diff --git a/bundle.json b/bundle.json
index 836e0296d0e9c594ad97f2681dd7ec718bd8dd89..a589d7d24a1f5d9bc1539a9d778b2f8f32a1d453 100644
--- a/bundle.json
+++ b/bundle.json
@@ -111,7 +111,9 @@
"//base/customization/enterprise_device_management/services/edm_plugin:wifi_manager_plugin",
"//base/customization/enterprise_device_management/services/edm_plugin:bundle_manager_plugin",
"//base/customization/enterprise_device_management/sa_profile:edm_sa_profile",
- "//base/customization/enterprise_device_management/etc/init:edm.cfg"
+ "//base/customization/enterprise_device_management/etc/init:edm.cfg",
+ "//base/customization/enterprise_device_management/etc/param:edm.para",
+ "//base/customization/enterprise_device_management/etc/param:edm.para.dac"
]
},
"inner_api": [
diff --git a/common/native/include/edm_errors.h b/common/native/include/edm_errors.h
index 3eda398cfa834e44a5d62f1f6eed119a480005b1..9686176eef84f4dc2224853f27303ede9148b0ee 100644
--- a/common/native/include/edm_errors.h
+++ b/common/native/include/edm_errors.h
@@ -62,6 +62,7 @@ enum {
ERR_EDM_GET_ENTINFO_FAILED,
ERR_EDM_SET_ENTINFO_FAILED,
ERR_EDM_DUMP_FAILED,
+ ERR_EDM_SA_LOAD_FAILED,
};
// Error code for ADMINMGR: 0x2020000,value:33685504
diff --git a/etc/init/edm.cfg b/etc/init/edm.cfg
index 7cfc2815db6e2eab6a997a737a0db6af99dc4e1b..f2d44dbff78b8477bc9d24048a5104083a2fbd94 100644
--- a/etc/init/edm.cfg
+++ b/etc/init/edm.cfg
@@ -2,7 +2,6 @@
"jobs" : [{
"name" : "boot",
"cmds" : [
- "start edm_sa",
"mkdir /data/service/el1/public/edm 0770 edm edm",
"chown edm edm /data/service/el1/public/edm",
"chmod 0770 /data/service/el1/public/edm"
@@ -10,10 +9,11 @@
}
],
"services" : [{
- "name" : "edm_sa",
- "path" : ["/system/bin/sa_main", "/system/profile/edm.xml"],
+ "name" : "edm",
+ "path" : ["/system/bin/sa_main", "/system/profile/edm.json"],
"uid" : "edm",
"gid" : ["edm", "shell"],
+ "ondemand" : true,
"apl" : "system_core",
"permission" : [
"ohos.permission.SET_TIME",
diff --git a/etc/param/BUILD.gn b/etc/param/BUILD.gn
new file mode 100644
index 0000000000000000000000000000000000000000..39ec44f569654f7f1467315017e84197277718e7
--- /dev/null
+++ b/etc/param/BUILD.gn
@@ -0,0 +1,26 @@
+# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/ohos.gni")
+
+ohos_prebuilt_etc("edm.para") {
+ source = "//base/customization/enterprise_device_management/etc/param/edm.para"
+ part_name = "enterprise_device_management"
+ module_install_dir = "etc/param"
+}
+
+ohos_prebuilt_etc("edm.para.dac") {
+ source = "//base/customization/enterprise_device_management/etc/param/edm.para.dac"
+ part_name = "enterprise_device_management"
+ module_install_dir = "etc/param"
+}
diff --git a/etc/param/edm.para b/etc/param/edm.para
new file mode 100644
index 0000000000000000000000000000000000000000..4f9a26026c12e492bb47381cd8fd2edc8733e6bb
--- /dev/null
+++ b/etc/param/edm.para
@@ -0,0 +1,14 @@
+# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+persist.edm.edm_enable=false
\ No newline at end of file
diff --git a/etc/param/edm.para.dac b/etc/param/edm.para.dac
new file mode 100644
index 0000000000000000000000000000000000000000..2e8007d37ddc8bf40a3d4e817e2521c04182124c
--- /dev/null
+++ b/etc/param/edm.para.dac
@@ -0,0 +1,14 @@
+# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+persist.edm.="edm:edm:775"
diff --git a/interfaces/inner_api/BUILD.gn b/interfaces/inner_api/BUILD.gn
index eef991cbdcc90072e14f92a2b72b229c0e63b313..203fc2549d35678eb02adff50e4b0d23c461796f 100644
--- a/interfaces/inner_api/BUILD.gn
+++ b/interfaces/inner_api/BUILD.gn
@@ -52,6 +52,7 @@ ohos_shared_library("edmservice_kits") {
external_deps = [
"ability_base:want",
"c_utils:utils",
+ "init:libbegetutil",
"ipc:ipc_core",
"samgr:samgr_proxy",
]
diff --git a/sa_profile/edm.xml b/interfaces/inner_api/common/include/edm_load_callback.h
similarity index 39%
rename from sa_profile/edm.xml
rename to interfaces/inner_api/common/include/edm_load_callback.h
index 4b9c889d2079f97c11bf097cc2b6320639f5795c..6593cc9a1e2f68b1a173def57dabd0c484165fcf 100644
--- a/sa_profile/edm.xml
+++ b/interfaces/inner_api/common/include/edm_load_callback.h
@@ -1,6 +1,5 @@
-
-
-
- edm
-
- 1601
- libedmservice.z.so
- true
- false
- 1
-
-
\ No newline at end of file
+ */
+
+#ifndef INTERFACES_INNER_API_INCLUDE_ENTERPRISE_LOAD_CALLBACK_H
+#define INTERFACES_INNER_API_INCLUDE_ENTERPRISE_LOAD_CALLBACK_H
+
+#include
+#include "iremote_object.h"
+
+#include "system_ability_load_callback_stub.h"
+
+namespace OHOS {
+namespace EDM {
+class EdmLoadCallback : public SystemAbilityLoadCallbackStub {
+public:
+ void OnLoadSystemAbilitySuccess(int32_t systemAbilityId, const sptr& remoteObject) override;
+ void OnLoadSystemAbilityFail(int32_t systemAbilityId) override;
+};
+} // namespace EDM
+} // namespace OHOS
+#endif // INTERFACES_INNER_API_INCLUDE_ENTERPRISE_LOAD_CALLBACK_H
\ No newline at end of file
diff --git a/interfaces/inner_api/common/include/edm_load_manager.h b/interfaces/inner_api/common/include/edm_load_manager.h
new file mode 100644
index 0000000000000000000000000000000000000000..9efe12804a8f47cbf29b35757ecced72e876af3c
--- /dev/null
+++ b/interfaces/inner_api/common/include/edm_load_manager.h
@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef INTERFACES_INNER_API_INCLUDE_ENTERPRISE_LOAD_MANAGER_H
+#define INTERFACES_INNER_API_INCLUDE_ENTERPRISE_LOAD_MANAGER_H
+
+#include
+#include "edm_errors.h"
+#include "iremote_object.h"
+
+namespace OHOS {
+namespace EDM {
+class EdmLoadManager {
+
+public:
+ static EdmLoadManager& GetInstance();
+ ErrCode LoadEdmSa();
+ ErrCode UnloadEdmSa();
+ void LoadSystemAbilitySuccess();
+ void LoadSystemAbilityFail();
+ sptr GetRemoteObject();
+private:
+ EdmLoadManager() = default;
+ ~EdmLoadManager() = default;
+ void InitLoadState();
+ ErrCode WaitLoadStateChange();
+
+ std::condition_variable locatorCon_;
+ std::mutex locatorMutex_;
+ bool state_ = false;
+};
+} // namespace Wifi
+} // namespace OHOS
+#endif // INTERFACES_INNER_API_INCLUDE_ENTERPRISE_LOAD_MANAGER_H
\ No newline at end of file
diff --git a/interfaces/inner_api/common/include/enterprise_device_mgr_proxy.h b/interfaces/inner_api/common/include/enterprise_device_mgr_proxy.h
index c87898ef2563aa6366a549ecfdcd0a4d28ae93cc..b3589d543c43060bee12ad779ad4e72048e031ff 100644
--- a/interfaces/inner_api/common/include/enterprise_device_mgr_proxy.h
+++ b/interfaces/inner_api/common/include/enterprise_device_mgr_proxy.h
@@ -63,6 +63,7 @@ public:
int32_t userId = DEFAULT_USER_ID);
bool GetPolicyData(AppExecFwk::ElementName *admin, int policyCode, int32_t userId, MessageParcel &reply);
bool GetPolicy(int policyCode, MessageParcel &data, MessageParcel &reply);
+ bool IsEdmEnabled();
private:
static std::shared_ptr instance_;
static std::mutex mutexLock_;
diff --git a/interfaces/inner_api/common/src/edm_load_callback.cpp b/interfaces/inner_api/common/src/edm_load_callback.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..a92319d3e80901cbebd49ad4bc69b427f4a13d78
--- /dev/null
+++ b/interfaces/inner_api/common/src/edm_load_callback.cpp
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "edm_load_callback.h"
+#include "edm_load_manager.h"
+#include "edm_log.h"
+
+namespace OHOS {
+namespace EDM {
+void EdmLoadCallback::OnLoadSystemAbilitySuccess(
+ int32_t systemAbilityId, const sptr &remoteObject)
+{
+ EDMLOGI("EdmLoadManager Load SA success, systemAbilityId = [%{public}d]", systemAbilityId);
+ EdmLoadManager::GetInstance().LoadSystemAbilitySuccess();
+}
+
+void EdmLoadCallback::OnLoadSystemAbilityFail(int32_t systemAbilityId)
+{
+ EDMLOGI("EdmLoadManager Load SA failed, systemAbilityId = [%{public}d]", systemAbilityId);
+ EdmLoadManager::GetInstance().LoadSystemAbilityFail();
+}
+} // namespace EDM
+} // namespace OHOS
diff --git a/interfaces/inner_api/common/src/edm_load_manager.cpp b/interfaces/inner_api/common/src/edm_load_manager.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..e5ebebf02bc4d9a31e664dce58a81205bf91f049
--- /dev/null
+++ b/interfaces/inner_api/common/src/edm_load_manager.cpp
@@ -0,0 +1,118 @@
+/*
+ * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "edm_load_manager.h"
+
+#include
+
+#include "edm_load_callback.h"
+#include "edm_log.h"
+#include "edm_sys_manager.h"
+#include "iremote_broker.h"
+#include "iremote_object.h"
+#include "iservice_registry.h"
+
+namespace OHOS {
+namespace EDM {
+static constexpr int32_t EDM_LOADSA_TIMEOUT_MS = 1000;
+
+EdmLoadManager& EdmLoadManager::GetInstance()
+{
+ static auto instance = new EdmLoadManager();
+ return * instance;
+}
+
+sptr EdmLoadManager::GetRemoteObject()
+{
+ if (SUCCEEDED(LoadEdmSa())) {
+ return EdmSysManager::GetRemoteObjectOfSystemAbility(ENTERPRISE_DEVICE_MANAGER_SA_ID);
+ }
+ return nullptr;
+}
+
+ErrCode EdmLoadManager::LoadEdmSa()
+{
+ EDMLOGI("%{public}s enter, systemAbilityId = [%{public}d] loading", __func__, ENTERPRISE_DEVICE_MANAGER_SA_ID);
+ InitLoadState();
+ sptr samgr =
+ SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
+ if (samgr == nullptr) {
+ EDMLOGE("%{public}s: get system ability manager failed!", __func__);
+ return EdmReturnErrCode::SYSTEM_ABNORMALLY;
+ }
+
+ auto edmLoadCallback = sptr(new EdmLoadCallback());
+ int32_t ret = samgr->LoadSystemAbility(ENTERPRISE_DEVICE_MANAGER_SA_ID, edmLoadCallback);
+ if (ret != ERR_OK) {
+ EDMLOGE("%{public}s: Failed to load system ability, SA Id = [%{public}d], ret = [%{public}d].",
+ __func__, ENTERPRISE_DEVICE_MANAGER_SA_ID, ret);
+ return ERR_EDM_SA_LOAD_FAILED;
+ }
+ return WaitLoadStateChange();
+}
+
+void EdmLoadManager::InitLoadState()
+{
+ std::unique_lock lock(locatorMutex_);
+ state_ = false;
+}
+
+ErrCode EdmLoadManager::WaitLoadStateChange()
+{
+ std::unique_lock lock(locatorMutex_);
+ auto wait = locatorCon_.wait_for(lock, std::chrono::milliseconds(EDM_LOADSA_TIMEOUT_MS), [this] {
+ return state_ == true;
+ });
+ if (!wait) {
+ EDMLOGE("locator sa edm start time out.");
+ return ERR_EDM_SA_LOAD_FAILED;
+ }
+ EDMLOGI("sa edm load success.");
+ return ERR_OK;
+}
+
+ErrCode EdmLoadManager::UnloadEdmSa()
+{
+ EDMLOGI("%{public}s enter, systemAbilityId = [%{public}d] unloading", __func__, ENTERPRISE_DEVICE_MANAGER_SA_ID);
+ sptr samgr =
+ SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
+ if (samgr == nullptr) {
+ EDMLOGE("%{public}s: get system ability manager failed!", __func__);
+ return EdmReturnErrCode::SYSTEM_ABNORMALLY;
+ }
+ int32_t ret = samgr->UnloadSystemAbility(ENTERPRISE_DEVICE_MANAGER_SA_ID);
+ if (ret != ERR_OK) {
+ EDMLOGE("%{public}s: Failed to unload system ability, SA Id = [%{public}d], ret = [%{public}d].",
+ __func__, ENTERPRISE_DEVICE_MANAGER_SA_ID, ret);
+ return ERR_EDM_SA_LOAD_FAILED;
+ }
+ return ERR_OK;
+}
+
+void EdmLoadManager::LoadSystemAbilitySuccess()
+{
+ std::unique_lock lock(locatorMutex_);
+ state_ = true;
+ locatorCon_.notify_one();
+}
+
+void EdmLoadManager::LoadSystemAbilityFail()
+{
+ std::unique_lock lock(locatorMutex_);
+ state_ = false;
+ locatorCon_.notify_one();
+}
+}; // namespace EDM
+}; // namespace OHOS
\ No newline at end of file
diff --git a/interfaces/inner_api/common/src/enterprise_device_mgr_proxy.cpp b/interfaces/inner_api/common/src/enterprise_device_mgr_proxy.cpp
index b5ed264d7678a1c41e83d133608c2c274a4130c9..4a3aea53e01217ae64f77586a57b3dfbe82f1320 100644
--- a/interfaces/inner_api/common/src/enterprise_device_mgr_proxy.cpp
+++ b/interfaces/inner_api/common/src/enterprise_device_mgr_proxy.cpp
@@ -19,9 +19,11 @@
#include "admin_type.h"
#include "edm_errors.h"
+#include "edm_load_manager.h"
#include "edm_log.h"
#include "edm_sys_manager.h"
#include "func_code.h"
+#include "parameter.h"
#include "system_ability_definition.h"
namespace OHOS {
@@ -56,6 +58,20 @@ void EnterpriseDeviceMgrProxy::DestroyInstance()
}
}
+bool EnterpriseDeviceMgrProxy::IsEdmEnabled() {
+ const int bufferLen = 128;
+ char edmParaValue[bufferLen] = {0};
+ int ret = GetParameter("persist.edm.edm_enable", "false", edmParaValue, bufferLen - 1);
+ if (ret <= 0) {
+ EDMLOGE("EnterpriseDeviceMgrProxy::GetParameter failed");
+ return false;
+ } else {
+ std::string param(edmParaValue);
+ EDMLOGD("EnterpriseDeviceMgrProxy::GetParameter %{public}s", param.c_str());
+ return param == "true";
+ }
+}
+
ErrCode EnterpriseDeviceMgrProxy::EnableAdmin(AppExecFwk::ElementName &admin, EntInfo &entInfo, AdminType type,
int32_t userId)
{
@@ -88,6 +104,9 @@ ErrCode EnterpriseDeviceMgrProxy::EnableAdmin(AppExecFwk::ElementName &admin, En
ErrCode EnterpriseDeviceMgrProxy::DisableAdmin(AppExecFwk::ElementName &admin, int32_t userId)
{
EDMLOGD("EnterpriseDeviceMgrProxy::DisableAdmin");
+ if (!IsEdmEnabled()) {
+ return EdmReturnErrCode::DISABLE_ADMIN_FAILED;
+ }
sptr remote = GetRemoteObject();
if (!remote) {
return EdmReturnErrCode::SYSTEM_ABNORMALLY;
@@ -114,6 +133,9 @@ ErrCode EnterpriseDeviceMgrProxy::DisableAdmin(AppExecFwk::ElementName &admin, i
ErrCode EnterpriseDeviceMgrProxy::DisableSuperAdmin(std::string bundleName)
{
EDMLOGD("EnterpriseDeviceMgrProxy::DisableSuperAdmin");
+ if (!IsEdmEnabled()) {
+ return EdmReturnErrCode::DISABLE_ADMIN_FAILED;
+ }
sptr remote = GetRemoteObject();
if (!remote) {
return EdmReturnErrCode::SYSTEM_ABNORMALLY;
@@ -139,6 +161,9 @@ ErrCode EnterpriseDeviceMgrProxy::DisableSuperAdmin(std::string bundleName)
ErrCode EnterpriseDeviceMgrProxy::GetEnabledAdmin(AdminType type, std::vector &enabledAdminList)
{
EDMLOGD("EnterpriseDeviceMgrProxy::GetEnabledAdmin");
+ if (!IsEdmEnabled()) {
+ return EdmReturnErrCode::ADMIN_INACTIVE;
+ }
sptr remote = GetRemoteObject();
if (!remote) {
return EdmReturnErrCode::SYSTEM_ABNORMALLY;
@@ -165,6 +190,9 @@ ErrCode EnterpriseDeviceMgrProxy::GetEnabledAdmin(AdminType type, std::vector remote = GetRemoteObject();
if (!remote) {
return EdmReturnErrCode::SYSTEM_ABNORMALLY;
@@ -192,6 +220,9 @@ ErrCode EnterpriseDeviceMgrProxy::GetEnterpriseInfo(AppExecFwk::ElementName &adm
ErrCode EnterpriseDeviceMgrProxy::SetEnterpriseInfo(AppExecFwk::ElementName &admin, EntInfo &entInfo)
{
EDMLOGD("EnterpriseDeviceMgrProxy::SetEnterpriseInfo");
+ if (!IsEdmEnabled()) {
+ return EdmReturnErrCode::ADMIN_INACTIVE;
+ }
sptr remote = GetRemoteObject();
if (!remote) {
return EdmReturnErrCode::SYSTEM_ABNORMALLY;
@@ -219,6 +250,9 @@ ErrCode EnterpriseDeviceMgrProxy::HandleManagedEvent(const AppExecFwk::ElementNa
const std::vector &events, bool subscribe)
{
EDMLOGD("EnterpriseDeviceMgrProxy::SubscribeManagedEvent: %{public}d", subscribe);
+ if (!IsEdmEnabled()) {
+ return EdmReturnErrCode::ADMIN_INACTIVE;
+ }
sptr remote = GetRemoteObject();
if (!remote) {
return EdmReturnErrCode::SYSTEM_ABNORMALLY;
@@ -246,6 +280,10 @@ ErrCode EnterpriseDeviceMgrProxy::HandleManagedEvent(const AppExecFwk::ElementNa
ErrCode EnterpriseDeviceMgrProxy::IsSuperAdmin(std::string bundleName, bool &result)
{
EDMLOGD("EnterpriseDeviceMgrProxy::IsSuperAdmin");
+ if (!IsEdmEnabled()) {
+ result = false;
+ return ERR_OK;
+ }
result = false;
sptr remote = GetRemoteObject();
if (!remote) {
@@ -274,6 +312,10 @@ ErrCode EnterpriseDeviceMgrProxy::IsSuperAdmin(std::string bundleName, bool &res
ErrCode EnterpriseDeviceMgrProxy::IsAdminEnabled(AppExecFwk::ElementName &admin, int32_t userId, bool &result)
{
EDMLOGD("EnterpriseDeviceMgrProxy::IsAdminEnabled");
+ if (!IsEdmEnabled()) {
+ result = false;
+ return ERR_OK;
+ }
result = false;
sptr remote = GetRemoteObject();
if (!remote) {
@@ -314,6 +356,9 @@ bool EnterpriseDeviceMgrProxy::IsPolicyDisabled(AppExecFwk::ElementName *admin,
int32_t EnterpriseDeviceMgrProxy::HandleDevicePolicy(int32_t policyCode, MessageParcel &data)
{
EDMLOGD("EnterpriseDeviceMgrProxy::HandleDevicePolicy");
+ if (!IsEdmEnabled()) {
+ return EdmReturnErrCode::ADMIN_INACTIVE;
+ }
sptr remote = GetRemoteObject();
if (!remote) {
return EdmReturnErrCode::SYSTEM_ABNORMALLY;
@@ -345,6 +390,7 @@ bool EnterpriseDeviceMgrProxy::GetPolicyValue(AppExecFwk::ElementName *admin, in
bool EnterpriseDeviceMgrProxy::GetPolicyArray(AppExecFwk::ElementName *admin, int policyCode,
std::vector &policyData, int32_t userId)
{
+
MessageParcel reply;
if (!GetPolicyData(admin, policyCode, userId, reply)) {
return false;
@@ -360,6 +406,7 @@ bool EnterpriseDeviceMgrProxy::GetPolicyArray(AppExecFwk::ElementName *admin, in
bool EnterpriseDeviceMgrProxy::GetPolicyMap(AppExecFwk::ElementName *admin, int policyCode,
std::map &policyData, int32_t userId)
{
+
MessageParcel reply;
if (!GetPolicyData(admin, policyCode, userId, reply)) {
return false;
@@ -388,6 +435,9 @@ bool EnterpriseDeviceMgrProxy::GetPolicyMap(AppExecFwk::ElementName *admin, int
bool EnterpriseDeviceMgrProxy::GetPolicyData(AppExecFwk::ElementName *admin, int policyCode, int32_t userId,
MessageParcel &reply)
{
+ if (!IsEdmEnabled()) {
+ return false;
+ }
MessageParcel data;
data.WriteInterfaceToken(DESCRIPTOR);
data.WriteInt32(HAS_USERID);
@@ -407,6 +457,10 @@ bool EnterpriseDeviceMgrProxy::GetPolicyData(AppExecFwk::ElementName *admin, int
bool EnterpriseDeviceMgrProxy::GetPolicy(int policyCode, MessageParcel &data, MessageParcel &reply)
{
+ if (!IsEdmEnabled()) {
+ reply.WriteInt32(EdmReturnErrCode::ADMIN_INACTIVE);
+ return false;
+ }
if (policyCode < 0) {
EDMLOGE("EnterpriseDeviceMgrProxy:GetPolicy invalid policyCode:%{public}d", policyCode);
return false;
@@ -414,6 +468,7 @@ bool EnterpriseDeviceMgrProxy::GetPolicy(int policyCode, MessageParcel &data, Me
std::uint32_t funcCode = POLICY_FUNC_CODE((std::uint32_t)FuncOperateType::GET, (std::uint32_t)policyCode);
sptr remote = GetRemoteObject();
if (!remote) {
+ reply.WriteInt32(EdmReturnErrCode::SYSTEM_ABNORMALLY);
return false;
}
MessageOption option;
@@ -449,12 +504,24 @@ bool EnterpriseDeviceMgrProxy::IsSuperAdminExist()
sptr EnterpriseDeviceMgrProxy::GetRemoteObject()
{
std::lock_guard lock(mutexLock_);
- sptr remote = EdmSysManager::GetRemoteObjectOfSystemAbility(ENTERPRISE_DEVICE_MANAGER_SA_ID);
- return remote;
+ sptr sysAbilityMgr = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
+ if (sysAbilityMgr == nullptr) {
+ EDMLOGE("EnterpriseDeviceMgrProxy::failed to get SystemAbilityManager");
+ return nullptr;
+ }
+ auto objectSA = sysAbilityMgr->CheckSystemAbility(ENTERPRISE_DEVICE_MANAGER_SA_ID);
+ if (objectSA == nullptr) {
+ EDMLOGI("EnterpriseDeviceMgrProxy::load sa from remote");
+ return EdmLoadManager::GetInstance().GetRemoteObject();
+ }
+ return sysAbilityMgr->GetSystemAbility(ENTERPRISE_DEVICE_MANAGER_SA_ID);
}
void EnterpriseDeviceMgrProxy::GetEnabledAdmins(std::uint32_t type, std::vector &enabledAdminList)
{
+ if (!IsEdmEnabled()) {
+ return;
+ }
sptr remote = GetRemoteObject();
if (!remote) {
return;
diff --git a/sa_profile/1601.json b/sa_profile/1601.json
new file mode 100644
index 0000000000000000000000000000000000000000..4529bc054c8a2f528705393a643dd6c94917afa8
--- /dev/null
+++ b/sa_profile/1601.json
@@ -0,0 +1,21 @@
+{
+ "process": "edm",
+ "systemability": [
+ {
+ "name": 1601,
+ "libpath": "libedmservice.z.so",
+ "run-on-create": false,
+ "distributed": false,
+ "dump_level": 1,
+ "start-on-demand": {
+ "bindercall": true,
+ "param": [
+ {
+ "name":"persist.edm.edm_enable",
+ "value":"true"
+ }
+ ]
+ }
+ }
+ ]
+}
\ No newline at end of file
diff --git a/sa_profile/BUILD.gn b/sa_profile/BUILD.gn
index a2aff09bf8d5aeebaf14098bdd266df041d15419..39549739ee7bb1ad6f305684d9251f3096961646 100644
--- a/sa_profile/BUILD.gn
+++ b/sa_profile/BUILD.gn
@@ -14,7 +14,7 @@
import("//build/ohos/sa_profile/sa_profile.gni")
ohos_sa_profile("edm_sa_profile") {
- sources = [ "edm.xml" ]
+ sources = [ "1601.json" ]
part_name = "enterprise_device_management"
}
diff --git a/services/edm/BUILD.gn b/services/edm/BUILD.gn
index c25c95b4735e4e3b0cee49ae1a1238c87204423a..f3df32cb94e0e415551fb51e1307ec4ab7c7733d 100644
--- a/services/edm/BUILD.gn
+++ b/services/edm/BUILD.gn
@@ -61,6 +61,7 @@ ohos_shared_library("edmservice") {
"bundle_framework:appexecfwk_core",
"c_utils:utils",
"common_event_service:cesfwk_innerkits",
+ "init:libbegetutil",
"ipc:ipc_core",
"os_account:os_account_innerkits",
"safwk:system_ability_fwk",
diff --git a/services/edm/include/admin_manager.h b/services/edm/include/admin_manager.h
index 662e464bc1f12b3f97ce5d76b6a84e29bc182a21..68a1cd5f8b9df72a5f54025d1ae89953add385e4 100644
--- a/services/edm/include/admin_manager.h
+++ b/services/edm/include/admin_manager.h
@@ -41,6 +41,7 @@ public:
ErrCode GetGrantedPermission(AppExecFwk::ExtensionAbilityInfo &abilityInfo, std::vector &permissions,
AdminType type);
bool IsSuperAdminExist();
+ bool IsAdminExist();
bool IsSuperAdmin(const std::string &bundleName);
void GetEnabledAdmin(AdminType role, std::vector &packageNameList, int32_t userId);
void Init();
diff --git a/services/edm/src/admin_manager.cpp b/services/edm/src/admin_manager.cpp
index f0eed302cd57fa2d4705d8d71ae3f411a4eab77b..1afab1a09c44fbf99cf5e1c53c464bb24b4bd114 100644
--- a/services/edm/src/admin_manager.cpp
+++ b/services/edm/src/admin_manager.cpp
@@ -241,6 +241,11 @@ bool AdminManager::IsSuperAdminExist()
[](const std::shared_ptr &admin) { return admin->adminInfo_.adminType_ == AdminType::ENT; });
}
+bool AdminManager::IsAdminExist()
+{
+ return !admins_.empty();
+}
+
bool AdminManager::IsSuperAdmin(const std::string &bundleName)
{
std::shared_ptr superAdmin;
diff --git a/services/edm/src/enterprise_device_mgr_ability.cpp b/services/edm/src/enterprise_device_mgr_ability.cpp
index e8bf60798d70ab9110a6e9a3d1d6b64934344ac3..dd106992fd5319d4355b683ab9643fbe1fa5c437 100644
--- a/services/edm/src/enterprise_device_mgr_ability.cpp
+++ b/services/edm/src/enterprise_device_mgr_ability.cpp
@@ -36,6 +36,7 @@
#include "enterprise_conn_manager.h"
#include "matching_skills.h"
#include "os_account_manager.h"
+#include "parameter.h"
namespace OHOS {
namespace EDM {
@@ -227,6 +228,7 @@ int32_t EnterpriseDeviceMgrAbility::Dump(int32_t fd, const std::vector autoLock(mutexLock_);
EDMLOGD("EnterpriseDeviceMgrAbility::OnStart() Publish");
if (!registerToService_) {
if (!Publish(this)) {
@@ -505,6 +507,7 @@ ErrCode EnterpriseDeviceMgrAbility::EnableAdmin(AppExecFwk::ElementName &admin,
EDMLOGE("EnableAdmin: SetAdminValue failed.");
return EdmReturnErrCode::ENABLE_ADMIN_FAILED;
}
+ SetParameter("persist.edm.edm_enable", "true");
EDMLOGI("EnableAdmin: SetAdminValue success %{public}s, type:%{public}d", admin.GetBundleName().c_str(),
static_cast(type));
AAFwk::Want connectWant;
@@ -616,6 +619,9 @@ ErrCode EnterpriseDeviceMgrAbility::DisableAdmin(AppExecFwk::ElementName &admin,
EDMLOGW("DisableAdmin: disable admin failed.");
return EdmReturnErrCode::DISABLE_ADMIN_FAILED;
}
+ if (!adminMgr_->IsAdminExist()) {
+ SetParameter("persist.edm.edm_enable", "false");
+ }
AAFwk::Want want;
want.SetElementName(admin.GetBundleName(), admin.GetAbilityName());
std::shared_ptr manager = DelayedSingleton::GetInstance();
@@ -679,6 +685,9 @@ ErrCode EnterpriseDeviceMgrAbility::DisableSuperAdmin(std::string &bundleName)
}
policyMgr_ = GetAndSwitchPolicyManagerByUserId(DEFAULT_USER_ID);
}
+ if (!adminMgr_->IsAdminExist()) {
+ SetParameter("persist.edm.edm_enable", "false");
+ }
AAFwk::Want want;
want.SetElementName(admin->adminInfo_.packageName_, admin->adminInfo_.className_);
std::shared_ptr manager = DelayedSingleton::GetInstance();