.h" namespace OHOS { namespace EDM { @@ -606,6 +612,16 @@ ErrCode PluginPolicyReader::GetPolicyQueryEighth(std::shared_ptr & return ERR_OK; #else return EdmReturnErrCode::INTERFACE_UNSUPPORTED; +#endif + case EdmInterfaceCode::DISALLOWED_RANDOM_MAC_ADDRESS: + obj = std::make_shared(); + return ERR_OK; + case EdmInterfaceCode::DISALLOWED_EXTERNAL_STORAGE_CARD: +#ifdef EXTERNAL_STORAGE_SERVICE_EDM_ENABLE + obj = std::make_shared(); + return ERR_OK; +#else + return EdmReturnErrCode::INTERFACE_UNSUPPORTED; #endif case EdmInterfaceCode::SET_AUTO_UNLOCK_AFTER_REBOOT: #ifdef FEATURE_PC_ONLY @@ -653,6 +669,9 @@ ErrCode PluginPolicyReader::GetPolicyQueryNinth(std::shared_ptr &o #else return EdmReturnErrCode::INTERFACE_UNSUPPORTED; #endif + case EdmInterfaceCode::DISABLED_APP_CLONE: + obj = std::make_shared(); + return ERR_OK; default: break; } diff --git a/services/edm/src/user_policy_manager.cpp b/services/edm/src/user_policy_manager.cpp index 5d20b4cc3953916743afea44d22180bb4361c00b..8d680a12a885bed1eaf3a7c0a3b24c5c1a483fbc 100644 --- a/services/edm/src/user_policy_manager.cpp +++ b/services/edm/src/user_policy_manager.cpp @@ -303,7 +303,7 @@ ErrCode UserPolicyManager::SetPolicy(const std::string &adminName, const std::st } if (FAILED(err)) { EDMLOGW("Set or delete combined policy failed:%{public}d, merged policy:%{public}s\n", - err, mergedPolicy.c_str()); + err, policyName.c_str()); } if (!adminName.empty()) { @@ -315,7 +315,7 @@ ErrCode UserPolicyManager::SetPolicy(const std::string &adminName, const std::st } if (FAILED(err)) { EDMLOGW("Set or delete admin policy failed:%{public}d, admin policy:%{public}s\n", - err, adminPolicy.c_str()); + err, adminName.c_str()); } return err; } diff --git a/services/edm_plugin/BUILD.gn b/services/edm_plugin/BUILD.gn index e0d30a1b54d0fc3bfbdc4f846225378ee7bb191b..0fa7bf4406417373a2d63ef06c0cd3289bb88309 100644 --- a/services/edm_plugin/BUILD.gn +++ b/services/edm_plugin/BUILD.gn @@ -76,6 +76,7 @@ ohos_shared_library("device_core_plugin") { "./src/allowed_install_bundles_plugin.cpp", "./src/bundle_install_plugin.cpp", "./src/disable_hdc_plugin.cpp", + "./src/disable_app_clone_plugin.cpp", "./src/disable_maintenance_mode_plugin.cpp", "./src/disable_mtp_server_plugin.cpp", "./src/disable_printer_plugin.cpp", @@ -85,6 +86,7 @@ ohos_shared_library("device_core_plugin") { "./src/disallow_distributed_transmission_plugin.cpp", "./src/disallowed_install_bundles_plugin.cpp", "./src/disallowed_uninstall_bundles_plugin.cpp", + "./src/disallow_random_mac_address_plugin.cpp", "./src/inactive_user_freeze_plugin.cpp", "./src/install_plugin.cpp", "./src/installed_bundle_info_list_plugin.cpp", @@ -348,8 +350,7 @@ ohos_shared_library("communication_plugin") { ] sources += [ "./src/get_all_network_interfaces_plugin.cpp", - "./src/get_ip_address_plugin.cpp", - "./src/get_mac_plugin.cpp", + "./src/get_ip_or_mac_address_plugin.cpp", "./src/disallow_vpn_plugin.cpp" ] } @@ -365,6 +366,12 @@ ohos_shared_library("communication_plugin") { ] } + if (storage_service_edm_enable) { + external_deps += [ "storage_service:storage_manager_sa_proxy" ] + sources += [ "./src/disallow_external_storage_card_plugin.cpp" ] + defines += [ "EXTERNAL_STORAGE_SERVICE_EDM_ENABLE" ] + } + if (os_account_edm_enable) { external_deps += [ "os_account:domain_account_innerkits", diff --git a/services/edm_plugin/include/get_mac_plugin.h b/services/edm_plugin/include/disable_app_clone_plugin.h similarity index 56% rename from services/edm_plugin/include/get_mac_plugin.h rename to services/edm_plugin/include/disable_app_clone_plugin.h index 1706fff76ca506ff32442fd7e27872e63dcfc43b..b967857f3fa0274bbbbf092d281242ffd042e302 100644 --- a/services/edm_plugin/include/get_mac_plugin.h +++ b/services/edm_plugin/include/disable_app_clone_plugin.h @@ -1,32 +1,31 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef SERVICES_EDM_PLUGIN_INCLUDE_GET_MAC_PLUGIN_H -#define SERVICES_EDM_PLUGIN_INCLUDE_GET_MAC_PLUGIN_H - -#include "plugin_singleton.h" - -namespace OHOS { -namespace EDM { -class GetMacPlugin : public PluginSingleton { -public: - void InitPlugin(std::shared_ptr> ptr) override; - - ErrCode OnGetPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) override; -}; -} // namespace EDM -} // namespace OHOS - -#endif // SERVICES_EDM_PLUGIN_INCLUDE_GET_MAC_PLUGIN_H +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SERVICES_EDM_PLUGIN_INCLUDE_DISABLE_APP_CLONE_PLUGIN_H +#define SERVICES_EDM_PLUGIN_INCLUDE_DISABLE_APP_CLONE_PLUGIN_H + +#include "basic_bool_plugin.h" +#include "plugin_singleton.h" + +namespace OHOS { +namespace EDM { +class DisableAppClonePlugin : public PluginSingleton, + public BasicBoolPlugin { +public: + void InitPlugin(std::shared_ptr> ptr) override; +}; +} // namespace EDM +} // namespace OHOS +#endif // SERVICES_EDM_PLUGIN_INCLUDE_DISABLE_APP_CLONE_PLUGIN_H \ No newline at end of file diff --git a/services/edm_plugin/include/disallow_external_storage_card_plugin.h b/services/edm_plugin/include/disallow_external_storage_card_plugin.h new file mode 100644 index 0000000000000000000000000000000000000000..3e55191cfa5af8e59b8cacaf5b7207ae7b71cda1 --- /dev/null +++ b/services/edm_plugin/include/disallow_external_storage_card_plugin.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SERVICES_EDM_PLUGIN_INCLUDE_DISALLOW_EXTERNAL_STORAGE_CARD_PLUGIN_H +#define SERVICES_EDM_PLUGIN_INCLUDE_DISALLOW_EXTERNAL_STORAGE_CARD_PLUGIN_H + +#include "basic_bool_plugin.h" +#include "plugin_singleton.h" +#include "istorage_manager.h" + +namespace OHOS { +namespace EDM { +class DisallowExternalStorageCardPlugin : public PluginSingleton, +public BasicBoolPlugin { +public: + void InitPlugin(std::shared_ptr> ptr) override; + ErrCode OnSetPolicy(bool &data, bool ¤tData, bool &mergePolicy, int32_t userId) override; + +private: + ErrCode SetOtherModulePolicy(bool data, int32_t userId) override; + OHOS::sptr GetStorageManager(); + ErrCode UnmountStorageDevice(); +}; +} // namespace EDM +} // namespace OHOS + +#endif // SERVICES_EDM_PLUGIN_INCLUDE_DISALLOW_EXTERNAL_STORAGE_CARD_PLUGIN_H \ No newline at end of file diff --git a/services/edm_plugin/include/disallow_random_mac_address_plugin.h b/services/edm_plugin/include/disallow_random_mac_address_plugin.h new file mode 100644 index 0000000000000000000000000000000000000000..331e926821113b714287aa5b9ebe7ca598826cda --- /dev/null +++ b/services/edm_plugin/include/disallow_random_mac_address_plugin.h @@ -0,0 +1,32 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SERVICES_EDM_PLUGIN_INCLUDE_DISALLOW_RANDOM_MAC_ADDRESS_PLUGIN_H +#define SERVICES_EDM_PLUGIN_INCLUDE_DISALLOW_RANDOM_MAC_ADDRESS_PLUGIN_H + +#include "basic_bool_plugin.h" +#include "plugin_singleton.h" + +namespace OHOS { +namespace EDM { +class DisallowRandomMacAddressPlugin : public PluginSingleton, +public BasicBoolPlugin { +public: + void InitPlugin(std::shared_ptr> ptr) override; +}; +} // namespace EDM +} // namespace OHOS + +#endif // SERVICES_EDM_PLUGIN_INCLUDE_DISALLOW_RANDOM_MAC_ADDRESS_PLUGIN_H \ No newline at end of file diff --git a/services/edm_plugin/include/get_ip_address_plugin.h b/services/edm_plugin/include/get_ip_or_mac_address_plugin.h similarity index 65% rename from services/edm_plugin/include/get_ip_address_plugin.h rename to services/edm_plugin/include/get_ip_or_mac_address_plugin.h index fee8f2d5258130c679fa8bc8ba2fd5c9522429ec..f33c6fe340ca9d2063af2f73fc4e084095eebb96 100644 --- a/services/edm_plugin/include/get_ip_address_plugin.h +++ b/services/edm_plugin/include/get_ip_or_mac_address_plugin.h @@ -13,20 +13,20 @@ * limitations under the License. */ -#ifndef SERVICES_EDM_PLUGIN_INCLUDE_GET_IP_ADDRESS_PLUGIN_H -#define SERVICES_EDM_PLUGIN_INCLUDE_GET_IP_ADDRESS_PLUGIN_H +#ifndef SERVICES_EDM_PLUGIN_INCLUDE_GET_IP_OR_MAC_ADDRESS_PLUGIN_H +#define SERVICES_EDM_PLUGIN_INCLUDE_GET_IP_OR_MAC_ADDRESS_PLUGIN_H #include "plugin_singleton.h" namespace OHOS { namespace EDM { -class GetIpAddressPlugin : public PluginSingleton { +class GetIpOrMacAddressPlugin : public PluginSingleton { public: - void InitPlugin(std::shared_ptr> ptr) override; + void InitPlugin(std::shared_ptr> ptr) override; ErrCode OnGetPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) override; }; } // namespace EDM } // namespace OHOS -#endif // SERVICES_EDM_PLUGIN_INCLUDE_GET_IP_ADDRESS_PLUGIN_H +#endif // SERVICES_EDM_PLUGIN_INCLUDE_GET_IP_OR_MAC_ADDRESS_PLUGIN_H diff --git a/services/edm_plugin/src/allowed_usb_devices_plugin.cpp b/services/edm_plugin/src/allowed_usb_devices_plugin.cpp index 7668a9ff47a5dbc795efc4fa9677c1e0ef7f179a..b72802fa6d28ce8131ec223493be542b3dca041c 100644 --- a/services/edm_plugin/src/allowed_usb_devices_plugin.cpp +++ b/services/edm_plugin/src/allowed_usb_devices_plugin.cpp @@ -62,12 +62,8 @@ ErrCode AllowUsbDevicesPlugin::OnSetPolicy(std::vector &data, return EdmReturnErrCode::CONFIGURATION_CONFLICT_FAILED; } - std::vector needAddData = - ArrayUsbDeviceIdSerializer::GetInstance()->SetDifferencePolicyData(currentData, data); - std::vector needAddMergeData = - ArrayUsbDeviceIdSerializer::GetInstance()->SetDifferencePolicyData(mergeData, needAddData); std::vector afterHandle = - ArrayUsbDeviceIdSerializer::GetInstance()->SetUnionPolicyData(currentData, needAddData); + ArrayUsbDeviceIdSerializer::GetInstance()->SetUnionPolicyData(currentData, data); std::vector afterMerge = ArrayUsbDeviceIdSerializer::GetInstance()->SetUnionPolicyData(mergeData, afterHandle); @@ -75,7 +71,7 @@ ErrCode AllowUsbDevicesPlugin::OnSetPolicy(std::vector &data, EDMLOGE("AllowUsbDevicesPlugin OnSetPolicy union data size=[%{public}zu] is too large", mergeData.size()); return EdmReturnErrCode::PARAM_ERROR; } - ErrCode errCode = UsbPolicyUtils::AddAllowedUsbDevices(needAddMergeData); + ErrCode errCode = UsbPolicyUtils::AddAllowedUsbDevices(afterMerge); if (errCode != ERR_OK) { return errCode; } @@ -129,37 +125,9 @@ ErrCode AllowUsbDevicesPlugin::OnRemovePolicy(std::vector &data, st std::vector afterMerge = ArrayUsbDeviceIdSerializer::GetInstance()->SetUnionPolicyData(mergeData, afterHandle); - if (afterMerge.empty()) { - auto &srvClient = OHOS::USB::UsbSrvClient::GetInstance(); - std::vector allDevices; - int32_t getRet = srvClient.GetDevices(allDevices); - if (getRet == EdmConstants::USB_ERRCODE_INTERFACE_NO_INIT) { - EDMLOGW("AllowUsbDevicesPlugin OnRemovePolicy: getDevices failed! USB interface not init!"); - } - if (getRet != ERR_OK && getRet != EdmConstants::USB_ERRCODE_INTERFACE_NO_INIT) { - EDMLOGE("AllowUsbDevicesPlugin OnRemovePolicy getDevices failed: %{public}d", getRet); - return EdmReturnErrCode::SYSTEM_ABNORMALLY; - } - EDMLOGI("AllowUsbDevicesPlugin OnRemovePolicy: clear to empty, enable all."); - std::for_each(allDevices.begin(), allDevices.end(), [&](const auto usbDevice) { - if (srvClient.ManageDevice(usbDevice.GetVendorId(), usbDevice.GetProductId(), false) != ERR_OK) { - EDMLOGW("AllowUsbDevicesPlugin OnRemovePolicy ManageDevice vid: %{public}d, pid: %{public}d failed!", - usbDevice.GetVendorId(), usbDevice.GetProductId()); - } - }); - } else { - std::vector needRemovePolicy = - ArrayUsbDeviceIdSerializer::GetInstance()->SetDifferencePolicyData(afterHandle, currentData); - std::vector needRemoveMergePolicy = - ArrayUsbDeviceIdSerializer::GetInstance()->SetDifferencePolicyData(mergeData, needRemovePolicy); - EDMLOGI("AllowUsbDevicesPlugin OnRemovePolicy: remove data size: %{public}zu", needRemoveMergePolicy.size()); - auto &srvClient = OHOS::USB::UsbSrvClient::GetInstance(); - std::for_each(needRemoveMergePolicy.begin(), needRemoveMergePolicy.end(), [&](const auto usbDeviceId) { - if (srvClient.ManageDevice(usbDeviceId.GetVendorId(), usbDeviceId.GetProductId(), true) != ERR_OK) { - EDMLOGW("AllowUsbDevicesPlugin OnRemovePolicy ManageDevice vid: %{public}d, pid: %{public}d failed!", - usbDeviceId.GetVendorId(), usbDeviceId.GetProductId()); - } - }); + ErrCode errCode = UsbPolicyUtils::AddAllowedUsbDevices(afterMerge); + if (errCode != ERR_OK) { + return errCode; } currentData = afterHandle; mergeData = afterMerge; diff --git a/services/edm_plugin/src/get_mac_plugin.cpp b/services/edm_plugin/src/disable_app_clone_plugin.cpp similarity index 32% rename from services/edm_plugin/src/get_mac_plugin.cpp rename to services/edm_plugin/src/disable_app_clone_plugin.cpp index db752c20cb10cf5687d93f298878bde81913ae5d..77cbf0eb1827706bdee42faf8d9909319aca0408 100644 --- a/services/edm_plugin/src/get_mac_plugin.cpp +++ b/services/edm_plugin/src/disable_app_clone_plugin.cpp @@ -1,59 +1,43 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "get_mac_plugin.h" - -#include "edm_constants.h" -#include "edm_ipc_interface_code.h" -#include "ethernet_client.h" -#include "interface_type.h" -#include "string_serializer.h" -#include "iplugin_manager.h" - -namespace OHOS { -namespace EDM { -const bool REGISTER_RESULT = IPluginManager::GetInstance()->AddPlugin(GetMacPlugin::GetPlugin()); - -void GetMacPlugin::InitPlugin(std::shared_ptr> ptr) -{ - EDMLOGI("GetMacPlugin InitPlugin..."); - std::map> tagPermissions; - std::map typePermissionsForTag11; - std::map typePermissionsForTag12; - typePermissionsForTag11.emplace(IPlugin::PermissionType::SUPER_DEVICE_ADMIN, - EdmPermission::PERMISSION_ENTERPRISE_GET_NETWORK_INFO); - typePermissionsForTag12.emplace(IPlugin::PermissionType::SUPER_DEVICE_ADMIN, - EdmPermission::PERMISSION_ENTERPRISE_MANAGE_NETWORK); - tagPermissions.emplace(EdmConstants::PERMISSION_TAG_VERSION_11, typePermissionsForTag11); - tagPermissions.emplace(EdmConstants::PERMISSION_TAG_VERSION_12, typePermissionsForTag12); - - IPlugin::PolicyPermissionConfig config = IPlugin::PolicyPermissionConfig(tagPermissions, IPlugin::ApiType::PUBLIC); - ptr->InitAttribute(EdmInterfaceCode::GET_MAC, PolicyName::POLICY_GET_MAC, config, false); - ptr->SetSerializer(StringSerializer::GetInstance()); -} - -ErrCode GetMacPlugin::OnGetPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) -{ - EDMLOGI("GetMacPlugin OnGetPolicy."); - nmd::InterfaceConfigurationParcel config; - std::string networkInterface; - data.ReadString(networkInterface); - DelayedSingleton::GetInstance()->GetInterfaceConfig(networkInterface, config); - reply.WriteInt32(ERR_OK); - reply.WriteString(config.hwAddr); - return ERR_OK; -} -} // namespace EDM -} // namespace OHOS +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "disable_app_clone_plugin.h" + +#include "bool_serializer.h" +#include "edm_ipc_interface_code.h" +#include "parameters.h" +#include "iplugin_manager.h" + +namespace OHOS { +namespace EDM { +const bool REGISTER_RESULT = IPluginManager::GetInstance()->AddPlugin(DisableAppClonePlugin::GetPlugin()); + +void DisableAppClonePlugin::InitPlugin(std::shared_ptr> + ptr) +{ + EDMLOGI("DisableAppClonePlugin InitPlugin..."); + std::map typePermissions; + typePermissions.emplace(IPlugin::PermissionType::SUPER_DEVICE_ADMIN, + EdmPermission::PERMISSION_ENTERPRISE_MANAGE_RESTRICTIONS); + IPlugin::PolicyPermissionConfig config = IPlugin::PolicyPermissionConfig(typePermissions, IPlugin::ApiType::PUBLIC); + ptr->InitAttribute(EdmInterfaceCode::DISABLED_APP_CLONE, PolicyName::POLICY_DISABLED_APP_CLONE, + config, true); + ptr->SetSerializer(BoolSerializer::GetInstance()); + ptr->SetOnHandlePolicyListener(&DisableAppClonePlugin::OnSetPolicy, FuncOperateType::SET); + ptr->SetOnAdminRemoveListener(&DisableAppClonePlugin::OnAdminRemove); + persistParam_ = "persist.edm.app_clone_disable"; +} +} // namespace EDM +} // namespace OHOS \ No newline at end of file diff --git a/services/edm_plugin/src/disallow_external_storage_card_plugin.cpp b/services/edm_plugin/src/disallow_external_storage_card_plugin.cpp new file mode 100644 index 0000000000000000000000000000000000000000..2bb06925d5d60559f31d80edc2ad0c430ea7bd40 --- /dev/null +++ b/services/edm_plugin/src/disallow_external_storage_card_plugin.cpp @@ -0,0 +1,128 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "disallow_external_storage_card_plugin.h" + +#include "bool_serializer.h" +#include "edm_constants.h" +#include "edm_errors.h" +#include "edm_ipc_interface_code.h" +#include "edm_log.h" +#include "iplugin_manager.h" +#include "volume_external.h" +#include "iservice_registry.h" +#include "parameters.h" + +namespace OHOS { +namespace EDM { +const bool REGISTER_RESULT = IPluginManager::GetInstance()->AddPlugin( + DisallowExternalStorageCardPlugin::GetPlugin()); +constexpr int32_t STORAGE_MANAGER_MANAGER_ID = 5003; + +void DisallowExternalStorageCardPlugin::InitPlugin( + std::shared_ptr> ptr) +{ + EDMLOGI("DisallowExternalStorageCardPlugin InitPlugin..."); + ptr->InitAttribute( + EdmInterfaceCode::DISALLOWED_EXTERNAL_STORAGE_CARD, + PolicyName::POLICY_DISALLOWED_EXTERNAL_STORAGE_CARD, + EdmPermission::PERMISSION_ENTERPRISE_MANAGE_RESTRICTIONS, + IPlugin::PermissionType::SUPER_DEVICE_ADMIN, + true); + ptr->SetSerializer(BoolSerializer::GetInstance()); + ptr->SetOnHandlePolicyListener(&DisallowExternalStorageCardPlugin::OnSetPolicy, FuncOperateType::SET); + ptr->SetOnAdminRemoveListener(&DisallowExternalStorageCardPlugin::OnAdminRemove); + persistParam_ = "persist.edm.external_storage_card_disable"; +} + +ErrCode DisallowExternalStorageCardPlugin::OnSetPolicy(bool &data, bool ¤tData, bool &mergePolicy, int32_t userId) +{ + EDMLOGI("DisallowExternalStorageCardPlugin OnSetPolicy"); + if (mergePolicy) { + currentData = data; + return ERR_OK; + } + if (!system::SetParameter(persistParam_, data ? "true" : "false")) { + EDMLOGE("DisallowExternalStorageCardPlugin set param failed."); + return EdmReturnErrCode::SYSTEM_ABNORMALLY; + } + if (data) { + ErrCode Ret = SetOtherModulePolicy(data, userId); + if (FAILED(Ret)) { + return Ret; + } + } + currentData = data; + mergePolicy = data; + return ERR_OK; +} + +ErrCode DisallowExternalStorageCardPlugin::SetOtherModulePolicy(bool data, int32_t userId) +{ + EDMLOGI("DisallowExternalStorageCardPlugin SetOtherModulePolicy"); + if (data) { + ErrCode Ret = UnmountStorageDevice(); + if (Ret != ERR_OK) { + EDMLOGI("DisallowExternalStorageCardPlugin: unmount storage device failed ret: %{public}d", Ret); + return Ret; + } + } + return ERR_OK; +} + +ErrCode DisallowExternalStorageCardPlugin::UnmountStorageDevice() +{ + auto storageMgrProxy = GetStorageManager(); + if (storageMgrProxy == nullptr) { + return EdmReturnErrCode::SYSTEM_ABNORMALLY; + } + std::vector volList; + int32_t storageRet = storageMgrProxy->GetAllVolumes(volList); + if (storageRet != ERR_OK) { + EDMLOGE("DisallowExternalStorageCardPlugin storageMgrProxy GetAllVolumes failed! ret:%{public}d", storageRet); + return EdmReturnErrCode::DISALLOW_NOT_TAKE_EFFECT; + } + if (volList.empty()) { + return ERR_OK; + } + for (auto &vol : volList) { + if (storageMgrProxy->Unmount(vol.GetId()) != ERR_OK) { + EDMLOGE("DisallowExternalStorageCardPlugin SetPolicy storageMgrProxy Unmount failed!"); + return EdmReturnErrCode::DISALLOW_NOT_TAKE_EFFECT; + } + } + return ERR_OK; +} + +OHOS::sptr DisallowExternalStorageCardPlugin::GetStorageManager() +{ + auto saMgr = OHOS::SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (saMgr == nullptr) { + EDMLOGE("DisallowExternalStorageCardPlugin GetStorageManager:get saMgr fail"); + return nullptr; + } + sptr obj = saMgr->GetSystemAbility(STORAGE_MANAGER_MANAGER_ID); + if (obj == nullptr) { + EDMLOGE("DisallowExternalStorageCardPlugin GetStorageManager:get storage manager client fail"); + return nullptr; + } + auto storageMgrProxy = iface_cast(obj); + if (storageMgrProxy == nullptr) { + EDMLOGE("DisallowExternalStorageCardPlugin GetStorageManager:get storageMgrProxy fail"); + } + return storageMgrProxy; +} +} // namespace EDM +} // namespace OHOS \ No newline at end of file diff --git a/services/edm_plugin/src/disallow_mobile_data_plugin.cpp b/services/edm_plugin/src/disallow_mobile_data_plugin.cpp index 3694ddc53f00ec486382dc0b2d6c57a52e0a254f..31736bbd49f8cb84a48c2dd53e2ca029bc045019 100644 --- a/services/edm_plugin/src/disallow_mobile_data_plugin.cpp +++ b/services/edm_plugin/src/disallow_mobile_data_plugin.cpp @@ -66,8 +66,8 @@ ErrCode DisallowMobileDataPlugin::OnHandlePolicy(std::uint32_t funcCode, Message return EdmReturnErrCode::SYSTEM_ABNORMALLY; } policyData.isChanged = true; - policyData.mergePolicyData = "true"; - policyData.policyData = "true"; + policyData.mergePolicyData = "disallow"; + policyData.policyData = "disallow"; return ERR_OK; } if (!system::SetParameter(PARAM_MOBILE_DATA_POLICY, MOBILE_DATA_NONE)) { @@ -75,12 +75,19 @@ ErrCode DisallowMobileDataPlugin::OnHandlePolicy(std::uint32_t funcCode, Message return EdmReturnErrCode::SYSTEM_ABNORMALLY; } policyData.isChanged = true; - policyData.mergePolicyData = "false"; - policyData.policyData = "false"; + policyData.mergePolicyData = "none"; + policyData.policyData = "none"; return ERR_OK; } if (flag == EdmConstants::MobileData::FORCE_FLAG) { - return OnHandleForceOpen(data); + int32_t ret = OnHandleForceOpen(data); + if (ret != ERR_OK) { + return ret; + } + policyData.isChanged = true; + policyData.mergePolicyData = "force_open"; + policyData.policyData = "force_open"; + return ERR_OK; } return EdmReturnErrCode::SYSTEM_ABNORMALLY; } @@ -113,7 +120,7 @@ ErrCode DisallowMobileDataPlugin::OnHandleForceOpen(MessageParcel &data) ErrCode DisallowMobileDataPlugin::OnAdminRemove(const std::string &adminName, const std::string &policyData, const std::string &mergeData, int32_t userId) { - EDMLOGI("TurnOnOffMobileDataPlugin OnAdminRemove adminName : %{public}s, policyData : %{public}s", + EDMLOGI("DisallowMobileDataPlugin OnAdminRemove adminName : %{public}s, policyData : %{public}s", adminName.c_str(), policyData.c_str()); if (!system::SetParameter(PARAM_MOBILE_DATA_POLICY, MOBILE_DATA_NONE)) { EDMLOGE("DisallowMobileDataPlugin:OnSetPolicy SetParameter fail"); diff --git a/services/edm_plugin/src/disallow_random_mac_address_plugin.cpp b/services/edm_plugin/src/disallow_random_mac_address_plugin.cpp new file mode 100644 index 0000000000000000000000000000000000000000..ce2e7f424871ad29c17ea5c55ef212a2e7a68589 --- /dev/null +++ b/services/edm_plugin/src/disallow_random_mac_address_plugin.cpp @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "disallow_random_mac_address_plugin.h" + +#include "bool_serializer.h" +#include "edm_constants.h" +#include "edm_errors.h" +#include "edm_ipc_interface_code.h" +#include "edm_log.h" +#include "iplugin_manager.h" + +namespace OHOS { +namespace EDM { +const bool REGISTER_RESULT = IPluginManager::GetInstance()->AddPlugin( + DisallowRandomMacAddressPlugin::GetPlugin()); + +void DisallowRandomMacAddressPlugin::InitPlugin( + std::shared_ptr> ptr) +{ + EDMLOGI("DisallowRandomMacAddressPlugin InitPlugin..."); + ptr->InitAttribute( + EdmInterfaceCode::DISALLOWED_RANDOM_MAC_ADDRESS, + PolicyName::POLICY_DISALLOWED_RANDOM_MAC_ADDRESS, + EdmPermission::PERMISSION_ENTERPRISE_MANAGE_RESTRICTIONS, + IPlugin::PermissionType::SUPER_DEVICE_ADMIN, + true); + ptr->SetSerializer(BoolSerializer::GetInstance()); + ptr->SetOnHandlePolicyListener(&DisallowRandomMacAddressPlugin::OnSetPolicy, FuncOperateType::SET); + ptr->SetOnAdminRemoveListener(&DisallowRandomMacAddressPlugin::OnAdminRemove); + persistParam_ = "persist.edm.random_mac_address_disable"; +} +} // namespace EDM +} // namespace OHOS \ No newline at end of file diff --git a/services/edm_plugin/src/get_ip_address_plugin.cpp b/services/edm_plugin/src/get_ip_or_mac_address_plugin.cpp similarity index 72% rename from services/edm_plugin/src/get_ip_address_plugin.cpp rename to services/edm_plugin/src/get_ip_or_mac_address_plugin.cpp index 61cc0e0cbb950d2708f0a58577bbda93c32c54ea..16522ae905cd73c3d21a63dd10cdcc717a528aaf 100644 --- a/services/edm_plugin/src/get_ip_address_plugin.cpp +++ b/services/edm_plugin/src/get_ip_or_mac_address_plugin.cpp @@ -13,7 +13,7 @@ * limitations under the License. */ -#include "get_ip_address_plugin.h" +#include "get_ip_or_mac_address_plugin.h" #include "edm_constants.h" #include "edm_ipc_interface_code.h" @@ -21,14 +21,15 @@ #include "interface_type.h" #include "string_serializer.h" #include "iplugin_manager.h" +#include "network_address.h" namespace OHOS { namespace EDM { -const bool REGISTER_RESULT = IPluginManager::GetInstance()->AddPlugin(GetIpAddressPlugin::GetPlugin()); +const bool REGISTER_RESULT = IPluginManager::GetInstance()->AddPlugin(GetIpOrMacAddressPlugin::GetPlugin()); -void GetIpAddressPlugin::InitPlugin(std::shared_ptr> ptr) +void GetIpOrMacAddressPlugin::InitPlugin(std::shared_ptr> ptr) { - EDMLOGI("GetIpAddressPlugin InitPlugin..."); + EDMLOGI("GetIpOrMacAddressPlugin InitPlugin..."); std::map> tagPermissions; std::map typePermissionsForTag11; std::map typePermissionsForTag12; @@ -40,20 +41,25 @@ void GetIpAddressPlugin::InitPlugin(std::shared_ptrInitAttribute(EdmInterfaceCode::GET_IP_ADDRESS, PolicyName::POLICY_GET_IP_ADDRESS, config, false); + ptr->InitAttribute(EdmInterfaceCode::GET_IP_ADDRESS, PolicyName::POLICY_GET_IP_OR_MAC_ADDRESS, config, false); ptr->SetSerializer(StringSerializer::GetInstance()); } -ErrCode GetIpAddressPlugin::OnGetPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, +ErrCode GetIpOrMacAddressPlugin::OnGetPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) { - EDMLOGI("GetIpAddressPlugin OnGetPolicy."); + EDMLOGI("GetIpOrMacAddressPlugin OnGetPolicy."); nmd::InterfaceConfigurationParcel config; std::string networkInterface; data.ReadString(networkInterface); DelayedSingleton::GetInstance()->GetInterfaceConfig(networkInterface, config); reply.WriteInt32(ERR_OK); - reply.WriteString(config.ipv4Addr); + int32_t networkAddress = data.ReadInt32(); + if (networkAddress == NetworkAddress::IPADDRESS) { + reply.WriteString(config.ipv4Addr); + } else if (networkAddress == NetworkAddress::MAC) { + reply.WriteString(config.hwAddr); + } return ERR_OK; } } // namespace EDM diff --git a/services/edm_plugin/src/install_plugin.cpp b/services/edm_plugin/src/install_plugin.cpp index ffb90641587e267e4918e02dad30a58d3520c3b0..77552b786105e955dd326ef845bd336b6284e1e8 100644 --- a/services/edm_plugin/src/install_plugin.cpp +++ b/services/edm_plugin/src/install_plugin.cpp @@ -26,7 +26,6 @@ #include "directory_ex.h" #include "edm_ipc_interface_code.h" #include "edm_sys_manager.h" -#include "install_param_serializer.h" #include "installer_callback.h" #include "iplugin_manager.h" diff --git a/services/edm_plugin/src/utils/apn_utils.cpp b/services/edm_plugin/src/utils/apn_utils.cpp index 6401bf5b03f8c3f2b0fed024e32ff3d21bd9567e..9f673a1729b0bd4c25657e3011684f254d22eb88 100644 --- a/services/edm_plugin/src/utils/apn_utils.cpp +++ b/services/edm_plugin/src/utils/apn_utils.cpp @@ -78,9 +78,11 @@ int32_t ApnUtils::GetOpkey(const std::string &mccmnc, std::string &opkey) int32_t columnIndex = -1; if (queryResult->GetColumnIndex("operator_key", columnIndex) != DataShare::E_OK || queryResult->GetString(columnIndex, opkey) != DataShare::E_OK) { + EDMLOGE("GetOpkey GetColumnIndex or GetString error"); + queryResult->Close(); return -1; } - EDMLOGI("ApnUtils::GetOpkey opkey=%{public}s", opkey.c_str()); + queryResult->Close(); return 0; } @@ -97,6 +99,10 @@ int32_t ApnUtils::ApnInsert(const std::map &apnInfo, for (const auto & [key, value] : apnInfo) { values.Put(key, value); } + if (apnInfo.find(PdpProfileData::MCC) == apnInfo.end() || apnInfo.find(PdpProfileData::MNC) == apnInfo.end()) { + EDMLOGE("Mandatory keys MCC or MNC not found in apnInfo"); + return EdmReturnErrCode::PARAM_ERROR; + } if (apnUtilsPassword.password != nullptr) { values.Put("auth_pwd", std::string(apnUtilsPassword.password, apnUtilsPassword.passwordSize)); } @@ -148,9 +154,15 @@ int32_t ApnUtils::ApnUpdate(const std::map &apnInfo, c if (apnInfo.find(PdpProfileData::MCC) != apnInfo.end() && apnInfo.find(PdpProfileData::MNC) != apnInfo.end()) { mccmnc = apnInfo.at(PdpProfileData::MCC) + apnInfo.at(PdpProfileData::MNC); } else if (apnInfo.find(PdpProfileData::MCC) != apnInfo.end()) { - mccmnc = apnInfo.at(PdpProfileData::MCC) + ApnQuery(apnId)[PdpProfileData::MNC]; + auto queryResult = ApnQuery(apnId); + if (queryResult.find(PdpProfileData::MNC) != queryResult.end()) { + mccmnc = apnInfo.at(PdpProfileData::MCC) + queryResult.at(PdpProfileData::MNC); + } } else if (apnInfo.find(PdpProfileData::MNC) != apnInfo.end()) { - mccmnc = ApnQuery(apnId)[PdpProfileData::MCC] + apnInfo.at(PdpProfileData::MNC); + auto queryResult = ApnQuery(apnId); + if (queryResult.find(PdpProfileData::MCC) != queryResult.end()) { + mccmnc = queryResult.at(PdpProfileData::MCC) + apnInfo.at(PdpProfileData::MNC); + } } if (apnInfo.find(PdpProfileData::MCC) != apnInfo.end() || apnInfo.find(PdpProfileData::MNC) != apnInfo.end()) { @@ -299,8 +311,13 @@ int32_t ApnUtils::MatchValidSimId(const std::string &opkey, int32_t slotId) int32_t ApnUtils::GetValidSimId(const std::string &apnId) { + std::map mapData = ApnQuery(apnId); + std::string mccmnc; + if (mapData.find(PdpProfileData::MCCMNC) != mapData.end()) { + mccmnc = mapData[PdpProfileData::MCCMNC]; + } std::string opkey; - if (GetOpkey(ApnQuery(apnId)[PdpProfileData::MCCMNC], opkey) != ERR_OK || opkey.empty()) { + if (GetOpkey(mccmnc, opkey) != ERR_OK || opkey.empty()) { return -1; } diff --git a/services/edm_plugin/src/utils/bluetooth_config_utils.cpp b/services/edm_plugin/src/utils/bluetooth_config_utils.cpp index 7f9a0ae43e57e3b43e773f3da1e721414b77553f..e1ba35bdc7a988d2e2a464701185ceb73568d7d3 100644 --- a/services/edm_plugin/src/utils/bluetooth_config_utils.cpp +++ b/services/edm_plugin/src/utils/bluetooth_config_utils.cpp @@ -38,6 +38,7 @@ BluetoothConfigUtils::BluetoothConfigUtils() if (std::find(files.begin(), files.end(), BLUETOOTH_DIR) == files.end()) { CreateBluetoothConfigDir(CONFIG_SYSTEM_ALL_DIR + SEPARATOR + BLUETOOTH_DIR); } + LoadConfig(); } BluetoothConfigUtils::~BluetoothConfigUtils() diff --git a/services/edm_plugin/src/utils/nearlink_config_utils.cpp b/services/edm_plugin/src/utils/nearlink_config_utils.cpp index a5f957f252c6920ac051f673e11c2cd366ad97c6..6a3d5241b90096155758fbbe2b3a6c1bf9485aca 100644 --- a/services/edm_plugin/src/utils/nearlink_config_utils.cpp +++ b/services/edm_plugin/src/utils/nearlink_config_utils.cpp @@ -97,7 +97,12 @@ bool NearlinkConfigUtils::AddProtocol( if (!userItem) { // 新增用户条目 - CJSON_CREATE_ARRAY_AND_CHECK(userItem, false); + userItem = cJSON_CreateArray(); + if (userItem == nullptr) { + EDMLOGE("cJSON_CreateArray Error"); + cJSON_Delete(protocols); + return false; + } CJSON_ADD_ITEM_TO_ARRAY_AND_CHECK_AND_CLEAR(protocols, userItem, false); if (!cJSON_AddItemToObject(denyList, userId.c_str(), userItem)) { EDMLOGE("cJSON_AddItemToObject Error"); @@ -223,7 +228,7 @@ bool NearlinkConfigUtils::LoadConfig() if (inFile.good()) { EDMLOGI("NearlinkConfigUtils::LoadConfig inFile.good"); inFile.seekg(0, std::ios::end); - size_t size = inFile.tellg(); + size_t size = static_cast(inFile.tellg()); if (size == 0) { inFile.close(); CJSON_CREATE_OBJECT_AND_CHECK(root_, false); diff --git a/services/edm_plugin/src/utils/usb_policy_utils.cpp b/services/edm_plugin/src/utils/usb_policy_utils.cpp index ffb56e5bed14008bf742b8bf825070a5e86077a6..170dddc9104cf3d40757ffce0eef0f44c770d1d9 100644 --- a/services/edm_plugin/src/utils/usb_policy_utils.cpp +++ b/services/edm_plugin/src/utils/usb_policy_utils.cpp @@ -45,24 +45,20 @@ ErrCode UsbPolicyUtils::AddAllowedUsbDevices(std::vector data) { EDMLOGI("UsbPolicyUtils AddAllowedUsbDevices....data size = %{public}zu", data.size()); auto &srvClient = OHOS::USB::UsbSrvClient::GetInstance(); - std::vector allDevices; - int32_t getRet = srvClient.GetDevices(allDevices); - if (getRet == EdmConstants::USB_ERRCODE_INTERFACE_NO_INIT) { - EDMLOGW("UsbPolicyUtils getDevices failed! USB interface not init!"); + std::vector trustList{}; + for (auto &dev : data) { + USB::UsbDeviceId devId; + devId.productId = dev.GetProductId(); + devId.vendorId = dev.GetVendorId(); + trustList.emplace_back(devId); } - if (getRet != ERR_OK && getRet != EdmConstants::USB_ERRCODE_INTERFACE_NO_INIT) { - EDMLOGE("UsbPolicyUtils getDevices failed: %{public}d", getRet); - return EdmReturnErrCode::SYSTEM_ABNORMALLY; + int32_t usbRet = srvClient.ManageDevicePolicy(trustList); + if (usbRet == EdmConstants::USB_ERRCODE_INTERFACE_NO_INIT) { + EDMLOGW("UsbPolicyUtils ManageDevicePolicy failed! USB interface not init!"); } - EDMLOGI("UsbPolicyUtils AddAllowedUsbDevices getDevices size: %{public}zu", allDevices.size()); - for (const auto &item : allDevices) { - bool isAllowed = (std::find_if(data.begin(), data.end(), [item](UsbDeviceId trustItem) { - return item.GetVendorId() == trustItem.GetVendorId() && item.GetProductId() == trustItem.GetProductId(); - }) != data.end()); - if (srvClient.ManageDevice(item.GetVendorId(), item.GetProductId(), !isAllowed) != ERR_OK) { - EDMLOGW("UsbPolicyUtils ManageDevice: vid:%{public}d pid:%{public}d, %{public}d failed!", - item.GetVendorId(), item.GetProductId(), isAllowed); - } + if (usbRet != ERR_OK && usbRet != EdmConstants::USB_ERRCODE_INTERFACE_NO_INIT) { + EDMLOGE("UsbPolicyUtils ManageDevicePolicy failed: %{public}d", usbRet); + return EdmReturnErrCode::SYSTEM_ABNORMALLY; } return ERR_OK; } diff --git a/services/edm_plugin/src/utils/wifi_policy_utils.cpp b/services/edm_plugin/src/utils/wifi_policy_utils.cpp index cb215e7c853152bfe2da9942afae86c53c8efebb..67317ef8cd58fdd45acd8b5cc1b2c772f49fc6aa 100644 --- a/services/edm_plugin/src/utils/wifi_policy_utils.cpp +++ b/services/edm_plugin/src/utils/wifi_policy_utils.cpp @@ -18,6 +18,7 @@ #include "array_wifi_id_serializer.h" #include "edm_constants.h" #include "edm_log.h" +#include "edm_utils.h" #include "ipolicy_manager.h" #include "wifi_device.h" @@ -124,15 +125,13 @@ bool WifiPolicyUtils::CheckWifiId(std::vector &data, bool isAllowed) EDMLOGE("CheckWifiList ssid is empty or too large!"); return false; } + EdmUtils::ClearString(ssid); std::string bssid = wifiId.GetBssid(); - if (isAllowed && bssid.empty()) { - EDMLOGE("CheckWifiList bssid parse error!"); - return false; - } if (!bssid.empty() && bssid.size() != EdmConstants::WIFI_BSSID_LENGTH) { EDMLOGE("CheckWifiList bssid parse error!"); return false; } + EdmUtils::ClearString(bssid); } return true; } diff --git a/test/fuzztest/common/src/common_fuzzer.cpp b/test/fuzztest/common/src/common_fuzzer.cpp index 3d567d74a7caaa08978710a3dfe2d6ac151a0ef0..9bd3d5477b625204904a5db7f4e9f295557da00c 100644 --- a/test/fuzztest/common/src/common_fuzzer.cpp +++ b/test/fuzztest/common/src/common_fuzzer.cpp @@ -49,8 +49,7 @@ #include "get_all_network_interfaces_plugin.h" #include "get_bluetooth_info_plugin.h" #include "get_device_info_plugin.h" -#include "get_ip_address_plugin.h" -#include "get_mac_plugin.h" +#include "get_ip_or_mac_address_plugin.h" #include "global_proxy_plugin.h" #include "ienterprise_device_mgr.h" #ifdef FEATURE_PC_ONLY @@ -134,14 +133,15 @@ const bool REGISTER_GET_ALL_NETWORK_INTERFACES_PLUGIN = const bool REGISTER_GET_BLUETOOTH_INFO_PLUGIN = PluginManager::GetInstance()->AddPlugin(GetBluetoothInfoPlugin::GetPlugin()); const bool REGISTER_GET_DEVICE_INFO_PLUGIN = PluginManager::GetInstance()->AddPlugin(GetDeviceInfoPlugin::GetPlugin()); -const bool REGISTER_GET_IP_ADDRESS_PLUGIN = PluginManager::GetInstance()->AddPlugin(GetIpAddressPlugin::GetPlugin()); -const bool REGISTER_GET_MAC_PLUGIN = PluginManager::GetInstance()->AddPlugin(GetMacPlugin::GetPlugin()); +const bool REGISTER_GET_IP_OR_MAC_ADDRESS_PLUGIN = + PluginManager::GetInstance()->AddPlugin(GetIpOrMacAddressPlugin::GetPlugin()); const bool REGISTER_GLOBAL_PROXY_PLUGIN = PluginManager::GetInstance()->AddPlugin(GlobalProxyPlugin::GetPlugin()); const bool REGISTER_INSTALL_PLUGIN = PluginManager::GetInstance()->AddPlugin(InstallPlugin::GetPlugin()); const bool REGISTER_IPTABLES_RULE_PLUGIN = PluginManager::GetInstance()->AddPlugin(std::make_shared()); const bool REGISTER_IS_WIFI_ACTIVE_PLUGIN = PluginManager::GetInstance()->AddPlugin(IsWifiActivePlugin::GetPlugin()); -const bool REGISTER_LOCATION_POLICY_PLUGIN = PluginManager::GetInstance()->AddPlugin(LocationPolicyPlugin::GetPlugin()); +const bool REGISTER_LOCATION_POLICY_PLUGIN = + PluginManager::GetInstance()->AddPlugin(LocationPolicyPlugin::GetPlugin()); const bool REGISTER_LOCK_SCREEN_PLUGIN = PluginManager::GetInstance()->AddPlugin(LockScreenPlugin::GetPlugin()); const bool REGISTER_MANAGE_AUTO_START_APPS_PLUGIN = PluginManager::GetInstance()->AddPlugin(std::make_shared()); diff --git a/test/fuzztest/enterprisedevicemgrstubmock_fuzzer/BUILD.gn b/test/fuzztest/enterprisedevicemgrstubmock_fuzzer/BUILD.gn index 8aa6d9cd0bc62d18b4412e3eef16d2615a084824..ea33dfa056633d0aebdebf83250387ae9f790487 100644 --- a/test/fuzztest/enterprisedevicemgrstubmock_fuzzer/BUILD.gn +++ b/test/fuzztest/enterprisedevicemgrstubmock_fuzzer/BUILD.gn @@ -68,7 +68,9 @@ ohos_static_library("edmservice_fuzz_static") { "../../../services/edm/src/policy_manager.cpp", "../../../services/edm/src/query_policy/allowed_app_distribution_types_query.cpp", "../../../services/edm/src/query_policy/allowed_install_bundles_query.cpp", + "../../../services/edm/src/query_policy/disable_app_clone_query.cpp", "../../../services/edm/src/query_policy/disable_maintenance_mode_query.cpp", + "../../../services/edm/src/query_policy/disallow_random_mac_address_query.cpp", "../../../services/edm/src/query_policy/disable_mtp_client_query.cpp", "../../../services/edm/src/query_policy/disable_mtp_server_query.cpp", "../../../services/edm/src/query_policy/disable_samba_client_query.cpp", @@ -179,6 +181,7 @@ ohos_static_library("edmservice_fuzz_static") { "../../../services/edm_plugin/src/allowed_install_bundles_plugin.cpp", "../../../services/edm_plugin/src/bundle_install_plugin.cpp", "../../../services/edm_plugin/src/disable_maintenance_mode_plugin.cpp", + "../../../services/edm_plugin/src/disallow_random_mac_address_plugin.cpp", "../../../services/edm_plugin/src/disable_mtp_client_plugin.cpp", "../../../services/edm_plugin/src/disable_mtp_server_plugin.cpp", "../../../services/edm_plugin/src/disable_user_mtp_client_plugin.cpp", @@ -279,8 +282,7 @@ ohos_static_library("edmservice_fuzz_static") { "../../../services/edm_plugin/src/domain_filter_rule_plugin.cpp", "../../../services/edm_plugin/src/firewall_rule_plugin.cpp", "../../../services/edm_plugin/src/get_all_network_interfaces_plugin.cpp", - "../../../services/edm_plugin/src/get_ip_address_plugin.cpp", - "../../../services/edm_plugin/src/get_mac_plugin.cpp", + "../../../services/edm_plugin/src/get_ip_or_mac_address_plugin.cpp", "../../../services/edm_plugin/src/global_proxy_plugin.cpp", "../../../services/edm_plugin/src/iptables_rule_plugin.cpp", "../../../services/edm_plugin/src/network/executer/domain_executer.cpp", @@ -340,6 +342,14 @@ ohos_static_library("edmservice_fuzz_static") { "../../../services/edm_plugin/src/usb_read_only_plugin.cpp", ] } + + if (storage_service_edm_enable) { + external_deps += [ "storage_service:storage_manager_sa_proxy" ] + sources += [ + "../../../services/edm/src/query_policy/disallow_external_storage_card_query.cpp", + "../../../services/edm_plugin/src/disallow_external_storage_card_plugin.cpp" + ] + } if (audio_framework_edm_enable) { external_deps += [ "audio_framework:audio_client" ] diff --git a/test/unittest/interface/inner_api/proxy/wifi_manager_proxy_test.cpp b/test/unittest/interface/inner_api/proxy/wifi_manager_proxy_test.cpp index 8361c56257419ae58e61835a59bb0e4002f3f6ef..504e75c70c19349d585934c370cb1dafb53ec024 100644 --- a/test/unittest/interface/inner_api/proxy/wifi_manager_proxy_test.cpp +++ b/test/unittest/interface/inner_api/proxy/wifi_manager_proxy_test.cpp @@ -249,6 +249,30 @@ HWTEST_F(WifiManagerProxyTest, TestAddAllowedWifiListSuc, TestSize.Level1) ASSERT_TRUE(ret == ERR_OK); } +/** + * @tc.name: TestAddAllowedWifiListWithoutBssidSuc + * @tc.desc: Test AddAllowedWifiList success func without Bssid. + * @tc.type: FUNC + */ +HWTEST_F(WifiManagerProxyTest, TestAddAllowedWifiListWithoutBssidSuc, TestSize.Level1) +{ + MessageParcel data; + OHOS::AppExecFwk::ElementName admin; + admin.SetBundleName(ADMIN_PACKAGENAME); + data.WriteParcelable(&admin); + EXPECT_CALL(*object_, SendRequest(_, _, _, _)) + .Times(1) + .WillOnce(Invoke(object_.GetRefPtr(), &EnterpriseDeviceMgrStubMock::InvokeSendRequestSetPolicy)); + WifiId id1; + id1.SetSsid("wifi_name"); + data.WriteUint32(1); + id1.Marshalling(data); + + int32_t ret = wifiManagerProxy->AddOrRemoveWifiList(data, FuncOperateType::SET, + EdmInterfaceCode::ALLOWED_WIFI_LIST); + ASSERT_TRUE(ret == ERR_OK); +} + /** * @tc.name: TestAddAllowedWifiListFail * @tc.desc: Test AddAllowedWifiList without enable edm service func. @@ -297,6 +321,30 @@ HWTEST_F(WifiManagerProxyTest, TestRemoveAllowedWifiListSuc, TestSize.Level1) ASSERT_TRUE(ret == ERR_OK); } +/** + * @tc.name: TestRemoveAllowedWifiListWithoutBssidSuc + * @tc.desc: Test RemoveAllowedWifiList success without Bssid func. + * @tc.type: FUNC + */ +HWTEST_F(WifiManagerProxyTest, TestRemoveAllowedWifiListWithoutBssidSuc, TestSize.Level1) +{ + MessageParcel data; + OHOS::AppExecFwk::ElementName admin; + admin.SetBundleName(ADMIN_PACKAGENAME); + data.WriteParcelable(&admin); + EXPECT_CALL(*object_, SendRequest(_, _, _, _)) + .Times(1) + .WillOnce(Invoke(object_.GetRefPtr(), &EnterpriseDeviceMgrStubMock::InvokeSendRequestSetPolicy)); + WifiId id1; + id1.SetSsid("wifi_name"); + data.WriteUint32(1); + id1.Marshalling(data); + + int32_t ret = wifiManagerProxy->AddOrRemoveWifiList(data, FuncOperateType::REMOVE, + EdmInterfaceCode::ALLOWED_WIFI_LIST); + ASSERT_TRUE(ret == ERR_OK); +} + /** * @tc.name: TestRemoveAllowedWifiListFail * @tc.desc: Test RemoveAllowedWifiList without enable edm service func. diff --git a/test/unittest/services/edm/BUILD.gn b/test/unittest/services/edm/BUILD.gn index 5dbd79a26d0256030ee3fc268978be6ae8696f97..d6d60abc7a72a642f0b959d5d2a3123fd8db08d4 100644 --- a/test/unittest/services/edm/BUILD.gn +++ b/test/unittest/services/edm/BUILD.gn @@ -63,7 +63,10 @@ ohos_static_library("edmservice_static") { "../../../../services/edm/src/policy_manager.cpp", "../../../../services/edm/src/query_policy/allowed_app_distribution_types_query.cpp", "../../../../services/edm/src/query_policy/allowed_install_bundles_query.cpp", + "../../../../services/edm/src/query_policy/disable_app_clone_query.cpp", "../../../../services/edm/src/query_policy/disable_backup_and_restore_query.cpp", + "../../../../services/edm/src/query_policy/disallow_random_mac_address_query.cpp", + "../../../../services/edm/src/query_policy/disallow_external_storage_card_query.cpp", "../../../../services/edm/src/query_policy/disable_set_biometrics_and_screenLock_query.cpp", "../../../../services/edm/src/query_policy/disable_set_device_name_query.cpp", "../../../../services/edm/src/query_policy/disallow_export_recovery_key_query.cpp", @@ -92,6 +95,7 @@ ohos_static_library("edmservice_static") { "../../../../services/edm_plugin/src/utils/usb_policy_utils.cpp", "../../../../services/edm/src/query_policy/disallowed_sms_query.cpp", "../../../../services/edm/src/query_policy/disallowed_mms_query.cpp", + "../../../../services/edm_plugin/src/set_browser_policies_plugin.cpp", ] public_configs = [ diff --git a/test/unittest/services/edm/src/enterprise_device_mgr_ability_test.cpp b/test/unittest/services/edm/src/enterprise_device_mgr_ability_test.cpp index d60394c360b8967092a41ee3cd1e52fde3bc60aa..8cdebc3e53510251fee9aee1b9710e4895642143 100644 --- a/test/unittest/services/edm/src/enterprise_device_mgr_ability_test.cpp +++ b/test/unittest/services/edm/src/enterprise_device_mgr_ability_test.cpp @@ -34,6 +34,7 @@ #include "plugin_manager_test.h" #include "utils.h" #include "edm_log.h" +#include "set_browser_policies_plugin.h" using namespace testing; using namespace testing::ext; @@ -3265,14 +3266,12 @@ HWTEST_F(EnterpriseDeviceMgrAbilityTest, TestGetDevicePolicyInnerWithoutAdminSuc { EXPECT_CALL(*osAccountMgrMock_, IsOsAccountExists).WillOnce(DoAll(SetArgReferee<1>(true), Return(ERR_OK))); - uint32_t code = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, WITHOUT_ADMIN_SUCCESS_POLICY_CODE); + uint32_t code = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::GET, WITHOUT_ADMIN_SUCCESS_POLICY_CODE); MessageParcel data; MessageParcel reply; data.WriteInt32(1); - plugin_->permissionConfig_.typePermissions[IPlugin::PermissionType::NORMAL_DEVICE_ADMIN] = - EDM_MANAGE_DATETIME_PERMISSION; - PluginManager::GetInstance()->NotifyUnloadAllPlugin(); - PluginManager::GetInstance()->AddPlugin(plugin_); + auto browserPlugin = std::make_shared(); + PluginManager::GetInstance()->pluginsCode_[WITHOUT_ADMIN_SUCCESS_POLICY_CODE] = browserPlugin; edmMgr_->GetDevicePolicyInner(code, data, reply, DEFAULT_USER_ID); ASSERT_TRUE(reply.ReadInt32() == ERR_OK); } diff --git a/test/unittest/services/edm/src/plugin_policy_query_test.cpp b/test/unittest/services/edm/src/plugin_policy_query_test.cpp index c69b45ca8b958c29cbd510288c5e88936d93af29..e826876a354e8652e085d0f167095ae6f520c5d8 100644 --- a/test/unittest/services/edm/src/plugin_policy_query_test.cpp +++ b/test/unittest/services/edm/src/plugin_policy_query_test.cpp @@ -37,9 +37,12 @@ #include "clipboard_policy.h" #include "clipboard_policy_query.h" #include "clipboard_policy_serializer.h" +#include "disable_app_clone_query.h" #include "disable_backup_and_restore_query.h" #include "disable_bluetooth_query.h" #include "disable_camera_query.h" +#include "disallow_random_mac_address_query.h" +#include "disallow_external_storage_card_query.h" #include "disable_hdc_query.h" #include "disable_microphone_query.h" #include "disable_printer_query.h" @@ -1816,6 +1819,39 @@ HWTEST_F(PluginPolicyQueryTest, TestDisableSetDeviceNameQuery002, TestSize.Level ASSERT_TRUE(ret == ERR_OK); } +/** + * @tc.name: TestDisableAppCloneQuery001 + * @tc.desc: Test DisableAppCloneQuery QueryPolicy function. + * @tc.type: FUNC + */ +HWTEST_F(PluginPolicyQueryTest, TestDisableAppCloneQuery001, TestSize.Level1) +{ + std::shared_ptr queryObj = std::make_shared(); + std::string policyData{"false"}; + MessageParcel data; + MessageParcel reply; + ErrCode ret = queryObj->QueryPolicy(policyData, data, reply, DEFAULT_USER_ID); + int32_t flag = ERR_INVALID_VALUE; + ASSERT_TRUE(reply.ReadInt32(flag) && (flag == ERR_OK)); + bool result = false; + reply.ReadBool(result); + ASSERT_TRUE(ret == ERR_OK); +} + +/** + * @tc.name: TestDisableAppCloneQuery2 + * @tc.desc: Test DisableAppCloneQuery GetPolicyName and GetPermission function. + * @tc.type: FUNC + */ +HWTEST_F(PluginPolicyQueryTest, TestDisableAppCloneQuery002, TestSize.Level1) +{ + std::shared_ptr queryObj = std::make_shared(); + std::string permissionTag = TEST_PERMISSION_TAG_VERSION_11; + ASSERT_TRUE(queryObj->GetPermission(IPlugin::PermissionType::SUPER_DEVICE_ADMIN, permissionTag) + == TEST_PERMISSION_ENTERPRISE_MANAGE_RESTRICTIONS); + ASSERT_TRUE(queryObj->GetPolicyName() == PolicyName::POLICY_DISABLED_APP_CLONE); +} + #ifdef FEATURE_PC_ONLY /** * @tc.name: TestGetAutoUnlockAfterRebootQuery001 diff --git a/test/unittest/services/edm_plugin/BUILD.gn b/test/unittest/services/edm_plugin/BUILD.gn index eadb6044c8aa5f25cb95fe2656579f763b8b767c..4235d3cfc947b3623082610541041d3ead91631e 100644 --- a/test/unittest/services/edm_plugin/BUILD.gn +++ b/test/unittest/services/edm_plugin/BUILD.gn @@ -43,6 +43,7 @@ ohos_unittest("EdmPluginTest") { "./src/allowed_app_distribution_types_plugin_test.cpp", "./src/bundle_install_plugin_test.cpp", "./src/device_info_plugin_test.cpp", + "./src/disable_app_clone_plugin_test.cpp", "./src/disable_maintenance_mode_plugin_test.cpp", "./src/disable_mtp_client_plugin_test.cpp", "./src/disable_mtp_server_plugin_test.cpp", @@ -51,6 +52,8 @@ ohos_unittest("EdmPluginTest") { "./src/disable_samba_server_plugin_test.cpp", "./src/disable_set_biometrics_and_screenLock_plugin_test.cpp", "./src/disable_set_device_name_plugin_test.cpp", + "./src/disallow_random_mac_address_plugin_test.cpp", + "./src/disallow_external_storage_card_plugin_test.cpp", "./src/disallow_export_recovery_key_plugin_test.cpp", "./src/disallow_distributed_transmission_plugin_test.cpp", "./src/disallow_modify_datetime_plugin_test.cpp", @@ -406,7 +409,10 @@ ohos_static_library("edm_all_plugin_static") { "../../../../services/edm_plugin/src/allowed_app_distribution_types_plugin.cpp", "../../../../services/edm_plugin/src/allowed_install_bundles_plugin.cpp", "../../../../services/edm_plugin/src/bundle_install_plugin.cpp", + "../../../../services/edm_plugin/src/disable_app_clone_plugin.cpp", "../../../../services/edm_plugin/src/disable_backup_and_restore_plugin.cpp", + "../../../../services/edm_plugin/src/disallow_random_mac_address_plugin.cpp", + "../../../../services/edm_plugin/src/disallow_external_storage_card_plugin.cpp", "../../../../services/edm_plugin/src/disable_maintenance_mode_plugin.cpp", "../../../../services/edm_plugin/src/disable_mtp_client_plugin.cpp", "../../../../services/edm_plugin/src/disable_mtp_server_plugin.cpp", @@ -555,8 +561,7 @@ ohos_static_library("edm_all_plugin_static") { "../../../../services/edm_plugin/src/domain_filter_rule_plugin.cpp", "../../../../services/edm_plugin/src/firewall_rule_plugin.cpp", "../../../../services/edm_plugin/src/get_all_network_interfaces_plugin.cpp", - "../../../../services/edm_plugin/src/get_ip_address_plugin.cpp", - "../../../../services/edm_plugin/src/get_mac_plugin.cpp", + "../../../../services/edm_plugin/src/get_ip_or_mac_address_plugin.cpp", "../../../../services/edm_plugin/src/global_proxy_plugin.cpp", "../../../../services/edm_plugin/src/iptables_rule_plugin.cpp", "../../../../services/edm_plugin/src/network/executer/domain_executer.cpp", @@ -682,6 +687,7 @@ ohos_static_library("edm_all_plugin_static") { "../../../../services/edm_plugin/src/disallowed_nearlink_protocols_plugin.cpp", "../../../../services/edm_plugin/src/utils/nearlink_config_utils.cpp", "../../../../services/edm_plugin/src/utils/nearlink_protocol_utils.cpp", + "../../../../services/edm_plugin/src/disallowed_usb_storage_device_write_plugin.cpp", ] } diff --git a/test/unittest/services/edm_plugin/src/disable_app_clone_plugin_test.cpp b/test/unittest/services/edm_plugin/src/disable_app_clone_plugin_test.cpp new file mode 100644 index 0000000000000000000000000000000000000000..8581bd9060d6da14e69fcad779c17232a787dba6 --- /dev/null +++ b/test/unittest/services/edm_plugin/src/disable_app_clone_plugin_test.cpp @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "disable_app_clone_plugin.h" +#include "edm_ipc_interface_code.h" +#include "utils.h" + +using namespace testing::ext; +using namespace testing; + +namespace OHOS { +namespace EDM { +namespace TEST { +class DisableAppClonePluginTest : public testing::Test { +protected: + static void SetUpTestSuite(void); + + static void TearDownTestSuite(void); +}; + +void DisableAppClonePluginTest::SetUpTestSuite(void) +{ + Utils::SetEdmInitialEnv(); +} + +void DisableAppClonePluginTest::TearDownTestSuite(void) +{ + Utils::ResetTokenTypeAndUid(); + ASSERT_TRUE(Utils::IsOriginalUTEnv()); + std::cout << "now ut process is orignal ut env : " << Utils::IsOriginalUTEnv() << std::endl; +} + +/** + * @tc.name: TestOnSetPolicy + * @tc.desc: Test DisableAppClonePluginTest::OnSetPolicy function. + * @tc.type: FUNC + */ +HWTEST_F(DisableAppClonePluginTest, TestOnSetPolicy, TestSize.Level1) +{ + MessageParcel data; + MessageParcel reply; + data.WriteBool(false); + auto plugin = DisableAppClonePlugin::GetPlugin(); + HandlePolicyData handlePolicyData{"false", "", false}; + std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, + EdmInterfaceCode::DISABLED_APP_CLONE); + ErrCode ret = plugin->OnHandlePolicy(funcCode, data, reply, handlePolicyData, DEFAULT_USER_ID); + ASSERT_TRUE(ret == ERR_OK); + ASSERT_TRUE(handlePolicyData.isChanged); +} +} // namespace TEST +} // namespace EDM +} // namespace OHOS \ No newline at end of file diff --git a/test/unittest/services/edm_plugin/src/disallow_external_storage_card_plugin_test.cpp b/test/unittest/services/edm_plugin/src/disallow_external_storage_card_plugin_test.cpp new file mode 100644 index 0000000000000000000000000000000000000000..ea9aa9dd86aa91dcb7d2ad96021744d92861b50e --- /dev/null +++ b/test/unittest/services/edm_plugin/src/disallow_external_storage_card_plugin_test.cpp @@ -0,0 +1,73 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include "disallow_external_storage_card_plugin.h" +#include "edm_constants.h" +#include "edm_ipc_interface_code.h" +#include "iplugin_manager.h" +#include "parameters.h" +#include "plugin_singleton.h" +#include "utils.h" + +using namespace testing::ext; +using namespace testing; + +namespace OHOS { +namespace EDM { +namespace TEST { +const std::string PERSIST_EDM_MAINTENANCE_MODE = "persist.edm.external_storage_card_disable"; +class DisallowExternalStorageCardPluginTest : public testing::Test { +protected: + static void SetUpTestSuite(void); + + static void TearDownTestSuite(void); +}; + +void DisallowExternalStorageCardPluginTest::SetUpTestSuite(void) +{ + Utils::SetEdmServiceEnable(); + Utils::SetEdmInitialEnv(); +} + +void DisallowExternalStorageCardPluginTest::TearDownTestSuite(void) +{ + Utils::SetEdmServiceDisable(); + Utils::ResetTokenTypeAndUid(); + OHOS::system::SetParameter(PERSIST_EDM_MAINTENANCE_MODE, "false"); + ASSERT_TRUE(Utils::IsOriginalUTEnv()); + std::cout << "now ut process is orignal ut env : " << Utils::IsOriginalUTEnv() << std::endl; +} + +/** + * @tc.name: TestDisallowExternalStorageCardPluginTestOnSetPolicy + * @tc.desc: Test DisallowExternalStorageCardPluginTest::OnSetPolicy function. + * @tc.type: FUNC + */ +HWTEST_F(DisallowExternalStorageCardPluginTest, TestDisallowExternalStorageCardPluginTestOnSetPolicy, TestSize.Level1) +{ + DisallowExternalStorageCardPlugin plugin; + bool data = true; + bool currentData; + bool mergeData; + ErrCode ret = plugin.OnSetPolicy(data, currentData, mergeData, DEFAULT_USER_ID); + ASSERT_TRUE(ret == ERR_OK); + data = false; + ret = plugin.OnSetPolicy(data, currentData, mergeData, DEFAULT_USER_ID); + ASSERT_TRUE(ret == ERR_OK); +} +} // namespace TEST +} // namespace EDM +} // namespace OHOS \ No newline at end of file diff --git a/test/unittest/services/edm_plugin/src/disallow_random_mac_address_plugin_test.cpp b/test/unittest/services/edm_plugin/src/disallow_random_mac_address_plugin_test.cpp new file mode 100644 index 0000000000000000000000000000000000000000..5f4c5892e6d9c69e7daf453f46776f863f9b30ad --- /dev/null +++ b/test/unittest/services/edm_plugin/src/disallow_random_mac_address_plugin_test.cpp @@ -0,0 +1,93 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include "disallow_random_mac_address_plugin.h" +#include "edm_constants.h" +#include "edm_ipc_interface_code.h" +#include "iplugin_manager.h" +#include "parameters.h" +#include "plugin_singleton.h" +#include "utils.h" + +using namespace testing::ext; +using namespace testing; + +namespace OHOS { +namespace EDM { +namespace TEST { +const std::string PERSIST_EDM_MAINTENANCE_MODE = "persist.edm.random_mac_address_disable"; +class DisallowRandomMacAddressPluginTest : public testing::Test { +protected: + static void SetUpTestSuite(void); + + static void TearDownTestSuite(void); +}; + +void DisallowRandomMacAddressPluginTest::SetUpTestSuite(void) +{ + Utils::SetEdmServiceEnable(); + Utils::SetEdmInitialEnv(); +} + +void DisallowRandomMacAddressPluginTest::TearDownTestSuite(void) +{ + Utils::SetEdmServiceDisable(); + Utils::ResetTokenTypeAndUid(); + OHOS::system::SetParameter(PERSIST_EDM_MAINTENANCE_MODE, "false"); + ASSERT_TRUE(Utils::IsOriginalUTEnv()); + std::cout << "now ut process is orignal ut env : " << Utils::IsOriginalUTEnv() << std::endl; +} + +/** + * @tc.name: TestDisallowRandomMacAddressPluginTestSetTrue + * @tc.desc: Test DisallowRandomMacAddressPluginTest::OnSetPolicy function. + * @tc.type: FUNC + */ +HWTEST_F(DisallowRandomMacAddressPluginTest, TestDisallowRandomMacAddressPluginTestSetTrue, TestSize.Level1) +{ + MessageParcel data; + MessageParcel reply; + data.WriteBool(true); + std::shared_ptr plugin = DisallowRandomMacAddressPlugin::GetPlugin(); + HandlePolicyData handlePolicyData{"true", "", false}; + std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, + EdmInterfaceCode::DISALLOWED_RANDOM_MAC_ADDRESS); + ErrCode ret = plugin->OnHandlePolicy(funcCode, data, reply, handlePolicyData, DEFAULT_USER_ID); + ASSERT_TRUE(ret == ERR_OK); + ASSERT_TRUE(OHOS::system::GetBoolParameter(PERSIST_EDM_MAINTENANCE_MODE, false)); +} + +/** + * @tc.name: TestDisallowRandomMacAddressPluginTestSetFalse + * @tc.desc: Test DisallowRandomMacAddressPluginTest::OnSetPolicy function. + * @tc.type: FUNC + */ +HWTEST_F(DisallowRandomMacAddressPluginTest, TestDisallowRandomMacAddressPluginTestSetFalse, TestSize.Level1) +{ + MessageParcel data; + MessageParcel reply; + data.WriteBool(false); + std::shared_ptr plugin = DisallowRandomMacAddressPlugin::GetPlugin(); + HandlePolicyData handlePolicyData{"false", "", false}; + std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::SET, + EdmInterfaceCode::DISALLOWED_RANDOM_MAC_ADDRESS); + ErrCode ret = plugin->OnHandlePolicy(funcCode, data, reply, handlePolicyData, DEFAULT_USER_ID); + ASSERT_TRUE(ret == ERR_OK); + ASSERT_FALSE(OHOS::system::GetBoolParameter(PERSIST_EDM_MAINTENANCE_MODE, true)); +} +} // namespace TEST +} // namespace EDM +} // namespace OHOS \ No newline at end of file diff --git a/test/unittest/services/edm_plugin/src/network_manager_plugin_test.cpp b/test/unittest/services/edm_plugin/src/network_manager_plugin_test.cpp index 7f95232839f68d7410feb4fc017dc549a8c9533d..1a2497cc69fa66f7958321381c7a5929d910404c 100644 --- a/test/unittest/services/edm_plugin/src/network_manager_plugin_test.cpp +++ b/test/unittest/services/edm_plugin/src/network_manager_plugin_test.cpp @@ -18,12 +18,12 @@ #include "disabled_network_interface_plugin.h" #include "edm_ipc_interface_code.h" #include "get_all_network_interfaces_plugin.h" -#include "get_ip_address_plugin.h" -#include "get_mac_plugin.h" +#include "get_ip_or_mac_address_plugin.h" #include "iplugin_manager.h" #include "map_string_serializer.h" #include "plugin_singleton.h" #include "utils.h" +#include "network_address.h" using namespace testing::ext; using namespace testing; @@ -75,10 +75,11 @@ HWTEST_F(NetworkManagerPluginTest, TestGetAllNetworkInterfaces, TestSize.Level1) */ HWTEST_F(NetworkManagerPluginTest, TestGetIpAddress, TestSize.Level1) { - std::shared_ptr plugin = GetIpAddressPlugin::GetPlugin(); + std::shared_ptr plugin = GetIpOrMacAddressPlugin::GetPlugin(); std::string policyData{"TestGetIpAddress"}; MessageParcel data; MessageParcel reply; + data.WriteInt32(NetworkAddress::IPADDRESS); ErrCode ret = plugin->OnGetPolicy(policyData, data, reply, DEFAULT_USER_ID); ASSERT_TRUE(ret == ERR_OK); } @@ -90,10 +91,11 @@ HWTEST_F(NetworkManagerPluginTest, TestGetIpAddress, TestSize.Level1) */ HWTEST_F(NetworkManagerPluginTest, TestGetMac, TestSize.Level1) { - std::shared_ptr plugin = GetMacPlugin::GetPlugin(); + std::shared_ptr plugin = GetIpOrMacAddressPlugin::GetPlugin(); std::string policyData{"TestGetMac"}; MessageParcel data; MessageParcel reply; + data.WriteInt32(NetworkAddress::MAC); ErrCode ret = plugin->OnGetPolicy(policyData, data, reply, DEFAULT_USER_ID); ASSERT_TRUE(ret == ERR_OK); }