/** Delete the user specified by UserIndex in user profile database. @param[in] UserIndex The index of user in the user name list to be deleted. **/ VOID DeleteUser ( IN UINT8 UserIndex ) { EFI_STATUS Status; EFI_USER_PROFILE_HANDLE User; EFI_INPUT_KEY Key; EFI_USER_INFO_HANDLE UserInfo; EFI_USER_INFO *Info; UINTN InfoSize; // // Find specified user profile and delete it. // User = NULL; Status = mUserManager->GetNext (mUserManager, &User); if (EFI_ERROR (Status)) { goto Done; } while (UserIndex > 1) { Status = mUserManager->GetNext (mUserManager, &User); if (EFI_ERROR (Status)) { goto Done; } UserIndex--; } if (UserIndex == 1) { // // Get the identification policy. // Status = FindInfoByType (User, EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo); if (EFI_ERROR (Status)) { goto Done; } InfoSize = 0; Info = NULL; Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info, &InfoSize); if (Status == EFI_BUFFER_TOO_SMALL) { Info = AllocateZeroPool (InfoSize); if (Info == NULL) { goto Done; } Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info, &InfoSize); } // // Delete the user on the credential providers by its identification policy. // ASSERT (Info != NULL); DeleteCredentialFromProviders ((UINT8 *)(Info + 1), Info->InfoSize - sizeof (EFI_USER_INFO), User); FreePool (Info); Status = mUserManager->Delete (mUserManager, User); if (EFI_ERROR (Status)) { goto Done; } CreatePopUp ( EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Delete User Succeed!", L"", L"Please Press Any Key to Continue ...", NULL ); return ; } Done: CreatePopUp ( EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"Delete User Failed!", L"", L"Please Press Any Key to Continue ...", NULL ); }
/** Collect all the access policy data to mUserInfo.AccessPolicy, and save it to user profile. **/ VOID SaveAccessPolicy ( VOID ) { EFI_STATUS Status; UINTN OffSet; UINTN Size; EFI_USER_INFO_ACCESS_CONTROL Control; EFI_USER_INFO_HANDLE UserInfo; EFI_USER_INFO *Info; if (mUserInfo.AccessPolicy != NULL) { FreePool (mUserInfo.AccessPolicy); } mUserInfo.AccessPolicy = NULL; mUserInfo.AccessPolicyLen = 0; mUserInfo.AccessPolicyModified = TRUE; OffSet = 0; // // Save access right. // Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL); if (mUserInfo.AccessPolicyLen - OffSet < Size) { ExpandMemory (OffSet, Size); } Control.Type = mAccessInfo.AccessRight; Control.Size = (UINT32) Size; CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control)); OffSet += sizeof (Control); // // Save access setup. // Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (EFI_GUID); if (mUserInfo.AccessPolicyLen - OffSet < Size) { ExpandMemory (OffSet, Size); } Control.Type = EFI_USER_INFO_ACCESS_SETUP; Control.Size = (UINT32) Size; CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control)); OffSet += sizeof (Control); if (mAccessInfo.AccessSetup == ACCESS_SETUP_NORMAL) { CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet), &gEfiUserInfoAccessSetupNormalGuid); } else if (mAccessInfo.AccessSetup == ACCESS_SETUP_RESTRICTED) { CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet), &gEfiUserInfoAccessSetupRestrictedGuid); } else if (mAccessInfo.AccessSetup == ACCESS_SETUP_ADMIN) { CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet), &gEfiUserInfoAccessSetupAdminGuid); } OffSet += sizeof (EFI_GUID); // // Save access of boot order. // Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (UINT32); if (mUserInfo.AccessPolicyLen - OffSet < Size) { ExpandMemory (OffSet, Size); } Control.Type = EFI_USER_INFO_ACCESS_BOOT_ORDER; Control.Size = (UINT32) Size; CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control)); OffSet += sizeof (Control); CopyMem ((UINT8 *) (mUserInfo.AccessPolicy + OffSet), &mAccessInfo.AccessBootOrder, sizeof (UINT32)); OffSet += sizeof (UINT32); // // Save permit load. // if (mAccessInfo.LoadPermitLen > 0) { Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.LoadPermitLen; if (mUserInfo.AccessPolicyLen - OffSet < Size) { ExpandMemory (OffSet, Size); } Control.Type = EFI_USER_INFO_ACCESS_PERMIT_LOAD; Control.Size = (UINT32) Size; CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control)); OffSet += sizeof (Control); CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadPermit, mAccessInfo.LoadPermitLen); OffSet += mAccessInfo.LoadPermitLen; } // // Save forbid load. // if (mAccessInfo.LoadForbidLen > 0) { Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.LoadForbidLen; if (mUserInfo.AccessPolicyLen - OffSet < Size) { ExpandMemory (OffSet, Size); } Control.Type = EFI_USER_INFO_ACCESS_FORBID_LOAD; Control.Size = (UINT32) Size; CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control)); OffSet += sizeof (Control); CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadForbid, mAccessInfo.LoadForbidLen); OffSet += mAccessInfo.LoadForbidLen; } // // Save permit connect. // if (mAccessInfo.ConnectPermitLen > 0) { Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.ConnectPermitLen; if (mUserInfo.AccessPolicyLen - OffSet < Size) { ExpandMemory (OffSet, Size); } Control.Type = EFI_USER_INFO_ACCESS_PERMIT_CONNECT; Control.Size = (UINT32) Size; CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control)); OffSet += sizeof (Control); CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectPermit, mAccessInfo.ConnectPermitLen); OffSet += mAccessInfo.ConnectPermitLen; } // // Save forbid connect. // if (mAccessInfo.ConnectForbidLen > 0) { Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.ConnectForbidLen; if (mUserInfo.AccessPolicyLen - OffSet < Size) { ExpandMemory (OffSet, Size); } Control.Type = EFI_USER_INFO_ACCESS_FORBID_CONNECT; Control.Size = (UINT32) Size; CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control)); OffSet += sizeof (Control); CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectForbid, mAccessInfo.ConnectForbidLen); OffSet += mAccessInfo.ConnectForbidLen; } mUserInfo.AccessPolicyLen = OffSet; // // Save access policy. // if (mUserInfo.AccessPolicyModified && (mUserInfo.AccessPolicyLen > 0) && (mUserInfo.AccessPolicy != NULL)) { Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + mUserInfo.AccessPolicyLen); if (Info == NULL) { return ; } Status = FindInfoByType (mModifyUser, EFI_USER_INFO_ACCESS_POLICY_RECORD, &UserInfo); if (!EFI_ERROR (Status)) { Info->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD; Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE; Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + mUserInfo.AccessPolicyLen); CopyMem ((UINT8 *) (Info + 1), mUserInfo.AccessPolicy, mUserInfo.AccessPolicyLen); Status = mUserManager->SetInfo ( mUserManager, mModifyUser, &UserInfo, Info, Info->InfoSize ); mUserInfo.AccessPolicyModified = FALSE; } FreePool (Info); } if (mAccessInfo.ConnectForbid != NULL) { FreePool (mAccessInfo.ConnectForbid); mAccessInfo.ConnectForbid = NULL; } if (mAccessInfo.ConnectPermit != NULL) { FreePool (mAccessInfo.ConnectPermit); mAccessInfo.ConnectPermit = NULL; } if (mAccessInfo.LoadForbid != NULL) { FreePool (mAccessInfo.LoadForbid); mAccessInfo.LoadForbid = NULL; } if (mAccessInfo.LoadPermit != NULL) { FreePool (mAccessInfo.LoadPermit); mAccessInfo.LoadPermit = NULL; } }
/** Save the identity policy and update UI with it. This funciton will verify the new identity policy, in current implementation, the identity policy can be: T, P & P & P & ..., P | P | P | ... Here, "T" means "True", "P" means "Credential Provider", "&" means "and", "|" means "or". Other identity policies are not supported. **/ VOID SaveIdentityPolicy ( VOID ) { EFI_STATUS Status; EFI_USER_INFO_HANDLE UserInfo; EFI_USER_INFO *Info; if (!mUserInfo.NewIdentityPolicyModified || (mUserInfo.NewIdentityPolicyLen == 0)) { return; } // // Check policy expression. // if (!CheckNewIdentityPolicy (mUserInfo.NewIdentityPolicy, mUserInfo.NewIdentityPolicyLen)) { return; } Status = FindInfoByType (mModifyUser, EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo); if (EFI_ERROR (Status)) { return ; } // // Update the informantion on credential provider. // Status = UpdateCredentialProvider (); if (EFI_ERROR (Status)) { return ; } // // Save new identification policy. // Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + mUserInfo.NewIdentityPolicyLen); ASSERT (Info != NULL); Info->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD; Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE; Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + mUserInfo.NewIdentityPolicyLen); CopyMem ((UINT8 *) (Info + 1), mUserInfo.NewIdentityPolicy, mUserInfo.NewIdentityPolicyLen); Status = mUserManager->SetInfo (mUserManager, mModifyUser, &UserInfo, Info, Info->InfoSize); FreePool (Info); // // Update the mUserInfo.IdentityPolicy by mUserInfo.NewIdentityPolicy // if (mUserInfo.IdentityPolicy != NULL) { FreePool (mUserInfo.IdentityPolicy); } mUserInfo.IdentityPolicy = mUserInfo.NewIdentityPolicy; mUserInfo.IdentityPolicyLen = mUserInfo.NewIdentityPolicyLen; mUserInfo.NewIdentityPolicy = NULL; mUserInfo.NewIdentityPolicyLen = 0; mUserInfo.NewIdentityPolicyModified = FALSE; // // Update identity policy choice. // ResolveIdentityPolicy (mUserInfo.IdentityPolicy, mUserInfo.IdentityPolicyLen, STRING_TOKEN (STR_IDENTIFY_POLICY_VAL)); }