diff --git a/frameworks/common/include/cert_parcel.h b/frameworks/common/include/cert_parcel.h index 8057352cf8c60295b352d8886d4ee8ed47b5a3e0..be3820d802b682f0dc797999911b5b4a56d8f46c 100644 --- a/frameworks/common/include/cert_parcel.h +++ b/frameworks/common/include/cert_parcel.h @@ -36,6 +36,7 @@ public: bool isNeedAdapter; std::string contactAccount; bool needCheckCustomProperty; + std::string realFileType; }; } // namespace DlpPermission } // namespace Security diff --git a/frameworks/common/include/dlp_permission.h b/frameworks/common/include/dlp_permission.h index 0275892240668b078b80bc6a2814f0563b520a8c..fb46201a4f8174dbac7ee965d17456ad74c75f7d 100644 --- a/frameworks/common/include/dlp_permission.h +++ b/frameworks/common/include/dlp_permission.h @@ -93,6 +93,7 @@ enum DLPErrCode : int32_t { DLP_CREDENTIAL_ERROR_TIME_EXPIRED = -312, DLP_CREDENTIAL_ERROR_NO_INTERNET = -313, DLP_CREDENTIAL_ERROR_VALUE_INVALID = -314, + DLP_CREDENTIAL_ERROR_SET_ENTERPRISE_POLICY_FAIL = -315, DLP_CALLBACK_EXCEEDED_MAXNUM_REGISTRATION_LIMIT_ERROR = -401, DLP_CALLBACK_PARAM_INVALID = -402, diff --git a/frameworks/common/include/permission_policy.h b/frameworks/common/include/permission_policy.h index 7e808dda91a910caa21a52f59c0f691e8c07c7c3..10d366ac405ceaf4e30225881f9da24b88ffafbe 100644 --- a/frameworks/common/include/permission_policy.h +++ b/frameworks/common/include/permission_policy.h @@ -90,6 +90,10 @@ struct CustomProperty { std::string enterprise = ""; }; +struct EnterprisePolicy { + std::string policyString = ""; +}; + struct DlpProperty { std::string ownerAccount; std::string ownerAccountId; diff --git a/frameworks/common/src/cert_parcel.cpp b/frameworks/common/src/cert_parcel.cpp index 8714b4b69ca174e12965a2a0d9f18be908ebce5f..93ed186795e6b8ffac1852f4565161f47a5063cd 100644 --- a/frameworks/common/src/cert_parcel.cpp +++ b/frameworks/common/src/cert_parcel.cpp @@ -52,6 +52,10 @@ bool CertParcel::Marshalling(Parcel& data) const DLP_LOG_ERROR(LABEL, "Write bool needCheckCustomProperty fail"); return false; } + if (!data.WriteString(this->realFileType)) { + DLP_LOG_ERROR(LABEL, "Write string realFileType fail"); + return false; + } return true; } @@ -88,6 +92,10 @@ CertParcel* CertParcel::Unmarshalling(Parcel& data) DLP_LOG_ERROR(LABEL, "Read needCheckCustomProperty fail"); return FreeCertParcel(parcel); } + if (!data.ReadString(parcel->realFileType)) { + DLP_LOG_ERROR(LABEL, "Read realFileType fail"); + return FreeCertParcel(parcel); + } return parcel; } } // namespace DlpPermission diff --git a/interfaces/inner_api/dlp_parse/include/dlp_file.h b/interfaces/inner_api/dlp_parse/include/dlp_file.h index 651d06c177df7695d3fb003bb60b5ee3472f251a..e68300d9170f756c175be88441d06f1bde1967d5 100644 --- a/interfaces/inner_api/dlp_parse/include/dlp_file.h +++ b/interfaces/inner_api/dlp_parse/include/dlp_file.h @@ -197,6 +197,11 @@ public: return authPerm_; }; + void GetRealType(std::string& realType) const + { + realType = realType_; + }; + int32_t dlpFd_; friend class DlpRawFile; friend class DlpZipFile; diff --git a/interfaces/inner_api/dlp_parse/src/dlp_file_manager.cpp b/interfaces/inner_api/dlp_parse/src/dlp_file_manager.cpp index 47a9f40f6532af368f274cc1f020f17bfdccd1fb..2c8a6d0a4d32c67c436db661e295dbdbd36eee1f 100755 --- a/interfaces/inner_api/dlp_parse/src/dlp_file_manager.cpp +++ b/interfaces/inner_api/dlp_parse/src/dlp_file_manager.cpp @@ -576,6 +576,7 @@ int32_t DlpFileManager::OpenRawDlpFile(int32_t dlpFileFd, std::shared_ptrGetContactAccount(certParcel->contactAccount); certParcel->isNeedAdapter = filePtr->NeedAdapter(); certParcel->needCheckCustomProperty = true; + filePtr->GetRealType(certParcel->realFileType); StartTrace(HITRACE_TAG_ACCESS_CONTROL, "DlpParseCertificate"); result = DlpPermissionKit::ParseDlpCertificate(certParcel, policy, appId, filePtr->GetOfflineAccess()); FinishTrace(HITRACE_TAG_ACCESS_CONTROL); @@ -616,6 +617,7 @@ int32_t DlpFileManager::ParseZipDlpFileAndAddNode(std::shared_ptr& file filePtr->GetContactAccount(certParcel->contactAccount); certParcel->isNeedAdapter = filePtr->NeedAdapter(); certParcel->needCheckCustomProperty = true; + filePtr->GetRealType(certParcel->realFileType); StartTrace(HITRACE_TAG_ACCESS_CONTROL, "DlpParseCertificate"); result = DlpPermissionKit::ParseDlpCertificate(certParcel, policy, appId, filePtr->GetOfflineAccess()); FinishTrace(HITRACE_TAG_ACCESS_CONTROL); diff --git a/interfaces/inner_api/dlp_parse/src/dlp_file_operator.cpp b/interfaces/inner_api/dlp_parse/src/dlp_file_operator.cpp index 48751054e3f3724a9747ed703a5b57b0b07e1767..ecdaee21f58c4f864f0c70035f53e3583f5e78fc 100644 --- a/interfaces/inner_api/dlp_parse/src/dlp_file_operator.cpp +++ b/interfaces/inner_api/dlp_parse/src/dlp_file_operator.cpp @@ -199,6 +199,7 @@ int32_t EnterpriseSpaceDlpPermissionKit::EnterpriseSpaceParseDlpFileProperty(std filePtr->GetContactAccount(certParcel->contactAccount); certParcel->isNeedAdapter = filePtr->NeedAdapter(); certParcel->needCheckCustomProperty = needCheckCustomProperty; + filePtr->GetRealType(certParcel->realFileType); result = DlpPermissionKit::ParseDlpCertificate(certParcel, policy, APPID, filePtr->GetOfflineAccess()); if (result != DLP_OK) { DLP_LOG_ERROR(LABEL, "Parse cert fail, errno=%{public}d", result); diff --git a/interfaces/inner_api/dlp_permission/IDlpPermissionService.idl b/interfaces/inner_api/dlp_permission/IDlpPermissionService.idl index 5f9a2024a0c6ea3d938dd2d53286551a8c45bc61..91511532574ec4080bf3ac3ef610e32ee472e989 100644 --- a/interfaces/inner_api/dlp_permission/IDlpPermissionService.idl +++ b/interfaces/inner_api/dlp_permission/IDlpPermissionService.idl @@ -68,4 +68,5 @@ interface OHOS.Security.DlpPermission.IDlpPermissionService { void SetMDMPolicy([in] String[] appIdList); void GetMDMPolicy([out] String[] appIdList); void RemoveMDMPolicy(); + void SetEnterprisePolicy([in] String policy); } \ No newline at end of file diff --git a/interfaces/inner_api/dlp_permission/include/dlp_permission_client.h b/interfaces/inner_api/dlp_permission/include/dlp_permission_client.h index c5a036aa74980a452558ac19cfbdf65e2770b3b6..7b33e86ada6a5bdbf01fe58429a57ee0db5fa612 100644 --- a/interfaces/inner_api/dlp_permission/include/dlp_permission_client.h +++ b/interfaces/inner_api/dlp_permission/include/dlp_permission_client.h @@ -73,6 +73,7 @@ public: void OnRemoteDiedHandle(); void CleanUpResource(); int32_t SetDlpFeature(uint32_t dlpFeatureInfo, bool& statusSetInfo); + int32_t SetEnterprisePolicy(const std::string& policy); private: DlpPermissionClient(); diff --git a/interfaces/inner_api/dlp_permission/include/dlp_permission_kit.h b/interfaces/inner_api/dlp_permission/include/dlp_permission_kit.h index 1dd9c53c60e6e26a37230eeede796d1b2ee0d540..cac5650c80f042b3a98426e8e2f5f7a319ffe6c8 100644 --- a/interfaces/inner_api/dlp_permission/include/dlp_permission_kit.h +++ b/interfaces/inner_api/dlp_permission/include/dlp_permission_kit.h @@ -97,6 +97,7 @@ public: static int32_t IsDLPFeatureProvided(bool& isProvideDLPFeature); static int32_t SetReadFlag(uint32_t uid); static int32_t SetDlpFeature(uint32_t dlpFeatureInfo, bool& statusSetInfo); + static int32_t SetEnterprisePolicy(const std::string& policy); }; } // namespace DlpPermission } // namespace Security diff --git a/interfaces/inner_api/dlp_permission/src/dlp_permission_client.cpp b/interfaces/inner_api/dlp_permission/src/dlp_permission_client.cpp index e92cef6b66880ce37ea19ed10ad04f42b24859d9..fba6ebfa58e5ba938aa83d0d6230dbb5e0fd1983 100644 --- a/interfaces/inner_api/dlp_permission/src/dlp_permission_client.cpp +++ b/interfaces/inner_api/dlp_permission/src/dlp_permission_client.cpp @@ -636,6 +636,16 @@ int32_t DlpPermissionClient::SetDlpFeature(uint32_t dlpFeatureInfo, bool& status return proxy->SetDlpFeature(dlpFeatureInfo, statusSetInfo); } +int32_t DlpPermissionClient::SetEnterprisePolicy(const std::string& policy) +{ + auto proxy = GetProxy(true); + if (proxy == nullptr) { + DLP_LOG_ERROR(LABEL, "Proxy is null"); + return DLP_CALLBACK_SA_WORK_ABNORMAL; + } + return proxy->SetEnterprisePolicy(policy); +} + void DlpPermissionClient::GetDlpPermissionSa() { auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); diff --git a/interfaces/inner_api/dlp_permission/src/dlp_permission_kit.cpp b/interfaces/inner_api/dlp_permission/src/dlp_permission_kit.cpp index a74f30dff93c3e190fada3ff4827edb00c986235..19993e25cb6c36425d706f90003dc24ebe002eb4 100644 --- a/interfaces/inner_api/dlp_permission/src/dlp_permission_kit.cpp +++ b/interfaces/inner_api/dlp_permission/src/dlp_permission_kit.cpp @@ -256,6 +256,11 @@ int32_t DlpPermissionKit::SetDlpFeature(uint32_t dlpFeatureInfo, bool& statusSet DlpPermissionClient::GetInstance().CleanUpResource(); return res; } + +int32_t DlpPermissionKit::SetEnterprisePolicy(const std::string& policy) +{ + return DlpPermissionClient::GetInstance().SetEnterprisePolicy(policy); +} } // namespace DlpPermission } // namespace Security } // namespace OHOS diff --git a/interfaces/inner_api/dlp_permission/test/unittest/src/dlp_permission_client_test.cpp b/interfaces/inner_api/dlp_permission/test/unittest/src/dlp_permission_client_test.cpp index ae4a6fb6ad4eeb3f5e74c59c991684c5909134f5..1b7cfbeec4c234328825a3d3ce140c65d69bf768 100644 --- a/interfaces/inner_api/dlp_permission/test/unittest/src/dlp_permission_client_test.cpp +++ b/interfaces/inner_api/dlp_permission/test/unittest/src/dlp_permission_client_test.cpp @@ -179,4 +179,18 @@ HWTEST_F(DlpPermissionClientTest, SetDlpFeature002, TestSize.Level0) bool statusSetInfo; int32_t ret = DlpPermissionClient::GetInstance().SetDlpFeature(dlpFeatureInfo, statusSetInfo); ASSERT_TRUE(ret != DLP_CALLBACK_SA_WORK_ABNORMAL); +} + +/* * + * @tc.name: SetEnterprisePolicy001 + * @tc.desc: SetEnterprisePolicy. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(DlpPermissionClientTest, SetEnterprisePolicy001, TestSize.Level0) +{ + DLP_LOG_DEBUG(LABEL, "SetEnterprisePolicy001"); + std::string policy = "policy"; + int32_t ret = DlpPermissionClient::GetInstance().SetEnterprisePolicy(policy); + ASSERT_TRUE(ret != DLP_CALLBACK_SA_WORK_ABNORMAL); } \ No newline at end of file diff --git a/interfaces/inner_api/dlp_permission/test/unittest/src/dlp_permission_kit_test.cpp b/interfaces/inner_api/dlp_permission/test/unittest/src/dlp_permission_kit_test.cpp index f8134656b623ae134b2b76bebf2085d907e97158..756213ca39bcfd24a69f2c25ce68fe464a0f51c3 100644 --- a/interfaces/inner_api/dlp_permission/test/unittest/src/dlp_permission_kit_test.cpp +++ b/interfaces/inner_api/dlp_permission/test/unittest/src/dlp_permission_kit_test.cpp @@ -1550,6 +1550,20 @@ HWTEST_F(DlpPermissionKitTest, SetDlpFeature002, TestSize.Level0) int32_t ret = DlpPermissionKit::SetDlpFeature(dlpFeatureInfo, statusSetInfo); ASSERT_TRUE(ret != DLP_CALLBACK_SA_WORK_ABNORMAL); } + +/* * + * @tc.name: SetEnterprisePolicy001 + * @tc.desc: SetEnterprisePolicy. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(DlpPermissionKitTest, SetEnterprisePolicy001, TestSize.Level0) +{ + DLP_LOG_DEBUG(LABEL, "SetEnterprisePolicy001"); + std::string policy = "policy"; + int32_t ret = DlpPermissionKit::SetEnterprisePolicy(policy); + ASSERT_TRUE(ret != DLP_CALLBACK_SA_WORK_ABNORMAL); +} } // namespace DlpPermission } // namespace Security } // namespace OHOS diff --git a/interfaces/kits/dlp_permission/napi/include/napi_dlp_permission.h b/interfaces/kits/dlp_permission/napi/include/napi_dlp_permission.h index 434d1e4c2da54916484fbfb4ad049af635aa7c5d..9c06851738ad5239866a552d983b33f7d9dce44e 100644 --- a/interfaces/kits/dlp_permission/napi/include/napi_dlp_permission.h +++ b/interfaces/kits/dlp_permission/napi/include/napi_dlp_permission.h @@ -158,6 +158,8 @@ private: static napi_value QueryDlpPolicy(napi_env env, napi_callback_info cbInfo); static void QueryDlpPolicyExcute(napi_env env, void* data); static void QueryDlpPolicyComplete(napi_env env, napi_status status, void* data); + + static napi_value SetEnterprisePolicy(napi_env env, napi_callback_info cbInfo); }; } // namespace DlpPermission } // namespace Security diff --git a/interfaces/kits/dlp_permission/napi/src/napi_dlp_permission.cpp b/interfaces/kits/dlp_permission/napi/src/napi_dlp_permission.cpp index ef58e6de833aad94049cd7001c6ad6c7eb8f3cfa..1842b54f26aa69304846bb67246c8c3de0a0800e 100644 --- a/interfaces/kits/dlp_permission/napi/src/napi_dlp_permission.cpp +++ b/interfaces/kits/dlp_permission/napi/src/napi_dlp_permission.cpp @@ -2070,6 +2070,30 @@ void NapiDlpPermission::QueryDlpPolicyComplete(napi_env env, napi_status status, ProcessCallbackOrPromise(env, asyncContext, resJs); } +napi_value NapiDlpPermission::SetEnterprisePolicy(napi_env env, napi_callback_info cbInfo) +{ + DLP_LOG_INFO(LABEL, "Enter SetEnterprisePolicy."); + if (!CheckPermission(env, PERMISSION_ENTERPRISE_ACCESS_DLP_FILE)) { + return nullptr; + } + auto* asyncContext = new (std::nothrow) SetEnterprisePolicyContext(env); + if (asyncContext == nullptr) { + DLP_LOG_ERROR(LABEL, "asyncContext is nullptr."); + return nullptr; + } + std::unique_ptr asyncContextPtr { asyncContext }; + + if (!GetSetEnterprisePolicyParams(env, cbInfo, *asyncContext)) { + return nullptr; + } + asyncContext->errCode = DlpPermissionKit::SetEnterprisePolicy(asyncContext->policy.policyString); + if (asyncContext->errCode != DLP_OK) { + DlpNapiThrow(env, asyncContext->errCode, GetJsErrMsg(asyncContext->errCode)); + } + asyncContextPtr.release(); + return nullptr; +} + void NapiDlpPermission::InitFunction(napi_env env, napi_value exports) { napi_property_descriptor desc[] = { @@ -2101,6 +2125,8 @@ void NapiDlpPermission::InitFunction(napi_env env, napi_value exports) DECLARE_NAPI_FUNCTION("generateDlpFileForEnterprise", GenerateDlpFileForEnterprise), DECLARE_NAPI_FUNCTION("decryptDlpFile", DecryptDlpFile), DECLARE_NAPI_FUNCTION("queryDlpPolicy", QueryDlpPolicy), + + DECLARE_NAPI_FUNCTION("setEnterprisePolicy", SetEnterprisePolicy), }; NAPI_CALL_RETURN_VOID(env, napi_define_properties(env, exports, sizeof(desc) / sizeof(desc[PARAM0]), desc)); } diff --git a/interfaces/kits/napi_common/include/napi_common.h b/interfaces/kits/napi_common/include/napi_common.h index 7aa00aa7540bbbb77acf68ce161db47ea5a4469d..e4ee8c0d6b69006eee10a42c780b405ea5be8bc0 100644 --- a/interfaces/kits/napi_common/include/napi_common.h +++ b/interfaces/kits/napi_common/include/napi_common.h @@ -257,6 +257,11 @@ struct UIExtensionRequestContext : public CommonAsyncContext { OHOS::AAFwk::Want requestWant; }; +struct SetEnterprisePolicyContext : public CommonAsyncContext { + explicit SetEnterprisePolicyContext(napi_env env) : CommonAsyncContext(env) {}; + EnterprisePolicy policy; +}; + class UIExtensionCallback { public: explicit UIExtensionCallback(std::shared_ptr& reqContext); @@ -316,6 +321,9 @@ bool GetDecryptDlpFileParam( bool GetQueryDlpPolicyParam( const napi_env env, const napi_callback_info info, QueryDlpPolicyAsyncContext& asyncContext); +bool GetSetEnterprisePolicyParams( + const napi_env env, const napi_callback_info info, SetEnterprisePolicyContext& asyncContext); + bool FillDlpSandboxChangeInfo(const napi_env env, const napi_value* argv, const std::string& type, const napi_value thisVar, RegisterDlpSandboxChangeInfo& registerSandboxChangeInfo); bool ParseInputToRegister(const napi_env env, const napi_callback_info cbInfo, diff --git a/interfaces/kits/napi_common/include/napi_error_msg.h b/interfaces/kits/napi_common/include/napi_error_msg.h index 2b961da310d3f02f4a49a69e200fa78b0650806c..cf035cdf6fde22db366c7adf4dd2d803619fedd0 100644 --- a/interfaces/kits/napi_common/include/napi_error_msg.h +++ b/interfaces/kits/napi_common/include/napi_error_msg.h @@ -47,6 +47,7 @@ enum JsErrorCode : int32_t { ERR_JS_APPLICATION_NOT_AUTHORIZED = 19100018, ERR_JS_DLP_FILE_EXPIRE_TIME = 19100019, ERR_JS_DLP_CREDENTIAL_NO_INTERNET_ERROR = 19100020, + ERR_JS_DLP_SET_ENTERPRISE_POLICY_FAIL = 19100021, }; std::string GetJsErrMsg(int32_t errNo); diff --git a/interfaces/kits/napi_common/src/napi_common.cpp b/interfaces/kits/napi_common/src/napi_common.cpp index f6129ef7d255c67bfd1386497d2d35bf0bd23cad..36c302b270d54df4635fc0375de35bdede7c0429 100644 --- a/interfaces/kits/napi_common/src/napi_common.cpp +++ b/interfaces/kits/napi_common/src/napi_common.cpp @@ -1261,6 +1261,25 @@ bool GetCustomProperty(napi_env env, napi_value jsObject, CustomProperty& custom return true; } +bool GetSetEnterprisePolicyParams( + const napi_env env, const napi_callback_info info, SetEnterprisePolicyContext& asyncContext) +{ + size_t argc = PARAM_SIZE_ONE; + napi_value argv[PARAM_SIZE_ONE] = {nullptr}; + NAPI_CALL_BASE(env, napi_get_cb_info(env, info, &argc, argv, nullptr, nullptr), false); + + if (!NapiCheckArgc(env, argc, PARAM_SIZE_ONE)) { + return false; + } + + if (!GetStringValue(env, argv[PARAM0], asyncContext.policy.policyString)) { + DLP_LOG_ERROR(LABEL, "js get enterprise policy fail"); + DlpNapiThrow(env, ERR_JS_INVALID_PARAMETER, "Invalid parameter value."); + return false; + } + return true; +} + napi_value RetentionSandboxInfoToJs(napi_env env, const std::vector& infoVec) { napi_value vectorJs = nullptr; diff --git a/interfaces/kits/napi_common/src/napi_error_msg.cpp b/interfaces/kits/napi_common/src/napi_error_msg.cpp index f12d50e46342e55a7b6465877759df983eea70cd..61088f65ea0068a86b890f34b17158f7e6f0800e 100644 --- a/interfaces/kits/napi_common/src/napi_error_msg.cpp +++ b/interfaces/kits/napi_common/src/napi_error_msg.cpp @@ -49,6 +49,7 @@ static const std::unordered_map JS_ERROR_MSG_MAP = { { ERR_JS_DLP_CREDENTIAL_NO_INTERNET_ERROR, "DLP credential need internet, please check your connection" }, { ERR_JS_URI_NOT_EXIST, "The uri field is missing in the want parameter." }, { ERR_JS_PARAM_DISPLAY_NAME_NOT_EXIST, "The displayName field is missing in the want parameter." }, + { ERR_JS_DLP_SET_ENTERPRISE_POLICY_FAIL, "Failed to set the enterprise policy." }, }; static const std::unordered_map NATIVE_CODE_TO_JS_CODE_MAP = { @@ -139,6 +140,7 @@ static const std::unordered_map NATIVE_CODE_TO_JS_CODE_MAP = { { DLP_COMMON_CHECK_KVSTORE_ERROR, ERR_JS_SYSTEM_SERVICE_EXCEPTION }, { DLP_COMMON_DELETE_KEY_FROM_KVSTORE_ERROR, ERR_JS_SYSTEM_SERVICE_EXCEPTION }, { DLP_CREDENTIAL_ERROR_VALUE_INVALID, ERR_JS_SYSTEM_SERVICE_EXCEPTION }, + { DLP_CALLBACK_SA_WORK_ABNORMAL, ERR_JS_SYSTEM_SERVICE_EXCEPTION }, // ERR_JS_OUT_OF_MEMORY { DLP_SERVICE_ERROR_MEMORY_OPERATE_FAIL, ERR_JS_OUT_OF_MEMORY }, @@ -159,6 +161,9 @@ static const std::unordered_map NATIVE_CODE_TO_JS_CODE_MAP = { // ERR_JS_SYSTEM_NEED_TO_BE_UPGRADED { DLP_PARSE_ERROR_NOT_SUPPORT_FILE_TYPE, ERR_JS_SYSTEM_NEED_TO_BE_UPGRADED }, + + // ERR_JS_DLP_SET_ENTERPRISE_POLICY_FAIL + { DLP_CREDENTIAL_ERROR_SET_ENTERPRISE_POLICY_FAIL, ERR_JS_DLP_SET_ENTERPRISE_POLICY_FAIL }, }; std::string GetJsErrMsg(int32_t jsErrCode) diff --git a/services/dlp_permission/sa/mock/dlp_credential_client_defines.h b/services/dlp_permission/sa/mock/dlp_credential_client_defines.h index 74c470e1c99b8a9939225ba891b947e3eb1421ff..6fea62b2168015dbe163f2b5f5da12f674d55796 100644 --- a/services/dlp_permission/sa/mock/dlp_credential_client_defines.h +++ b/services/dlp_permission/sa/mock/dlp_credential_client_defines.h @@ -65,6 +65,7 @@ typedef struct { typedef struct { char *featureName; + char *realType; uint8_t *data; uint32_t dataLen; EncAndDecOptions options; diff --git a/services/dlp_permission/sa/mock/dlp_credential_service.c b/services/dlp_permission/sa/mock/dlp_credential_service.c index 38960894248e2d6be5f914beb557637282758d18..54c0f40cbe8c170fd7fccbaba694e74de3f32adf 100644 --- a/services/dlp_permission/sa/mock/dlp_credential_service.c +++ b/services/dlp_permission/sa/mock/dlp_credential_service.c @@ -419,6 +419,11 @@ int32_t DLP_RemovePolicy(PolicyType type) } int32_t DLP_CheckPermission(PolicyType type, PolicyHandle handle) +{ + return DLP_SUCCESS; +} + +int32_t DLP_SetEnterprisePolicy(uint8_t *policy, uint32_t policyLen) { return DLP_SUCCESS; } \ No newline at end of file diff --git a/services/dlp_permission/sa/mock/dlp_policy_mgr_client.h b/services/dlp_permission/sa/mock/dlp_policy_mgr_client.h index bcd5ccb72d805e6ee69847ca99a9b3304cc4e732..47b2b14ad1f0512f2ff8f22c00ee4bea7ff3f7e9 100644 --- a/services/dlp_permission/sa/mock/dlp_policy_mgr_client.h +++ b/services/dlp_permission/sa/mock/dlp_policy_mgr_client.h @@ -32,6 +32,8 @@ __attribute__ ((visibility("default"))) int32_t DLP_GetPolicy(PolicyType type, u __attribute__ ((visibility("default"))) int32_t DLP_CheckPermission(PolicyType type, PolicyHandle handle); +__attribute__ ((visibility("default"))) int32_t DLP_SetEnterprisePolicy(uint8_t *policy, uint32_t policyLen); + bool ModifyParseData(uint8_t** data, uint32_t* dataLen); #ifdef __cplusplus } diff --git a/services/dlp_permission/sa/sa_main/dlp_credential.cpp b/services/dlp_permission/sa/sa_main/dlp_credential.cpp index f93dc4e4b8e813bd90562a1f7ff24e12bc06bc1e..343d521ad6a133f618694e64a5027444411ee865 100644 --- a/services/dlp_permission/sa/sa_main/dlp_credential.cpp +++ b/services/dlp_permission/sa/sa_main/dlp_credential.cpp @@ -64,6 +64,7 @@ typedef int32_t (*DlpPackPolicyFunction)(uint32_t osAccountId, const DLP_PackPol DLP_PackPolicyCallback callback, uint64_t *requestId); typedef int32_t (*DlpRestorePolicyFunction)(uint32_t osAccountId, const DLP_EncPolicyData *params, DLP_RestorePolicyCallback callback, uint64_t *requestId); +typedef int32_t (*DlpSetEnterprisePolicyFunction)(uint8_t *policy, uint32_t policyLen); static void *g_dlpCredentialSdkHandle = nullptr; std::mutex g_lockDlpCredSdk; @@ -514,6 +515,10 @@ static void FreeDLPEncPolicyData(DLP_EncPolicyData& encPolicy) free(encPolicy.receiverAccountInfo.accountId); encPolicy.receiverAccountInfo.accountId = nullptr; } + if (encPolicy.realType != nullptr) { + free(encPolicy.realType); + encPolicy.realType = nullptr; + } } static int32_t GetLocalAccountName(std::string& account, const std::string& contactAccount, bool* isOwner) @@ -696,6 +701,7 @@ int32_t DlpCredential::ParseDlpCertificate(const sptr& certParcel, if (certParcel->isNeedAdapter) { AdapterData(certParcel->offlineCert, isOwner, jsonObj, encPolicy); } + encPolicy.realType = strdup(const_cast(certParcel->realFileType.c_str())); encPolicy.reserved[IS_NEED_CHECK_CUSTOM_PROPERTY] = static_cast(certParcel->needCheckCustomProperty); int32_t res = 0; { @@ -934,6 +940,28 @@ int32_t DlpCredential::CheckMdmPermission(const std::string& bundleName, int32_t } return res; } + +int32_t DlpCredential::SetEnterprisePolicy(const std::string& policy) +{ + uint32_t policyLen = strlen(policy.c_str()); +#ifdef SUPPORT_DLP_CREDENTIAL + DlpSetEnterprisePolicyFunction dlpSetEnterprisePolicyFunc = + reinterpret_cast(GetDlpCredSdkLibFunc("DLP_SetEnterprisePolicy")); + if (dlpSetEnterprisePolicyFunc == nullptr) { + DLP_LOG_ERROR(LABEL, "dlsym DLP_SetEnterprisePolicy error."); + DestroyDlpCredentialSdk(); + return DLP_SERVICE_ERROR_VALUE_INVALID; + } + int32_t res = (*dlpSetEnterprisePolicyFunc)(reinterpret_cast(strdup(policy.c_str())), policyLen); +#else + int32_t res = DLP_SetEnterprisePolicy(reinterpret_cast(strdup(policy.c_str())), policyLen); +#endif + if (res != DLP_OK) { + DLP_LOG_ERROR(LABEL, "SetEnterprisePolicy request fail, error: %{public}d", res); + return DLP_CREDENTIAL_ERROR_SET_ENTERPRISE_POLICY_FAIL; + } + return DLP_OK; +} } // namespace DlpPermission } // namespace Security } // namespace OHOS diff --git a/services/dlp_permission/sa/sa_main/dlp_credential.h b/services/dlp_permission/sa/sa_main/dlp_credential.h index de19423c2ae6caa32f739442451b2d130610872d..29a63aa254b67dbd0371e1d4caaa63be79eb02bd 100644 --- a/services/dlp_permission/sa/sa_main/dlp_credential.h +++ b/services/dlp_permission/sa/sa_main/dlp_credential.h @@ -46,6 +46,7 @@ public: int32_t GetMDMPolicy(std::vector& appIdList); int32_t RemoveMDMPolicy(); int32_t CheckMdmPermission(const std::string& bundleName, int32_t userId); + int32_t SetEnterprisePolicy(const std::string& policy); private: DlpCredential(); DISALLOW_COPY_AND_MOVE(DlpCredential); diff --git a/services/dlp_permission/sa/sa_main/dlp_permission_service.cpp b/services/dlp_permission/sa/sa_main/dlp_permission_service.cpp index 8adf5dbfbe2ea414fb5525b5605c344aa42e34ca..9f7901a8fca971a8e149ae1716f1e81ef014825d 100644 --- a/services/dlp_permission/sa/sa_main/dlp_permission_service.cpp +++ b/services/dlp_permission/sa/sa_main/dlp_permission_service.cpp @@ -1177,6 +1177,11 @@ int DlpPermissionService::Dump(int fd, const std::vector& args) return ERR_OK; } + +int DlpPermissionService::SetEnterprisePolicy(const std::string& policy) +{ + return DlpCredential::GetInstance().SetEnterprisePolicy(policy); +} } // namespace DlpPermission } // namespace Security } // namespace OHOS diff --git a/services/dlp_permission/sa/sa_main/dlp_permission_service.h b/services/dlp_permission/sa/sa_main/dlp_permission_service.h index 127015dede29b1a517e2726624d562e170bf02a4..8f03170059c05a608aa00fe4991093e8a4f4e77c 100644 --- a/services/dlp_permission/sa/sa_main/dlp_permission_service.h +++ b/services/dlp_permission/sa/sa_main/dlp_permission_service.h @@ -84,6 +84,7 @@ public: void StartTimer(); int Dump(int fd, const std::vector& args) override; int32_t SetDlpFeature(const uint32_t dlpFeatureInfo, bool& statusSetInfo) override; + int32_t SetEnterprisePolicy(const std::string& policy) override; private: bool InsertDlpSandboxInfo(DlpSandboxInfo& sandboxInfo, bool hasRetention); diff --git a/services/dlp_permission/sa/test/unittest/src/dlp_credential_test.cpp b/services/dlp_permission/sa/test/unittest/src/dlp_credential_test.cpp index 9d1b5c95d0c419850fdab854f6d8ad3f28c6a974..887313fde5e967943f36a984130aa440d9d9280f 100644 --- a/services/dlp_permission/sa/test/unittest/src/dlp_credential_test.cpp +++ b/services/dlp_permission/sa/test/unittest/src/dlp_credential_test.cpp @@ -247,6 +247,19 @@ HWTEST_F(DlpCredentialTest, CheckMdmPermission001, TestSize.Level1) int32_t ret = DlpCredential::GetInstance().CheckMdmPermission("testBundle", 101); ASSERT_EQ(DLP_SERVICE_ERROR_IPC_REQUEST_FAIL, ret); } + +/** + * @tc.name: SetEnterprisePolicy001 + * @tc.desc: SetEnterprisePolicy test + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(DlpCredentialTest, SetEnterprisePolicy001, TestSize.Level1) +{ + std::string policy = "policy"; + int32_t ret = DlpCredential::GetInstance().SetEnterprisePolicy(policy); + ASSERT_EQ(DLP_OK, ret); +} } // namespace DlpPermission } // namespace Security } // namespace OHOS diff --git a/services/dlp_permission/sa/test/unittest/src/dlp_permission_service_test.cpp b/services/dlp_permission/sa/test/unittest/src/dlp_permission_service_test.cpp index 34676c5726a2ddafdf661c5ea8e723b7501a43e4..448bef40c74fa50a74387615decac9515b10a245 100644 --- a/services/dlp_permission/sa/test/unittest/src/dlp_permission_service_test.cpp +++ b/services/dlp_permission/sa/test/unittest/src/dlp_permission_service_test.cpp @@ -1598,4 +1598,17 @@ HWTEST_F(DlpPermissionServiceTest, RemoveMDMPolicy, TestSize.Level1) { int32_t ret = dlpPermissionService_->RemoveMDMPolicy(); ASSERT_EQ(ret, DLP_SERVICE_ERROR_PERMISSION_DENY); +} + +/** + * @tc.name: SetEnterprisePolicy + * @tc.desc: SetEnterprisePolicy test + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(DlpPermissionServiceTest, SetEnterprisePolicy, TestSize.Level1) +{ + std::string policy = "policy"; + int32_t ret = dlpPermissionService_->SetEnterprisePolicy(policy); + ASSERT_TRUE(ret != DLP_CALLBACK_SA_WORK_ABNORMAL); } \ No newline at end of file