1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "accesstoken_kit_extension_test.h"
17 #include <thread>
18
19 #include "access_token.h"
20 #include "access_token_error.h"
21 #include "accesstoken_log.h"
22 #include "accesstoken_service_ipc_interface_code.h"
23 #include "hap_token_info.h"
24 #include "native_token_info_for_sync_parcel.h"
25 #include "nativetoken_kit.h"
26 #include "permission_grant_info.h"
27 #include "permission_state_change_info_parcel.h"
28 #include "string_ex.h"
29 #include "tokenid_kit.h"
30 #include "token_setproc.h"
31 #define private public
32 #include "accesstoken_manager_client.h"
33 #undef private
34
35 using namespace testing::ext;
36
37 namespace OHOS {
38 namespace Security {
39 namespace AccessToken {
40 namespace {
41 static const int MAX_PERMISSION_SIZE = 1000;
42 static constexpr int32_t DEFAULT_API_VERSION = 8;
43 static constexpr int32_t TOKENID_NOT_EXIST = 123;
44 static const std::string TEST_BUNDLE_NAME = "ohos";
45 static const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA";
46 static const std::string TEST_PERMISSION_NAME_BETA = "ohos.permission.BETA";
47 static const int TEST_USER_ID = 0;
48 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE,
49 SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenKitExtensionTest"};
50
51 PermissionStateFull g_getPermissionReq = {
52 .permissionName = "ohos.permission.GET_SENSITIVE_PERMISSIONS",
53 .isGeneral = true,
54 .resDeviceID = {"device2"},
55 .grantStatus = {PermissionState::PERMISSION_GRANTED},
56 .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
57 };
58
59 PermissionStateFull g_revokePermissionReq = {
60 .permissionName = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS",
61 .isGeneral = true,
62 .resDeviceID = {"device2"},
63 .grantStatus = {PermissionState::PERMISSION_GRANTED},
64 .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
65 };
66
67 PermissionStateFull g_grantPermissionReq = {
68 .permissionName = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS",
69 .isGeneral = true,
70 .resDeviceID = {"device2"},
71 .grantStatus = {PermissionState::PERMISSION_GRANTED},
72 .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
73 };
74
75 PermissionDef g_infoManagerTestPermDef1 = {
76 .permissionName = "ohos.permission.test1",
77 .bundleName = "accesstoken_test",
78 .grantMode = 1,
79 .availableLevel = APL_NORMAL,
80 .label = "label2",
81 .labelId = 1,
82 .description = "open the door",
83 .descriptionId = 1
84 };
85
86 PermissionDef g_infoManagerTestPermDef2 = {
87 .permissionName = "ohos.permission.test2",
88 .bundleName = "accesstoken_test",
89 .grantMode = 1,
90 .availableLevel = APL_NORMAL,
91 .label = "label2",
92 .labelId = 1,
93 .description = "break the door",
94 .descriptionId = 1
95 };
96
97 PermissionDef g_infoManagerTestPermDef3 = {
98 .permissionName = "ohos.permission.GET_BUNDLE_INFO_TEST",
99 .bundleName = "accesstoken_test3",
100 .grantMode = 1,
101 .availableLevel = APL_NORMAL,
102 .label = "label3",
103 .labelId = 1,
104 .description = "break the door",
105 .descriptionId = 1
106 };
107
108 PermissionStateFull g_infoManagerTestState1 = {
109 .permissionName = "ohos.permission.test1",
110 .isGeneral = true,
111 .resDeviceID = {"local2"},
112 .grantStatus = {PermissionState::PERMISSION_GRANTED},
113 .grantFlags = {1}
114 };
115
116 PermissionStateFull g_infoManagerTestState2 = {
117 .permissionName = "ohos.permission.test2",
118 .isGeneral = false,
119 .resDeviceID = {"device 1", "device 2"},
120 .grantStatus = {PermissionState::PERMISSION_GRANTED, PermissionState::PERMISSION_GRANTED},
121 .grantFlags = {1, 2}
122 };
123
124 PermissionStateFull g_infoManagerTestState3 = {
125 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
126 .isGeneral = true,
127 .resDeviceID = {"local3"},
128 .grantStatus = {PermissionState::PERMISSION_GRANTED},
129 .grantFlags = {1}
130 };
131
132 HapInfoParams g_infoManagerTestInfoParms = {
133 .userID = 1,
134 .bundleName = "accesstoken_test",
135 .instIndex = 0,
136 .appIDDesc = "test2",
137 .apiVersion = DEFAULT_API_VERSION
138 };
139
140 HapPolicyParams g_infoManagerTestPolicyPrams = {
141 .apl = APL_NORMAL,
142 .domain = "test.domain2",
143 .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2},
144 .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2}
145 };
146
147 HapInfoParams g_infoManagerTestInfoParmsBak = {
148 .userID = 1,
149 .bundleName = "accesstoken_test",
150 .instIndex = 0,
151 .appIDDesc = "test2",
152 .apiVersion = DEFAULT_API_VERSION
153 };
154
155 HapPolicyParams g_infoManagerTestPolicyPramsBak = {
156 .apl = APL_NORMAL,
157 .domain = "test.domain2",
158 .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2},
159 .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2}
160 };
161
162 HapInfoParams g_locationTestInfo = {
163 .userID = TEST_USER_ID,
164 .bundleName = "accesstoken_location_test",
165 .instIndex = 0,
166 .appIDDesc = "test2"
167 };
168
169 PermissionDef g_locationTestDefVague = {
170 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
171 .bundleName = "accesstoken_location_test",
172 .grantMode = GrantMode::USER_GRANT,
173 .availableLevel = APL_NORMAL,
174 .provisionEnable = false,
175 .distributedSceneEnable = true
176 };
177
178 PermissionDef g_locationTestDefAccurate = {
179 .permissionName = "ohos.permission.LOCATION",
180 .bundleName = "accesstoken_location_test",
181 .grantMode = GrantMode::USER_GRANT,
182 .availableLevel = APL_NORMAL,
183 .provisionEnable = true,
184 .distributedSceneEnable = true
185 };
186
187 PermissionDef g_locationTestDefSystemGrant = {
188 .permissionName = "ohos.permission.locationtest1",
189 .bundleName = "accesstoken_location_test",
190 .grantMode = GrantMode::SYSTEM_GRANT,
191 .availableLevel = APL_NORMAL,
192 .provisionEnable = false,
193 .distributedSceneEnable = false
194 };
195
196 PermissionDef g_locationTestDefUserGrant = {
197 .permissionName = "ohos.permission.locationtest2",
198 .bundleName = "accesstoken_location_test",
199 .grantMode = GrantMode::USER_GRANT,
200 .availableLevel = APL_NORMAL,
201 .provisionEnable = false,
202 .distributedSceneEnable = false
203 };
204
205 PermissionStateFull g_locationTestStateSystemGrant = {
206 .permissionName = "ohos.permission.locationtest1",
207 .isGeneral = true,
208 .resDeviceID = {"device"},
209 .grantStatus = {PermissionState::PERMISSION_GRANTED},
210 .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
211 };
212
213 PermissionStateFull g_locationTestStateUserGrant = {
214 .permissionName = "ohos.permission.locationtest2",
215 .isGeneral = true,
216 .resDeviceID = {"device"},
217 .grantStatus = {PermissionState::PERMISSION_DENIED},
218 .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}
219 };
220
221 PermissionStateFull g_locationTestStateVague02 = {
222 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
223 .isGeneral = true,
224 .resDeviceID = {"device"},
225 .grantStatus = {PermissionState::PERMISSION_GRANTED},
226 .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED}
227 };
228
229 PermissionStateFull g_locationTestStateVague10 = {
230 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
231 .isGeneral = true,
232 .resDeviceID = {"device"},
233 .grantStatus = {PermissionState::PERMISSION_DENIED},
234 .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}
235 };
236
237 PermissionStateFull g_locationTestStateVague12 = {
238 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
239 .isGeneral = true,
240 .resDeviceID = {"device"},
241 .grantStatus = {PermissionState::PERMISSION_DENIED},
242 .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED}
243 };
244
245 PermissionStateFull g_locationTestStateAccurate02 = {
246 .permissionName = "ohos.permission.LOCATION",
247 .isGeneral = true,
248 .resDeviceID = {"device"},
249 .grantStatus = {PermissionState::PERMISSION_GRANTED},
250 .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED}
251 };
252
253 PermissionStateFull g_locationTestStateAccurate10 = {
254 .permissionName = "ohos.permission.LOCATION",
255 .isGeneral = true,
256 .resDeviceID = {"device"},
257 .grantStatus = {PermissionState::PERMISSION_DENIED},
258 .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}
259 };
260
261 HapInfoParams g_infoManagerTestNormalInfoParms = {
262 .userID = 1,
263 .bundleName = "accesstoken_test",
264 .instIndex = 0,
265 .appIDDesc = "test2",
266 .apiVersion = DEFAULT_API_VERSION,
267 .isSystemApp = false
268 };
269
270 HapInfoParams g_infoManagerTestSystemInfoParms = {
271 .userID = 1,
272 .bundleName = "accesstoken_test",
273 .instIndex = 0,
274 .appIDDesc = "test2",
275 .apiVersion = DEFAULT_API_VERSION,
276 .isSystemApp = true
277 };
278 uint64_t g_selfShellTokenId;
279 }
280
GetNativeToken()281 void GetNativeToken()
282 {
283 uint64_t tokenId;
284 const char **perms = new const char *[4];
285 perms[0] = "ohos.permission.DISTRIBUTED_DATASYNC";
286 perms[1] = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS";
287 perms[2] = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"; // 2 means the second permission
288 perms[3] = "ohos.permission.GET_SENSITIVE_PERMISSIONS"; // 3 means the third permission
289
290 NativeTokenInfoParams infoInstance = {
291 .dcapsNum = 0,
292 .permsNum = 4,
293 .aclsNum = 0,
294 .dcaps = nullptr,
295 .perms = perms,
296 .acls = nullptr,
297 .aplStr = "system_core",
298 };
299
300 infoInstance.processName = "TestCase";
301 tokenId = GetAccessTokenId(&infoInstance);
302 EXPECT_EQ(0, SetSelfTokenID(tokenId));
303 AccessTokenKit::ReloadNativeTokenInfo();
304 delete[] perms;
305 }
306
SetUpTestCase()307 void AccessTokenKitExtensionTest::SetUpTestCase()
308 {
309 g_selfShellTokenId = GetSelfTokenID();
310 // clean up test cases
311 AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
312 g_infoManagerTestInfoParms.bundleName,
313 g_infoManagerTestInfoParms.instIndex);
314 AccessTokenKit::DeleteToken(tokenId);
315
316 tokenId = AccessTokenKit::GetHapTokenID(g_infoManagerTestNormalInfoParms.userID,
317 g_infoManagerTestNormalInfoParms.bundleName,
318 g_infoManagerTestNormalInfoParms.instIndex);
319 AccessTokenKit::DeleteToken(tokenId);
320
321 tokenId = AccessTokenKit::GetHapTokenID(g_infoManagerTestSystemInfoParms.userID,
322 g_infoManagerTestSystemInfoParms.bundleName,
323 g_infoManagerTestSystemInfoParms.instIndex);
324 AccessTokenKit::DeleteToken(tokenId);
325
326 tokenId = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
327 AccessTokenKit::DeleteToken(tokenId);
328
329 GetNativeToken();
330 }
331
TearDownTestCase()332 void AccessTokenKitExtensionTest::TearDownTestCase()
333 {
334 }
335
PreparePermStateListExt(HapPolicyParams & policy)336 void PreparePermStateListExt(HapPolicyParams &policy)
337 {
338 PermissionStateFull permStatAlpha = {
339 .permissionName = TEST_PERMISSION_NAME_ALPHA,
340 .isGeneral = true,
341 .resDeviceID = {"device"},
342 .grantStatus = {PermissionState::PERMISSION_DENIED},
343 .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
344 };
345
346 PermissionStateFull permStatBeta = {
347 .permissionName = TEST_PERMISSION_NAME_BETA,
348 .isGeneral = true,
349 .resDeviceID = {"device"},
350 .grantStatus = {PermissionState::PERMISSION_GRANTED},
351 .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
352 };
353
354 PermissionStateFull permTestState5 = {
355 .permissionName = "ohos.permission.GET_SENSITIVE_PERMISSIONS",
356 .isGeneral = true,
357 .resDeviceID = {"local"},
358 .grantStatus = {PermissionState::PERMISSION_GRANTED},
359 .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
360 };
361
362 PermissionStateFull permTestState6 = {
363 .permissionName = "ohos.permission.DISABLE_PERMISSION_DIALOG",
364 .isGeneral = true,
365 .resDeviceID = {"local"},
366 .grantStatus = {PermissionState::PERMISSION_GRANTED},
367 .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
368 };
369 policy.permStateList.emplace_back(permStatAlpha);
370 policy.permStateList.emplace_back(permStatBeta);
371 policy.permStateList.emplace_back(permTestState5);
372 policy.permStateList.emplace_back(permTestState6);
373 }
374
PreparePermStateList(HapPolicyParams & policy)375 void PreparePermStateList(HapPolicyParams &policy)
376 {
377 PermissionStateFull permTestState1 = {
378 .permissionName = "ohos.permission.testPermDef1",
379 .isGeneral = true,
380 .resDeviceID = {"local"},
381 .grantStatus = {PermissionState::PERMISSION_DENIED},
382 .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG},
383 };
384
385 PermissionStateFull permTestState2 = {
386 .permissionName = "ohos.permission.testPermDef2",
387 .isGeneral = true,
388 .resDeviceID = {"local"},
389 .grantStatus = {PermissionState::PERMISSION_DENIED},
390 .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
391 };
392
393 PermissionStateFull permTestState3 = {
394 .permissionName = "ohos.permission.testPermDef3",
395 .isGeneral = true,
396 .resDeviceID = {"local"},
397 .grantStatus = {PermissionState::PERMISSION_DENIED},
398 .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED}
399 };
400
401 PermissionStateFull permTestState4 = {
402 .permissionName = "ohos.permission.testPermDef4",
403 .isGeneral = true,
404 .resDeviceID = {"local"},
405 .grantStatus = {PermissionState::PERMISSION_GRANTED},
406 .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
407 };
408 policy.permStateList.emplace_back(permTestState1);
409 policy.permStateList.emplace_back(permTestState2);
410 policy.permStateList.emplace_back(permTestState3);
411 policy.permStateList.emplace_back(permTestState4);
412 PreparePermStateListExt(policy);
413 }
414
PreparePermDefList(HapPolicyParams & policy)415 void PreparePermDefList(HapPolicyParams &policy)
416 {
417 PermissionDef permissionDefAlpha;
418 permissionDefAlpha.permissionName = TEST_PERMISSION_NAME_ALPHA;
419 permissionDefAlpha.bundleName = TEST_BUNDLE_NAME;
420 permissionDefAlpha.grantMode = GrantMode::USER_GRANT;
421 permissionDefAlpha.availableLevel = APL_NORMAL;
422 permissionDefAlpha.provisionEnable = false;
423 permissionDefAlpha.distributedSceneEnable = false;
424
425 PermissionDef permissionDefBeta;
426 permissionDefBeta.permissionName = TEST_PERMISSION_NAME_BETA;
427 permissionDefBeta.bundleName = TEST_BUNDLE_NAME;
428 permissionDefBeta.grantMode = GrantMode::SYSTEM_GRANT;
429 permissionDefBeta.availableLevel = APL_NORMAL;
430 permissionDefBeta.provisionEnable = false;
431 permissionDefBeta.distributedSceneEnable = false;
432
433 PermissionDef testPermDef1;
434 testPermDef1.permissionName = "ohos.permission.testPermDef1";
435 testPermDef1.bundleName = TEST_BUNDLE_NAME;
436 testPermDef1.grantMode = GrantMode::USER_GRANT;
437 testPermDef1.availableLevel = APL_NORMAL;
438 testPermDef1.provisionEnable = false;
439 testPermDef1.distributedSceneEnable = false;
440
441 PermissionDef testPermDef2;
442 testPermDef2.permissionName = "ohos.permission.testPermDef2";
443 testPermDef2.bundleName = TEST_BUNDLE_NAME;
444 testPermDef2.grantMode = GrantMode::USER_GRANT;
445 testPermDef2.availableLevel = APL_NORMAL;
446 testPermDef2.provisionEnable = false;
447 testPermDef2.distributedSceneEnable = false;
448
449 PermissionDef testPermDef3;
450 testPermDef3.permissionName = "ohos.permission.testPermDef3";
451 testPermDef3.bundleName = TEST_BUNDLE_NAME;
452 testPermDef3.grantMode = GrantMode::USER_GRANT;
453 testPermDef3.availableLevel = APL_NORMAL;
454 testPermDef3.provisionEnable = false;
455 testPermDef3.distributedSceneEnable = false;
456
457 PermissionDef testPermDef4;
458 testPermDef4.permissionName = "ohos.permission.testPermDef4";
459 testPermDef4.bundleName = TEST_BUNDLE_NAME;
460 testPermDef4.grantMode = GrantMode::USER_GRANT;
461 testPermDef4.availableLevel = APL_NORMAL;
462 testPermDef4.provisionEnable = false;
463 testPermDef4.distributedSceneEnable = false;
464
465 policy.permList.emplace_back(permissionDefAlpha);
466 policy.permList.emplace_back(permissionDefBeta);
467 policy.permList.emplace_back(testPermDef1);
468 policy.permList.emplace_back(testPermDef2);
469 policy.permList.emplace_back(testPermDef3);
470 policy.permList.emplace_back(testPermDef4);
471 }
472
SetUp()473 void AccessTokenKitExtensionTest::SetUp()
474 {
475 selfTokenId_ = GetSelfTokenID();
476 g_infoManagerTestInfoParms = g_infoManagerTestInfoParmsBak;
477 g_infoManagerTestPolicyPrams = g_infoManagerTestPolicyPramsBak;
478 HapInfoParams info = {
479 .userID = TEST_USER_ID,
480 .bundleName = TEST_BUNDLE_NAME,
481 .instIndex = 0,
482 .appIDDesc = "appIDDesc",
483 .apiVersion = DEFAULT_API_VERSION,
484 .isSystemApp = true
485 };
486
487 HapPolicyParams policy = {
488 .apl = APL_NORMAL,
489 .domain = "domain"
490 };
491 PreparePermDefList(policy);
492 PreparePermStateList(policy);
493 policy.permStateList.emplace_back(g_grantPermissionReq);
494 policy.permStateList.emplace_back(g_revokePermissionReq);
495 AccessTokenKit::AllocHapToken(info, policy);
496 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
497 g_infoManagerTestInfoParms.bundleName,
498 g_infoManagerTestInfoParms.instIndex);
499 AccessTokenKit::DeleteToken(tokenID);
500 ACCESSTOKEN_LOG_INFO(LABEL, "SetUp ok.");
501 }
502
TearDown()503 void AccessTokenKitExtensionTest::TearDown()
504 {
505 AccessTokenID tokenId = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
506 AccessTokenKit::DeleteToken(tokenId);
507 tokenId = AccessTokenKit::GetHapTokenID(g_infoManagerTestNormalInfoParms.userID,
508 g_infoManagerTestNormalInfoParms.bundleName,
509 g_infoManagerTestNormalInfoParms.instIndex);
510 AccessTokenKit::DeleteToken(tokenId);
511
512 tokenId = AccessTokenKit::GetHapTokenID(g_infoManagerTestSystemInfoParms.userID,
513 g_infoManagerTestSystemInfoParms.bundleName,
514 g_infoManagerTestSystemInfoParms.instIndex);
515 AccessTokenKit::DeleteToken(tokenId);
516 EXPECT_EQ(0, SetSelfTokenID(selfTokenId_));
517 }
518
AllocHapToken(std::vector<PermissionDef> & permissionDefs,std::vector<PermissionStateFull> & permissionStateFulls,int32_t apiVersion)519 void AccessTokenKitExtensionTest::AllocHapToken(std::vector<PermissionDef>& permissionDefs,
520 std::vector<PermissionStateFull>& permissionStateFulls, int32_t apiVersion)
521 {
522 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
523 AccessTokenKit::DeleteToken(tokenID);
524
525 HapInfoParams info = g_locationTestInfo;
526 info.apiVersion = apiVersion;
527
528 HapPolicyParams policy = {
529 .apl = APL_NORMAL,
530 .domain = "domain"
531 };
532
533 for (auto& permissionDef:permissionDefs) {
534 policy.permList.emplace_back(permissionDef);
535 }
536
537 for (auto& permissionStateFull:permissionStateFulls) {
538 policy.permStateList.emplace_back(permissionStateFull);
539 }
540
541 AccessTokenKit::AllocHapToken(info, policy);
542 }
543
GetAccessTokenID(int userID,std::string bundleName,int instIndex)544 unsigned int AccessTokenKitExtensionTest::GetAccessTokenID(int userID, std::string bundleName, int instIndex)
545 {
546 return AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex);
547 }
548
GetPermsList1(std::vector<PermissionListState> & permsList1)549 void GetPermsList1(std::vector<PermissionListState> &permsList1)
550 {
551 PermissionListState perm1 = {
552 .permissionName = "ohos.permission.testPermDef1",
553 .state = SETTING_OPER,
554 };
555 PermissionListState perm2 = {
556 .permissionName = "ohos.permission.testPermDef2",
557 .state = SETTING_OPER,
558 };
559 PermissionListState perm3 = {
560 .permissionName = "ohos.permission.testPermDef3",
561 .state = SETTING_OPER,
562 };
563 PermissionListState perm4 = {
564 .permissionName = "ohos.permission.testPermDef4",
565 .state = SETTING_OPER,
566 };
567 permsList1.emplace_back(perm1);
568 permsList1.emplace_back(perm2);
569 permsList1.emplace_back(perm3);
570 permsList1.emplace_back(perm4);
571 }
572
GetPermsList2(std::vector<PermissionListState> & permsList2)573 void GetPermsList2(std::vector<PermissionListState> &permsList2)
574 {
575 PermissionListState perm3 = {
576 .permissionName = "ohos.permission.testPermDef3",
577 .state = SETTING_OPER,
578 };
579 PermissionListState perm4 = {
580 .permissionName = "ohos.permission.testPermDef4",
581 .state = SETTING_OPER,
582 };
583 permsList2.emplace_back(perm3);
584 permsList2.emplace_back(perm4);
585 }
586 /**
587 * @tc.name: GetSelfPermissionsState001
588 * @tc.desc: get permission list state
589 * @tc.type: FUNC
590 * @tc.require: Issue Number
591 */
592 HWTEST_F(AccessTokenKitExtensionTest, GetSelfPermissionsState001, TestSize.Level1)
593 {
594 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
595 ASSERT_NE(INVALID_TOKENID, tokenID);
596 ASSERT_EQ(0, SetSelfTokenID(tokenID));
597
598 std::vector<PermissionListState> permsList1;
599 GetPermsList1(permsList1);
600 PermissionGrantInfo info;
601 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList1, info);
602 ASSERT_EQ(DYNAMIC_OPER, ret);
603 ASSERT_EQ(static_cast<uint32_t>(4), permsList1.size());
604 ASSERT_EQ(DYNAMIC_OPER, permsList1[0].state);
605 ASSERT_EQ(DYNAMIC_OPER, permsList1[1].state);
606 ASSERT_EQ(SETTING_OPER, permsList1[2].state);
607 ASSERT_EQ(PASS_OPER, permsList1[3].state);
608 ASSERT_EQ("ohos.permission.testPermDef1", permsList1[0].permissionName);
609 ASSERT_EQ("ohos.permission.testPermDef2", permsList1[1].permissionName);
610 ASSERT_EQ("ohos.permission.testPermDef3", permsList1[2].permissionName);
611 ASSERT_EQ("ohos.permission.testPermDef4", permsList1[3].permissionName);
612
613 PermissionListState perm5 = {
614 .permissionName = "ohos.permission.testPermDef5",
615 .state = SETTING_OPER,
616 };
617 permsList1.emplace_back(perm5);
618 ret = AccessTokenKit::GetSelfPermissionsState(permsList1, info);
619 ASSERT_EQ(INVALID_OPER, permsList1[4].state);
620 ASSERT_EQ(DYNAMIC_OPER, ret);
621
622 std::vector<PermissionListState> permsList2;
623 GetPermsList2(permsList2);
624 ret = AccessTokenKit::GetSelfPermissionsState(permsList2, info);
625 ASSERT_EQ(SETTING_OPER, permsList2[0].state);
626 ASSERT_EQ(PASS_OPER, permsList2[1].state);
627 ASSERT_EQ(PASS_OPER, ret);
628
629 permsList2.emplace_back(perm5);
630 ret = AccessTokenKit::GetSelfPermissionsState(permsList2, info);
631 ASSERT_EQ(SETTING_OPER, permsList2[0].state);
632 ASSERT_EQ(PASS_OPER, permsList2[1].state);
633 ASSERT_EQ(INVALID_OPER, permsList2[2].state);
634 ASSERT_EQ(PASS_OPER, ret);
635
636 std::vector<PermissionListState> permsList3;
637 permsList3.emplace_back(perm5);
638 ret = AccessTokenKit::GetSelfPermissionsState(permsList3, info);
639 ASSERT_EQ(INVALID_OPER, permsList3[0].state);
640 ASSERT_EQ(PASS_OPER, ret);
641 }
642
643 /**
644 * @tc.name: GetSelfPermissionsState002
645 * @tc.desc: permission list is empty or oversize
646 * @tc.type: FUNC
647 * @tc.require:
648 */
649 HWTEST_F(AccessTokenKitExtensionTest, GetSelfPermissionsState002, TestSize.Level1)
650 {
651 std::vector<PermissionListState> permsList;
652 PermissionGrantInfo info;
653 ASSERT_EQ(PASS_OPER, AccessTokenKit::GetSelfPermissionsState(permsList, info));
654
655 for (uint32_t i = 0; i < MAX_PERMISSION_SIZE + 1; i++) {
656 PermissionListState tmp = {
657 .permissionName = "ohos.permission.CAMERA",
658 .state = PASS_OPER
659 };
660 permsList.emplace_back(tmp);
661 }
662 ASSERT_EQ(INVALID_OPER, AccessTokenKit::GetSelfPermissionsState(permsList, info));
663 }
664
665 /**
666 * @tc.name: GetSelfPermissionsState003
667 * @tc.desc: test token id is native
668 * @tc.type: FUNC
669 * @tc.require:
670 */
671 HWTEST_F(AccessTokenKitExtensionTest, GetSelfPermissionsState003, TestSize.Level1)
672 {
673 AccessTokenID tokenId = AccessTokenKit::GetNativeTokenId("hdcd");
674 EXPECT_EQ(0, SetSelfTokenID(tokenId));
675 std::vector<PermissionListState> permsList3;
676 PermissionListState tmp = {
677 .permissionName = "ohos.permission.CAMERA",
678 .state = PASS_OPER
679 };
680 permsList3.emplace_back(tmp);
681 PermissionGrantInfo info;
682 ASSERT_EQ(INVALID_OPER, AccessTokenKit::GetSelfPermissionsState(permsList3, info));
683 }
684
685 /**
686 * @tc.name: GetSelfPermissionsState004
687 * @tc.desc: test noexist token id
688 * @tc.type: FUNC
689 * @tc.require:
690 */
691 HWTEST_F(AccessTokenKitExtensionTest, GetSelfPermissionsState004, TestSize.Level1)
692 {
693 AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
694 EXPECT_EQ(0, SetSelfTokenID(tokenId));
695 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenId));
696 std::vector<PermissionListState> permsList4;
697 PermissionListState tmp = {
698 .permissionName = "ohos.permission.CAMERA",
699 .state = PASS_OPER
700 };
701 permsList4.emplace_back(tmp);
702 PermissionGrantInfo info;
703 ASSERT_EQ(INVALID_OPER, AccessTokenKit::GetSelfPermissionsState(permsList4, info));
704 }
705
706 /**
707 * @tc.name: GetSelfPermissionsState005
708 * @tc.desc: test noexist token id
709 * @tc.type: FUNC
710 * @tc.require:
711 */
712 HWTEST_F(AccessTokenKitExtensionTest, GetSelfPermissionsState005, TestSize.Level1)
713 {
714 AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
715 EXPECT_EQ(0, SetSelfTokenID(tokenId));
716 std::vector<PermissionListState> permsList4;
717 PermissionListState tmp = {
718 .permissionName = "ohos.permission.SHORT_TERM_WRITE_IMAGEVIDEO", // todo
719 .state = PASS_OPER
720 };
721 permsList4.emplace_back(tmp);
722 PermissionGrantInfo info;
723 ASSERT_EQ(PASS_OPER, AccessTokenKit::GetSelfPermissionsState(permsList4, info));
724 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenId));
725 }
726
727 /**
728 * @tc.name: GetPermissionsStatus001
729 * @tc.desc: get different permissions status
730 * @tc.type: FUNC
731 * @tc.require:
732 */
733 HWTEST_F(AccessTokenKitExtensionTest, GetPermissionsStatus001, TestSize.Level1)
734 {
735 AccessTokenIDEx tokenIDEx = AccessTokenKit::GetHapTokenIDEx(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
736 AccessTokenID tokenID = tokenIDEx.tokenIdExStruct.tokenID;
737 ASSERT_NE(INVALID_TOKENID, tokenID);
738 EXPECT_EQ(0, SetSelfTokenID(tokenIDEx.tokenIDEx));
739
740 std::vector<PermissionListState> permsList;
741 PermissionListState tmpA = {
742 .permissionName = "ohos.permission.testPermDef1",
743 .state = SETTING_OPER
744 };
745 PermissionListState tmpB = {
746 .permissionName = "ohos.permission.testPermDef3",
747 .state = SETTING_OPER
748 };
749 PermissionListState tmpC = {
750 .permissionName = TEST_PERMISSION_NAME_BETA,
751 .state = SETTING_OPER
752 };
753 PermissionListState tmpD = {
754 .permissionName = "ohos.permission.xxx",
755 .state = SETTING_OPER
756 };
757 PermissionListState tmpE = {
758 .permissionName = "ohos.permission.CAMERA",
759 .state = SETTING_OPER
760 };
761
762 permsList.emplace_back(tmpA);
763 permsList.emplace_back(tmpB);
764 permsList.emplace_back(tmpC);
765 permsList.emplace_back(tmpD);
766 permsList.emplace_back(tmpE);
767 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetPermissionsStatus(tokenID, permsList));
768 ASSERT_EQ(DYNAMIC_OPER, permsList[0].state);
769 ASSERT_EQ(SETTING_OPER, permsList[1].state);
770 ASSERT_EQ(PASS_OPER, permsList[2].state);
771 ASSERT_EQ(INVALID_OPER, permsList[3].state);
772 ASSERT_EQ(INVALID_OPER, permsList[4].state);
773 }
774
775 /**
776 * @tc.name: GetPermissionsStatus002
777 * @tc.desc: get different permissions status after set perm dialog cap
778 * @tc.type: FUNC
779 * @tc.require:
780 */
781 HWTEST_F(AccessTokenKitExtensionTest, GetPermissionsStatus002, TestSize.Level1)
782 {
783 AccessTokenIDEx tokenIDEx = AccessTokenKit::GetHapTokenIDEx(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
784 AccessTokenID tokenID = tokenIDEx.tokenIdExStruct.tokenID;
785 ASSERT_NE(INVALID_TOKENID, tokenID);
786 EXPECT_EQ(0, SetSelfTokenID(tokenIDEx.tokenIDEx));
787
788 std::vector<PermissionListState> permsList;
789 PermissionListState tmpA = {
790 .permissionName = "ohos.permission.testPermDef1",
791 .state = SETTING_OPER
792 };
793 PermissionListState tmpB = {
794 .permissionName = "ohos.permission.testPermDef3",
795 .state = SETTING_OPER
796 };
797 PermissionListState tmpC = {
798 .permissionName = TEST_PERMISSION_NAME_BETA,
799 .state = SETTING_OPER
800 };
801 PermissionListState tmpD = {
802 .permissionName = "ohos.permission.xxx",
803 .state = SETTING_OPER
804 };
805 PermissionListState tmpE = {
806 .permissionName = "ohos.permission.CAMERA",
807 .state = SETTING_OPER
808 };
809
810 permsList.emplace_back(tmpA);
811 permsList.emplace_back(tmpB);
812 permsList.emplace_back(tmpC);
813 permsList.emplace_back(tmpD);
814 permsList.emplace_back(tmpE);
815
816 HapBaseInfo hapBaseInfo = {
817 .userID = TEST_USER_ID,
818 .bundleName = TEST_BUNDLE_NAME,
819 .instIndex = 0
820 };
821 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true));
822 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetPermissionsStatus(tokenID, permsList));
823 ASSERT_EQ(FORBIDDEN_OPER, permsList[0].state);
824 ASSERT_EQ(FORBIDDEN_OPER, permsList[1].state);
825 ASSERT_EQ(FORBIDDEN_OPER, permsList[2].state);
826 ASSERT_EQ(INVALID_OPER, permsList[3].state);
827 ASSERT_EQ(INVALID_OPER, permsList[4].state);
828 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::SetPermDialogCap(hapBaseInfo, false));
829 }
830
831 /**
832 * @tc.name: GetPermissionsStatus003
833 * @tc.desc: invalid input param: tokenID is 0 or permissionList is empty
834 * @tc.type: FUNC
835 * @tc.require:
836 */
837 HWTEST_F(AccessTokenKitExtensionTest, GetPermissionsStatus003, TestSize.Level1)
838 {
839 AccessTokenIDEx tokenIDEx = AccessTokenKit::GetHapTokenIDEx(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
840 AccessTokenID tokenID = tokenIDEx.tokenIdExStruct.tokenID;
841 ASSERT_NE(INVALID_TOKENID, tokenID);
842 EXPECT_EQ(0, SetSelfTokenID(tokenIDEx.tokenIDEx));
843
844 std::vector<PermissionListState> permsList;
845 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenKit::GetPermissionsStatus(tokenID, permsList));
846 PermissionListState tmpA = {
847 .permissionName = "ohos.permission.testPermDef1",
848 .state = SETTING_OPER
849 };
850 permsList.emplace_back(tmpA);
851
852 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenKit::GetPermissionsStatus(0, permsList));
853 ASSERT_EQ(SETTING_OPER, permsList[0].state);
854 }
855
856 /**
857 * @tc.name: GetPermissionsStatus04
858 * @tc.desc: tokenID not exit
859 * @tc.type: FUNC
860 * @tc.require:
861 */
862 HWTEST_F(AccessTokenKitExtensionTest, GetPermissionsStatus004, TestSize.Level1)
863 {
864 std::vector<PermissionListState> permsList;
865 PermissionListState tmpA = {
866 .permissionName = "ohos.permission.testPermDef1",
867 .state = SETTING_OPER
868 };
869 permsList.emplace_back(tmpA);
870
871 ASSERT_EQ(ERR_TOKENID_NOT_EXIST, AccessTokenKit::GetPermissionsStatus(TOKENID_NOT_EXIST, permsList));
872 ASSERT_EQ(SETTING_OPER, permsList[0].state);
873 }
874
875 /**
876 * @tc.name: GetPermissionsStatus005
877 * @tc.desc: callling without permission
878 * @tc.type: FUNC
879 * @tc.require:
880 */
881 HWTEST_F(AccessTokenKitExtensionTest, GetPermissionsStatus005, TestSize.Level1)
882 {
883 AccessTokenIDEx tokenIDEx = {0};
884 tokenIDEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams);
885 AccessTokenID tokenID = tokenIDEx.tokenIdExStruct.tokenID;
886 ASSERT_NE(INVALID_TOKENID, tokenID);
887 EXPECT_EQ(0, SetSelfTokenID(tokenIDEx.tokenIDEx));
888
889 std::vector<PermissionListState> permsList;
890 PermissionListState tmpA = {
891 .permissionName = "ohos.permission.testPermDef1",
892 .state = SETTING_OPER
893 };
894
895 permsList.emplace_back(tmpA);
896 int32_t selfUid = getuid();
897 setuid(10001); // 10001: UID
898
899 ASSERT_EQ(ERR_PERMISSION_DENIED, AccessTokenKit::GetPermissionsStatus(tokenID, permsList));
900 ASSERT_EQ(SETTING_OPER, permsList[0].state);
901 setuid(selfUid);
902 }
903
904 /**
905 * @tc.name: GetPermissionsStatus006
906 * @tc.desc: callling is normal hap
907 * @tc.type: FUNC
908 * @tc.require:
909 */
910 HWTEST_F(AccessTokenKitExtensionTest, GetPermissionsStatus006, TestSize.Level1)
911 {
912 AccessTokenIDEx tokenIDEx = {0};
913 tokenIDEx = AccessTokenKit::AllocHapToken(g_infoManagerTestNormalInfoParms, g_infoManagerTestPolicyPrams);
914 AccessTokenID tokenID = tokenIDEx.tokenIdExStruct.tokenID;
915 ASSERT_NE(INVALID_TOKENID, tokenID);
916 EXPECT_EQ(0, SetSelfTokenID(tokenIDEx.tokenIDEx));
917
918 std::vector<PermissionListState> permsList;
919 PermissionListState tmpA = {
920 .permissionName = "ohos.permission.testPermDef1",
921 .state = SETTING_OPER
922 };
923
924 permsList.emplace_back(tmpA);
925
926 ASSERT_EQ(ERR_NOT_SYSTEM_APP, AccessTokenKit::GetPermissionsStatus(tokenID, permsList));
927 ASSERT_EQ(SETTING_OPER, permsList[0].state);
928 }
929
930 /**
931 * @tc.name: GetPermissionsStatus007
932 * @tc.desc: callling is native SA
933 * @tc.type: FUNC
934 * @tc.require:
935 */
936 HWTEST_F(AccessTokenKitExtensionTest, GetPermissionsStatus007, TestSize.Level1)
937 {
938 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
939 ASSERT_NE(INVALID_TOKENID, tokenID);
940
941 std::vector<PermissionListState> permsList;
942 PermissionListState tmpA = {
943 .permissionName = "ohos.permission.testPermDef1",
944 .state = SETTING_OPER
945 };
946
947 permsList.emplace_back(tmpA);
948
949 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetPermissionsStatus(tokenID, permsList));
950 ASSERT_EQ(DYNAMIC_OPER, permsList[0].state);
951 }
952
953 /**
954 * @tc.name: GetTokenTypeFlag003
955 * @tc.desc: Get token type with hap tokenID.
956 * @tc.type: FUNC
957 * @tc.require: Issue Number
958 */
959 HWTEST_F(AccessTokenKitExtensionTest, GetTokenTypeFlag003, TestSize.Level1)
960 {
961 AccessTokenIDEx tokenIdEx = {0};
962 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
963 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIdExStruct.tokenID);
964
965 ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenIdEx.tokenIdExStruct.tokenID);
966 ASSERT_EQ(ret, TOKEN_HAP);
967
968 int res = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
969 ASSERT_EQ(RET_SUCCESS, res);
970 }
971
972 /**
973 * @tc.name: GetPermissionFlag006
974 * @tc.desc: Get permission flag after grant permission.
975 * @tc.type: FUNC
976 * @tc.require: Issue Number
977 */
978 HWTEST_F(AccessTokenKitExtensionTest, GetPermissionFlag006, TestSize.Level1)
979 {
980 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
981 ASSERT_NE(INVALID_TOKENID, tokenID);
982 int ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_POLICY_FIXED);
983 ASSERT_EQ(RET_SUCCESS, ret);
984
985 uint32_t flag;
986 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
987 ASSERT_EQ(PERMISSION_POLICY_FIXED, flag);
988 ASSERT_EQ(RET_SUCCESS, ret);
989 }
990
991 /**
992 * @tc.name: DumpTokenInfo001
993 * @tc.desc: Get dump token information with invalid tokenID
994 * @tc.type: FUNC
995 * @tc.require:Issue Number
996 */
997 HWTEST_F(AccessTokenKitExtensionTest, DumpTokenInfo001, TestSize.Level1)
998 {
999 SetSelfTokenID(g_selfShellTokenId);
1000 std::string dumpInfo;
1001 AtmToolsParamInfo info;
1002 info.tokenId = 123;
1003 AccessTokenKit::DumpTokenInfo(info, dumpInfo);
1004 ASSERT_EQ("invalid tokenId", dumpInfo);
1005 }
1006
1007 class CbCustomizeTest : public PermStateChangeCallbackCustomize {
1008 public:
CbCustomizeTest(const PermStateChangeScope & scopeInfo)1009 explicit CbCustomizeTest(const PermStateChangeScope &scopeInfo)
1010 : PermStateChangeCallbackCustomize(scopeInfo)
1011 {
1012 }
1013
~CbCustomizeTest()1014 ~CbCustomizeTest()
1015 {}
1016
PermStateChangeCallback(PermStateChangeInfo & result)1017 virtual void PermStateChangeCallback(PermStateChangeInfo& result)
1018 {
1019 ready_ = true;
1020 int32_t status = (result.permStateChangeType == 1) ? PERMISSION_GRANTED : PERMISSION_DENIED;
1021 ASSERT_EQ(status, AccessTokenKit::VerifyAccessToken(result.tokenID, result.permissionName));
1022 }
1023
1024 bool ready_;
1025 };
1026
1027 /**
1028 * @tc.name: RegisterPermStateChangeCallback001
1029 * @tc.desc: RegisterPermStateChangeCallback permList
1030 * @tc.type: FUNC
1031 * @tc.require: issueI5NT1X
1032 */
1033 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback001, TestSize.Level1)
1034 {
1035 PermStateChangeScope scopeInfo;
1036 scopeInfo.permList = {"ohos.permission.CAMERA"};
1037 scopeInfo.tokenIDs = {};
1038 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1039 callbackPtr->ready_ = false;
1040
1041 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1042 ASSERT_EQ(RET_SUCCESS, res);
1043
1044 static PermissionStateFull infoManagerTestStateA = {
1045 .permissionName = "ohos.permission.CAMERA",
1046 .isGeneral = true,
1047 .resDeviceID = {"local2"},
1048 .grantStatus = {PERMISSION_DENIED},
1049 .grantFlags = {1}
1050 };
1051 static HapPolicyParams infoManagerTestPolicyPrams1 = {
1052 .apl = APL_NORMAL,
1053 .domain = "test.domain2",
1054 .permList = {},
1055 .permStateList = {infoManagerTestStateA}
1056 };
1057
1058 AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams1);
1059 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
1060 ASSERT_NE(INVALID_TOKENID, tokenID);
1061
1062 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
1063 ASSERT_EQ(RET_SUCCESS, res);
1064
1065 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false);
1066 ASSERT_EQ(PERMISSION_GRANTED, res);
1067 usleep(500000); // 500000us = 0.5s
1068 EXPECT_EQ(true, callbackPtr->ready_);
1069
1070 callbackPtr->ready_ = false;
1071
1072 res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.CAMERA", 2);
1073 ASSERT_EQ(RET_SUCCESS, res);
1074 usleep(500000); // 500000us = 0.5s
1075 EXPECT_EQ(true, callbackPtr->ready_);
1076
1077 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1078 ASSERT_EQ(RET_SUCCESS, res);
1079
1080 callbackPtr->ready_ = false;
1081
1082 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
1083 ASSERT_EQ(RET_SUCCESS, res);
1084 usleep(500000); // 500000us = 0.5s
1085 ASSERT_EQ(false, callbackPtr->ready_);
1086
1087 callbackPtr->ready_ = false;
1088
1089 res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.CAMERA", 2);
1090 ASSERT_EQ(RET_SUCCESS, res);
1091 usleep(500000); // 500000us = 0.5s
1092 ASSERT_EQ(false, callbackPtr->ready_);
1093
1094 res = AccessTokenKit::DeleteToken(tokenID);
1095 ASSERT_EQ(RET_SUCCESS, res);
1096 }
1097
1098 /**
1099 * @tc.name: RegisterPermStateChangeCallback002
1100 * @tc.desc: RegisterPermStateChangeCallback permList
1101 * @tc.type: FUNC
1102 * @tc.require: issueI5NT1X
1103 */
1104 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback002, TestSize.Level1)
1105 {
1106 PermStateChangeScope scopeInfo;
1107 scopeInfo.permList = {"ohos.permission.GET_BUNDLE_INFO"};
1108 scopeInfo.tokenIDs = {};
1109 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1110 callbackPtr->ready_ = false;
1111
1112 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1113
1114 static PermissionStateFull infoManagerTestStateA = {
1115 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
1116 .isGeneral = true,
1117 .resDeviceID = {"local2"},
1118 .grantStatus = {PERMISSION_GRANTED},
1119 .grantFlags = {1}
1120 };
1121 static PermissionStateFull infoManagerTestStateB = {
1122 .permissionName = "ohos.permission.CAMERA",
1123 .isGeneral = true,
1124 .resDeviceID = {"local2"},
1125 .grantStatus = {PERMISSION_GRANTED},
1126 .grantFlags = {1}
1127 };
1128 static HapPolicyParams infoManagerTestPolicyPrams2 = {
1129 .apl = APL_SYSTEM_BASIC,
1130 .domain = "test.domain2",
1131 .permList = {},
1132 .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
1133 };
1134
1135 AccessTokenIDEx tokenIdEx = {0};
1136 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams2);
1137
1138 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
1139
1140 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false);
1141 ASSERT_EQ(PERMISSION_GRANTED, res);
1142
1143 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
1144 ASSERT_EQ(RET_SUCCESS, res);
1145 usleep(500000); // 500000us = 0.5s
1146 EXPECT_EQ(false, callbackPtr->ready_);
1147
1148 res = AccessTokenKit::DeleteToken(tokenID);
1149 ASSERT_EQ(RET_SUCCESS, res);
1150
1151 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1152 ASSERT_EQ(RET_SUCCESS, res);
1153 }
1154
1155 /**
1156 * @tc.name: RegisterPermStateChangeCallback003
1157 * @tc.desc: RegisterPermStateChangeCallback permList
1158 * @tc.type: FUNC
1159 * @tc.require: issueI5NT1X
1160 */
1161 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback003, TestSize.Level1)
1162 {
1163 PermStateChangeScope scopeInfo;
1164 scopeInfo.permList = {};
1165 scopeInfo.tokenIDs = {};
1166 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1167 callbackPtr->ready_ = false;
1168
1169 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1170
1171 static PermissionStateFull infoManagerTestStateA = {
1172 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
1173 .isGeneral = true,
1174 .resDeviceID = {"local2"},
1175 .grantStatus = {PERMISSION_DENIED},
1176 .grantFlags = {1}
1177 };
1178 static PermissionStateFull infoManagerTestStateB = {
1179 .permissionName = "ohos.permission.CAMERA",
1180 .isGeneral = true,
1181 .resDeviceID = {"local2"},
1182 .grantStatus = {PERMISSION_DENIED},
1183 .grantFlags = {1}
1184 };
1185 static HapPolicyParams infoManagerTestPolicyPrams3 = {
1186 .apl = APL_SYSTEM_CORE,
1187 .domain = "test.domain2",
1188 .permList = {},
1189 .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
1190 };
1191
1192 AccessTokenIDEx tokenIdEx = {0};
1193 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams3);
1194
1195 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
1196
1197 callbackPtr->ready_ = false;
1198 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
1199 ASSERT_EQ(RET_SUCCESS, res);
1200 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false);
1201 ASSERT_EQ(PERMISSION_GRANTED, res);
1202 usleep(500000); // 500000us = 0.5s
1203 EXPECT_EQ(true, callbackPtr->ready_);
1204
1205 callbackPtr->ready_ = false;
1206 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.GET_BUNDLE_INFO", false);
1207 ASSERT_EQ(PERMISSION_DENIED, res);
1208 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.GET_BUNDLE_INFO", 2);
1209 ASSERT_EQ(RET_SUCCESS, res);
1210 usleep(500000); // 500000us = 0.5s
1211 EXPECT_EQ(true, callbackPtr->ready_);
1212
1213 res = AccessTokenKit::DeleteToken(tokenID);
1214 ASSERT_EQ(RET_SUCCESS, res);
1215
1216 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1217 ASSERT_EQ(RET_SUCCESS, res);
1218 }
1219
1220 /**
1221 * @tc.name: RegisterPermStateChangeCallback004
1222 * @tc.desc: RegisterPermStateChangeCallback with invalid tokenId
1223 * @tc.type: FUNC
1224 * @tc.require: issueI5NT1X
1225 */
1226 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback004, TestSize.Level1)
1227 {
1228 PermStateChangeScope scopeInfo;
1229 scopeInfo.permList = {"ohos.permission.GET_BUNDLE_INFO", "ohos.permission.CAMERA"};
1230 scopeInfo.tokenIDs = {555555}; // 555555为模拟的tokenid
1231 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1232 callbackPtr->ready_ = false;
1233
1234 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1235 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
1236
1237 static PermissionStateFull infoManagerTestStateA = {
1238 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
1239 .isGeneral = true,
1240 .resDeviceID = {"local2"},
1241 .grantStatus = {PERMISSION_GRANTED},
1242 .grantFlags = {1},
1243 };
1244 static PermissionStateFull infoManagerTestStateB = {
1245 .permissionName = "ohos.permission.CAMERA",
1246 .isGeneral = true,
1247 .resDeviceID = {"local2"},
1248 .grantStatus = {PERMISSION_GRANTED},
1249 .grantFlags = {1}
1250 };
1251 static HapPolicyParams infoManagerTestPolicyPrams4 = {
1252 .apl = APL_NORMAL,
1253 .domain = "test.domain2",
1254 .permList = {},
1255 .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
1256 };
1257
1258 AccessTokenIDEx tokenIdEx = {0};
1259 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams4);
1260
1261 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
1262
1263 callbackPtr->ready_ = false;
1264 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false);
1265 ASSERT_EQ(PERMISSION_GRANTED, res);
1266 res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.CAMERA", 2);
1267 ASSERT_EQ(RET_SUCCESS, res);
1268 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false);
1269 ASSERT_EQ(PERMISSION_DENIED, res);
1270 usleep(500000); // 500000us = 0.5s
1271 EXPECT_EQ(false, callbackPtr->ready_);
1272
1273 callbackPtr->ready_ = false;
1274 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.GET_BUNDLE_INFO", false);
1275 ASSERT_EQ(PERMISSION_GRANTED, res);
1276 res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.GET_BUNDLE_INFO", 2);
1277 ASSERT_EQ(RET_SUCCESS, res);
1278 usleep(500000); // 500000us = 0.5s
1279 EXPECT_EQ(false, callbackPtr->ready_);
1280
1281 res = AccessTokenKit::DeleteToken(tokenID);
1282 ASSERT_EQ(RET_SUCCESS, res);
1283 }
1284
1285 /**
1286 * @tc.name: RegisterPermStateChangeCallback005
1287 * @tc.desc: RegisterPermStateChangeCallback permList
1288 * @tc.type: FUNC
1289 * @tc.require: issueI5NT1X
1290 */
1291 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback005, TestSize.Level1)
1292 {
1293 static PermissionStateFull infoManagerTestStateA = {
1294 .permissionName = "ohos.permission.CAMERA",
1295 .isGeneral = true,
1296 .resDeviceID = {"local2"},
1297 .grantStatus = {PERMISSION_DENIED},
1298 .grantFlags = {1}
1299 };
1300 static PermissionStateFull infoManagerTestStateB = {
1301 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
1302 .isGeneral = true,
1303 .resDeviceID = {"local2"},
1304 .grantStatus = {PERMISSION_GRANTED},
1305 .grantFlags = {1}
1306 };
1307 static HapPolicyParams infoManagerTestPolicyPrams5 = {
1308 .apl = APL_NORMAL,
1309 .domain = "test.domain2",
1310 .permList = {},
1311 .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
1312 };
1313
1314 AccessTokenIDEx tokenIdEx = {0};
1315 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams5);
1316
1317 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
1318
1319 PermStateChangeScope scopeInfo;
1320 scopeInfo.permList = {"ohos.permission.GET_BUNDLE_INFO", "ohos.permission.CAMERA"};
1321 scopeInfo.tokenIDs = {tokenID, 0};
1322 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1323 callbackPtr->ready_ = false;
1324
1325 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1326
1327 callbackPtr->ready_ = false;
1328 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false);
1329 ASSERT_EQ(PERMISSION_DENIED, res);
1330 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
1331 usleep(500000); // 500000us = 0.5s
1332 ASSERT_EQ(RET_SUCCESS, res);
1333 EXPECT_EQ(true, callbackPtr->ready_);
1334
1335 callbackPtr->ready_ = false;
1336 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.GET_BUNDLE_INFO", false);
1337 ASSERT_EQ(PERMISSION_GRANTED, res);
1338 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.GET_BUNDLE_INFO", 2);
1339 ASSERT_EQ(RET_SUCCESS, res);
1340 usleep(500000); // 500000us = 0.5s
1341 EXPECT_EQ(false, callbackPtr->ready_);
1342
1343 res = AccessTokenKit::DeleteToken(tokenID);
1344 ASSERT_EQ(RET_SUCCESS, res);
1345
1346 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1347 ASSERT_EQ(RET_SUCCESS, res);
1348 }
1349
1350 /**
1351 * @tc.name: RegisterPermStateChangeCallback006
1352 * @tc.desc: RegisterPermStateChangeCallback with invaild permission
1353 * @tc.type: FUNC
1354 * @tc.require: issueI5NT1X
1355 */
1356 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback006, TestSize.Level1)
1357 {
1358 PermStateChangeScope scopeInfo;
1359 scopeInfo.permList = {"ohos.permission.INVALID"};
1360 scopeInfo.tokenIDs = {};
1361 auto callbackPtr1 = std::make_shared<CbCustomizeTest>(scopeInfo);
1362 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr1);
1363 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
1364
1365 static PermissionStateFull infoManagerTestState = {
1366 .permissionName = "ohos.permission.CAMERA",
1367 .isGeneral = true,
1368 .resDeviceID = {"local2"},
1369 .grantStatus = {PERMISSION_DENIED},
1370 .grantFlags = {1}
1371 };
1372 static HapPolicyParams infoManagerTestPolicyPrams6 = {
1373 .apl = APL_SYSTEM_BASIC,
1374 .domain = "test.domain2",
1375 .permList = {},
1376 .permStateList = {infoManagerTestState}
1377 };
1378
1379 AccessTokenIDEx tokenIdEx = {0};
1380 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams6);
1381
1382 scopeInfo.tokenIDs = {tokenIdEx.tokenIdExStruct.tokenID};
1383 scopeInfo.permList = {"ohos.permission.INVALID", "ohos.permission.CAMERA"};
1384 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1385 res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1386 ASSERT_EQ(RET_SUCCESS, res);
1387
1388 res = AccessTokenKit::GrantPermission(tokenIdEx.tokenIdExStruct.tokenID, "ohos.permission.CAMERA", 2);
1389 ASSERT_EQ(RET_SUCCESS, res);
1390 usleep(500000); // 500000us = 0.5s
1391 EXPECT_EQ(true, callbackPtr->ready_);
1392
1393 res = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
1394 ASSERT_EQ(RET_SUCCESS, res);
1395
1396 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1397 ASSERT_EQ(RET_SUCCESS, res);
1398 }
1399
1400 /**
1401 * @tc.name: RegisterPermStateChangeCallback007
1402 * @tc.desc: RegisterPermStateChangeCallback with permList, whose size is 1024/1025
1403 * @tc.type: FUNC
1404 * @tc.require: issueI5NT1X
1405 */
1406 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback007, TestSize.Level1)
1407 {
1408 PermStateChangeScope scopeInfo;
1409 scopeInfo.permList = {};
1410 scopeInfo.tokenIDs = {};
1411 for (int32_t i = 1; i <= 1025; i++) { // 1025 is a invalid size
1412 scopeInfo.permList.emplace_back("ohos.permission.GET_BUNDLE_INFO");
1413 if (i == 1025) { // 1025 is a invalid size
1414 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1415 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1416 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
1417 break;
1418 }
1419 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1420 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1421 ASSERT_EQ(RET_SUCCESS, res);
1422 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1423 ASSERT_EQ(RET_SUCCESS, res);
1424 }
1425 }
1426
1427 /**
1428 * @tc.name: RegisterPermStateChangeCallback008
1429 * @tc.desc: RegisterPermStateChangeCallback with tokenList, whose size is 1024/1025
1430 * @tc.type: FUNC
1431 * @tc.require: issueI5NT1X
1432 */
1433 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback008, TestSize.Level1)
1434 {
1435 PermStateChangeScope scopeInfo;
1436 scopeInfo.permList = {};
1437 scopeInfo.tokenIDs = {};
1438 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1439 callbackPtr->ready_ = false;
1440
1441 static HapPolicyParams infoManagerTestPolicyPrams8 = {
1442 .apl = APL_NORMAL,
1443 .domain = "test.domain",
1444 .permList = {},
1445 .permStateList = {}
1446 };
1447
1448 AccessTokenIDEx tokenIdEx = {0};
1449 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams8);
1450
1451 for (int32_t i = 1; i <= 1025; i++) { // 1025 is a invalid size
1452 scopeInfo.tokenIDs.emplace_back(tokenIdEx.tokenIdExStruct.tokenID);
1453 if (i == 1025) { // 1025 is a invalid size
1454 auto callbackPtr1 = std::make_shared<CbCustomizeTest>(scopeInfo);
1455 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr1);
1456 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
1457 break;
1458 }
1459 auto callbackPtr1 = std::make_shared<CbCustomizeTest>(scopeInfo);
1460 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr1);
1461 ASSERT_EQ(RET_SUCCESS, res);
1462 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr1);
1463 ASSERT_EQ(RET_SUCCESS, res);
1464 }
1465
1466 int32_t res = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
1467 ASSERT_EQ(RET_SUCCESS, res);
1468 }
1469
1470 /**
1471 * @tc.name: RegisterPermStateChangeCallback009
1472 * @tc.desc: RegisterPermStateChangeCallback
1473 * @tc.type: FUNC
1474 * @tc.require: issueI5NT1X
1475 */
1476 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback009, TestSize.Level1)
1477 {
1478 PermStateChangeScope scopeInfo;
1479 scopeInfo.permList = {};
1480 scopeInfo.tokenIDs = {};
1481 std::vector<std::shared_ptr<CbCustomizeTest>> callbackList;
1482
1483 for (int32_t i = 0; i < 200; i++) { // 200 is the max size
1484 if (i == 200) { // 200 is the max size
1485 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1486 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1487 ASSERT_EQ(AccessTokenError::ERR_CALLBACKS_EXCEED_LIMITATION, res);
1488 break;
1489 }
1490 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1491 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1492 ASSERT_EQ(RET_SUCCESS, res);
1493 callbackList.emplace_back(callbackPtr);
1494 }
1495 for (int32_t i = 0; i < 200; i++) { // release 200 callback
1496 auto callbackPtr = callbackList[i];
1497 int32_t res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1498 ASSERT_EQ(RET_SUCCESS, res);
1499 }
1500 callbackList.clear();
1501 }
1502
1503 /**
1504 * @tc.name: RegisterPermStateChangeCallback010
1505 * @tc.desc: RegisterPermStateChangeCallback with nullptr
1506 * @tc.type: FUNC
1507 * @tc.require: issueI5NT1X
1508 */
1509 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback010, TestSize.Level1)
1510 {
1511 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(nullptr);
1512 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
1513 }
1514
1515 /**
1516 * @tc.name: RegisterPermStateChangeCallback011
1517 * @tc.desc: RegisterPermStateChangeCallback caller is normal app.
1518 * @tc.type: FUNC
1519 * @tc.require: issueI66BH3
1520 */
1521 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback011, TestSize.Level0)
1522 {
1523 AccessTokenIDEx tokenIdEx = {0};
1524 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestNormalInfoParms, g_infoManagerTestPolicyPrams);
1525 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1526 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
1527
1528 PermStateChangeScope scopeInfo;
1529 scopeInfo.permList = {"ohos.permission.CAMERA"};
1530 scopeInfo.tokenIDs = {};
1531 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1532 callbackPtr->ready_ = false;
1533
1534 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1535 ASSERT_EQ(ERR_NOT_SYSTEM_APP, res);
1536 }
1537
1538 /**
1539 * @tc.name: RegisterPermStateChangeCallback012
1540 * @tc.desc: RegisterPermStateChangeCallback caller is system app.
1541 * @tc.type: FUNC
1542 * @tc.require: issueI66BH3
1543 */
1544 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback012, TestSize.Level0)
1545 {
1546 static HapPolicyParams policyPrams = {
1547 .apl = APL_SYSTEM_CORE,
1548 .domain = "test.domain",
1549 };
1550 policyPrams.permStateList.emplace_back(g_getPermissionReq);
1551 AccessTokenIDEx tokenIdEx = {0};
1552 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, policyPrams);
1553 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1554 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
1555
1556 PermStateChangeScope scopeInfo;
1557 scopeInfo.permList = {"ohos.permission.CAMERA"};
1558 scopeInfo.tokenIDs = {};
1559 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1560 callbackPtr->ready_ = false;
1561
1562 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1563 ASSERT_EQ(RET_SUCCESS, res);
1564 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1565 ASSERT_EQ(RET_SUCCESS, res);
1566 }
1567
1568 /**
1569 * @tc.name: RegisterPermStateChangeCallback013
1570 * @tc.desc: ClearUserGrantedPermissionState notify.
1571 * @tc.type: FUNC
1572 * @tc.require: issueI5NT1X
1573 */
1574 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback013, TestSize.Level1)
1575 {
1576 PermStateChangeScope scopeInfo;
1577 static PermissionStateFull infoManagerTestStateA = {
1578 .permissionName = "ohos.permission.CAMERA",
1579 .isGeneral = true,
1580 .resDeviceID = {"local2"},
1581 .grantStatus = {PERMISSION_DENIED},
1582 .grantFlags = {1}
1583 };
1584 static HapPolicyParams infoManagerTestPolicyPrams13 = {
1585 .apl = APL_SYSTEM_BASIC,
1586 .domain = "test.domain2",
1587 .permList = {},
1588 .permStateList = {infoManagerTestStateA}
1589 };
1590
1591 AccessTokenIDEx tokenIdEx = {0};
1592 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams13);
1593
1594 scopeInfo.tokenIDs = {tokenIdEx.tokenIdExStruct.tokenID};
1595 scopeInfo.permList = {"ohos.permission.CAMERA"};
1596 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1597 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1598 ASSERT_EQ(RET_SUCCESS, res);
1599
1600 res = AccessTokenKit::GrantPermission(tokenIdEx.tokenIdExStruct.tokenID, "ohos.permission.CAMERA", 2);
1601 EXPECT_EQ(RET_SUCCESS, res);
1602 usleep(500000); // 500000us = 0.5s
1603 EXPECT_EQ(true, callbackPtr->ready_);
1604
1605 callbackPtr->ready_ = false;
1606 res = AccessTokenKit::ClearUserGrantedPermissionState(tokenIdEx.tokenIdExStruct.tokenID);
1607 EXPECT_EQ(RET_SUCCESS, res);
1608 usleep(500000); // 500000us = 0.5s
1609 EXPECT_EQ(true, callbackPtr->ready_);
1610
1611 callbackPtr->ready_ = false;
1612 res = AccessTokenKit::GrantPermission(tokenIdEx.tokenIdExStruct.tokenID, "ohos.permission.CAMERA", 2);
1613 EXPECT_EQ(RET_SUCCESS, res);
1614 usleep(500000); // 500000us = 0.5s
1615 EXPECT_EQ(true, callbackPtr->ready_);
1616
1617 callbackPtr->ready_ = false;
1618 res = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
1619 EXPECT_EQ(RET_SUCCESS, res);
1620 usleep(500000); // 500000us = 0.5s
1621 EXPECT_EQ(true, callbackPtr->ready_);
1622
1623 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1624 ASSERT_EQ(RET_SUCCESS, res);
1625 }
1626
1627 /**
1628 * @tc.name: RegisterPermStateChangeCallback014
1629 * @tc.desc: ClearUserGrantedPermissionState notify.
1630 * @tc.type: FUNC
1631 * @tc.require: issueI5NT1X
1632 */
1633 HWTEST_F(AccessTokenKitExtensionTest, RegisterPermStateChangeCallback014, TestSize.Level1)
1634 {
1635 PermStateChangeScope scopeInfo;
1636 static PermissionStateFull infoManagerTestStateA = {
1637 .permissionName = "ohos.permission.READ_MEDIA",
1638 .isGeneral = true,
1639 .resDeviceID = {"local2"},
1640 .grantStatus = {PERMISSION_DENIED},
1641 .grantFlags = {1}
1642 };
1643 static HapPolicyParams infoManagerTestPolicyPrams14 = {
1644 .apl = APL_SYSTEM_BASIC,
1645 .domain = "testA.domain2",
1646 .permList = {},
1647 .permStateList = {infoManagerTestStateA}
1648 };
1649
1650 AccessTokenIDEx tokenIdEx = {0};
1651 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams14);
1652
1653 scopeInfo.tokenIDs = {tokenIdEx.tokenIdExStruct.tokenID};
1654 scopeInfo.permList = {"ohos.permission.READ_MEDIA"};
1655 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1656 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1657 ASSERT_EQ(RET_SUCCESS, res);
1658
1659 res = AccessTokenKit::GrantPermission(tokenIdEx.tokenIdExStruct.tokenID,
1660 "ohos.permission.READ_MEDIA", PERMISSION_SYSTEM_FIXED);
1661 EXPECT_EQ(RET_SUCCESS, res);
1662 usleep(500000); // 500000us = 0.5s
1663 EXPECT_EQ(true, callbackPtr->ready_);
1664
1665 callbackPtr->ready_ = false;
1666 res = AccessTokenKit::ClearUserGrantedPermissionState(tokenIdEx.tokenIdExStruct.tokenID);
1667 EXPECT_EQ(RET_SUCCESS, res);
1668 usleep(500000); // 500000us = 0.5s
1669 EXPECT_EQ(false, callbackPtr->ready_);
1670
1671 callbackPtr->ready_ = false;
1672 res = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
1673 EXPECT_EQ(RET_SUCCESS, res);
1674 usleep(500000); // 500000us = 0.5s
1675 EXPECT_EQ(true, callbackPtr->ready_);
1676
1677 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1678 ASSERT_EQ(RET_SUCCESS, res);
1679 }
1680
1681 /**
1682 * @tc.name: UnRegisterPermStateChangeCallback001
1683 * @tc.desc: UnRegisterPermStateChangeCallback with invalid input.
1684 * @tc.type: FUNC
1685 * @tc.require: issueI5NT1X
1686 */
1687 HWTEST_F(AccessTokenKitExtensionTest, UnRegisterPermStateChangeCallback001, TestSize.Level1)
1688 {
1689 PermStateChangeScope scopeInfo;
1690 scopeInfo.permList = {};
1691 scopeInfo.tokenIDs = {};
1692 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1693 callbackPtr->ready_ = false;
1694
1695 int32_t res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1696 ASSERT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res);
1697 }
1698
1699 /**
1700 * @tc.name: UnRegisterPermStateChangeCallback002
1701 * @tc.desc: UnRegisterPermStateChangeCallback repeatedly.
1702 * @tc.type: FUNC
1703 * @tc.require: issueI5NT1X
1704 */
1705 HWTEST_F(AccessTokenKitExtensionTest, UnRegisterPermStateChangeCallback002, TestSize.Level1)
1706 {
1707 PermStateChangeScope scopeInfo;
1708 scopeInfo.permList = {};
1709 scopeInfo.tokenIDs = {};
1710 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1711 callbackPtr->ready_ = false;
1712
1713 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1714 ASSERT_EQ(RET_SUCCESS, res);
1715 res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1716 ASSERT_EQ(AccessTokenError::ERR_CALLBACK_ALREADY_EXIST, res);
1717 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1718 ASSERT_EQ(RET_SUCCESS, res);
1719 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1720 ASSERT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res);
1721 }
1722
1723 /**
1724 * @tc.name: UnRegisterPermStateChangeCallback003
1725 * @tc.desc: UnRegisterPermStateChangeCallback caller is normal app.
1726 * @tc.type: FUNC
1727 * @tc.require: issueI66BH3
1728 */
1729 HWTEST_F(AccessTokenKitExtensionTest, UnRegisterPermStateChangeCallback003, TestSize.Level0)
1730 {
1731 PermStateChangeScope scopeInfo;
1732 scopeInfo.permList = {};
1733 scopeInfo.tokenIDs = {};
1734 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1735 callbackPtr->ready_ = false;
1736
1737 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1738 ASSERT_EQ(RET_SUCCESS, res);
1739
1740 AccessTokenIDEx tokenIdEx = {0};
1741 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestNormalInfoParms, g_infoManagerTestPolicyPrams);
1742 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1743 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
1744
1745 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1746 ASSERT_EQ(ERR_NOT_SYSTEM_APP, res);
1747
1748 EXPECT_EQ(0, SetSelfTokenID(selfTokenId_));
1749 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
1750 ASSERT_EQ(RET_SUCCESS, res);
1751 }
1752
1753 /**
1754 * @tc.name: GetVersion001
1755 * @tc.desc: GetVersion caller is normal app.
1756 * @tc.type: FUNC
1757 * @tc.require: issueI5NT1X
1758 */
1759 HWTEST_F(AccessTokenKitExtensionTest, GetVersion001, TestSize.Level1)
1760 {
1761 AccessTokenIDEx tokenIdEx = {0};
1762 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestNormalInfoParms, g_infoManagerTestPolicyPrams);
1763 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1764 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
1765
1766 uint32_t version;
1767 int32_t res = AccessTokenKit::GetVersion(version);
1768 ASSERT_EQ(ERR_NOT_SYSTEM_APP, res);
1769 }
1770
1771 /**
1772 * @tc.name: GetVersion002
1773 * @tc.desc: GetVersion caller is system app.
1774 * @tc.type: FUNC
1775 * @tc.require: issueI5NT1X
1776 */
1777 HWTEST_F(AccessTokenKitExtensionTest, GetVersion002, TestSize.Level1)
1778 {
1779 AccessTokenIDEx tokenIdEx = {0};
1780 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams);
1781 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1782 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
1783
1784 uint32_t version;
1785 int32_t res = AccessTokenKit::GetVersion(version);
1786 ASSERT_EQ(RET_SUCCESS, res);
1787 ASSERT_EQ(DEFAULT_TOKEN_VERSION, version);
1788 }
1789
1790 /**
1791 * @tc.name: PermStateChangeCallback001
1792 * @tc.desc: PermissionStateChangeCallback::PermStateChangeCallback function test.
1793 * @tc.type: FUNC
1794 * @tc.require: issueI61NS6
1795 */
1796 HWTEST_F(AccessTokenKitExtensionTest, PermStateChangeCallback001, TestSize.Level1)
1797 {
1798 PermStateChangeInfo result = {
1799 .permStateChangeType = 0,
1800 .tokenID = 123,
1801 .permissionName = "ohos.permission.CAMERA"
1802 };
1803
1804 std::shared_ptr<CbCustomizeTest> callbackPtr = nullptr;
1805 std::shared_ptr<PermissionStateChangeCallback> callback = std::make_shared<PermissionStateChangeCallback>(
1806 callbackPtr);
1807 ASSERT_NE(callback, nullptr);
1808
1809 callback->PermStateChangeCallback(result);
1810 ASSERT_EQ(callback->customizedCallback_, nullptr);
1811 }
1812
1813 class TestCallBack : public PermissionStateChangeCallbackStub {
1814 public:
1815 TestCallBack() = default;
1816 virtual ~TestCallBack() = default;
1817
PermStateChangeCallback(PermStateChangeInfo & result)1818 void PermStateChangeCallback(PermStateChangeInfo& result)
1819 {
1820 GTEST_LOG_(INFO) << "PermStateChangeCallback, tokenID is " << result.tokenID;
1821 }
1822 };
1823
1824 /**
1825 * @tc.name: OnRemoteRequest001
1826 * @tc.desc: StateChangeCallbackStub::OnRemoteRequest function test
1827 * @tc.type: FUNC
1828 * @tc.require: issueI61A6M
1829 */
1830 HWTEST_F(AccessTokenKitExtensionTest, OnRemoteRequest001, TestSize.Level1)
1831 {
1832 PermStateChangeInfo info = {
1833 .permStateChangeType = 0,
1834 .tokenID = 123,
1835 .permissionName = "ohos.permission.CAMERA"
1836 };
1837
1838 TestCallBack callback;
1839 PermissionStateChangeInfoParcel infoParcel;
1840 infoParcel.changeInfo = info;
1841
1842 OHOS::MessageParcel data;
1843 std::string descriptor = "I don't know";
1844 data.WriteInterfaceToken(OHOS::Str8ToStr16(descriptor));
1845 ASSERT_EQ(true, data.WriteParcelable(&infoParcel));
1846
1847 OHOS::MessageParcel reply;
1848 OHOS::MessageOption option(OHOS::MessageOption::TF_SYNC);
1849 ASSERT_NE(0,
1850 callback.OnRemoteRequest(static_cast<uint32_t>(AccesstokenStateChangeInterfaceCode::PERMISSION_STATE_CHANGE),
1851 data, reply, option)); // descriptor false
1852
1853 ASSERT_EQ(true, data.WriteInterfaceToken(IPermissionStateCallback::GetDescriptor()));
1854 ASSERT_EQ(true, data.WriteParcelable(&infoParcel));
1855 uint32_t code = 10;
1856 ASSERT_NE(0, callback.OnRemoteRequest(code, data, reply, option)); // descriptor true + msgCode false
1857 }
1858
1859 /**
1860 * @tc.name: CreatePermStateChangeCallback001
1861 * @tc.desc: AccessTokenManagerClient::CreatePermStateChangeCallback function test
1862 * @tc.type: FUNC
1863 * @tc.require: issueI61A6M
1864 */
1865 HWTEST_F(AccessTokenKitExtensionTest, CreatePermStateChangeCallback001, TestSize.Level1)
1866 {
1867 std::vector<std::shared_ptr<CbCustomizeTest>> callbackList;
1868
1869 uint32_t times = 201;
1870 for (uint32_t i = 0; i < times; i++) {
1871 PermStateChangeScope scopeInfo;
1872 scopeInfo.permList = {};
1873 scopeInfo.tokenIDs = {};
1874 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
1875 callbackList.emplace_back(callbackPtr);
1876 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
1877
1878 if (i == 200) {
1879 EXPECT_EQ(AccessTokenError::ERR_CALLBACKS_EXCEED_LIMITATION, res);
1880 break;
1881 }
1882 }
1883
1884 for (uint32_t i = 0; i < 200; i++) {
1885 ASSERT_EQ(0, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackList[i]));
1886 }
1887
1888 std::shared_ptr<PermStateChangeCallbackCustomize> customizedCb = nullptr;
1889 AccessTokenKit::RegisterPermStateChangeCallback(customizedCb); // customizedCb is null
1890 }
1891
1892 /**
1893 * @tc.name: InitProxy001
1894 * @tc.desc: AccessTokenManagerClient::InitProxy function test
1895 * @tc.type: FUNC
1896 * @tc.require: issueI61A6M
1897 */
1898 HWTEST_F(AccessTokenKitExtensionTest, InitProxy001, TestSize.Level1)
1899 {
1900 ASSERT_NE(nullptr, AccessTokenManagerClient::GetInstance().proxy_);
1901 OHOS::sptr<IAccessTokenManager> proxy = AccessTokenManagerClient::GetInstance().proxy_; // backup
1902 AccessTokenManagerClient::GetInstance().proxy_ = nullptr;
1903 ASSERT_EQ(nullptr, AccessTokenManagerClient::GetInstance().proxy_);
1904 AccessTokenManagerClient::GetInstance().InitProxy(); // proxy_ is null
1905 AccessTokenManagerClient::GetInstance().proxy_ = proxy; // recovery
1906 }
1907
1908 /**
1909 * @tc.name: AllocHapToken020
1910 * @tc.desc: AccessTokenKit::AllocHapToken function test
1911 * @tc.type: FUNC
1912 * @tc.require: issueI61A6M
1913 */
1914 HWTEST_F(AccessTokenKitExtensionTest, AllocHapToken020, TestSize.Level1)
1915 {
1916 HapInfoParams info;
1917 HapPolicyParams policy;
1918 info.userID = -1;
1919 AccessTokenKit::AllocHapToken(info, policy);
1920 ASSERT_EQ(-1, info.userID);
1921 }
1922
1923 /**
1924 * @tc.name: VerifyAccessToken005
1925 * @tc.desc: AccessTokenKit::VerifyAccessToken function test
1926 * @tc.type: FUNC
1927 * @tc.require: issueI61A6M
1928 */
1929 HWTEST_F(AccessTokenKitExtensionTest, VerifyAccessToken005, TestSize.Level1)
1930 {
1931 HapInfoParams info = {
1932 .userID = TEST_USER_ID,
1933 .bundleName = "accesstoken_test3",
1934 .instIndex = 0,
1935 .appIDDesc = "test3",
1936 .apiVersion = DEFAULT_API_VERSION
1937 };
1938
1939 HapPolicyParams policy = {
1940 .apl = APL_NORMAL,
1941 .domain = "test.domain3",
1942 .permList = {g_infoManagerTestPermDef3},
1943 .permStateList = {g_infoManagerTestState3}
1944 };
1945
1946 AccessTokenKit::AllocHapToken(info, policy);
1947 AccessTokenID callerTokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, "accesstoken_test3", 0);
1948 ASSERT_NE(INVALID_TOKENID, callerTokenID);
1949 AccessTokenID firstTokenID;
1950
1951 // ret = PERMISSION_GRANTED + firstTokenID = 0
1952 std::string permissionName = "ohos.permission.GET_BUNDLE_INFO";
1953 firstTokenID = 0;
1954 ASSERT_EQ(PermissionState::PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(
1955 callerTokenID, firstTokenID, permissionName, false));
1956
1957 firstTokenID = 1;
1958 // ret = PERMISSION_GRANTED + firstTokenID != 0
1959 ASSERT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(
1960 callerTokenID, firstTokenID, permissionName, false));
1961 AccessTokenKit::DeleteToken(callerTokenID);
1962
1963 callerTokenID = 0;
1964 // ret = PERMISSION_DENIED
1965 ASSERT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(
1966 callerTokenID, firstTokenID, permissionName, false));
1967 }
1968
1969 /**
1970 * @tc.name: IsSystemAppByFullTokenIDTest001
1971 * @tc.desc: check systemapp level by TokenIDEx after AllocHapToken function set isSystemApp true.
1972 * @tc.type: FUNC
1973 * @tc.require: issueI60F1M
1974 */
1975 HWTEST_F(AccessTokenKitExtensionTest, IsSystemAppByFullTokenIDTest001, TestSize.Level1)
1976 {
1977 AccessTokenIDEx tokenIdEx = {0};
1978 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams);
1979 AccessTokenIDEx tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0);
1980 ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
1981 bool res = TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx);
1982 ASSERT_EQ(true, res);
1983 UpdateHapInfoParams info;
1984 info.appIDDesc = g_infoManagerTestSystemInfoParms.appIDDesc;
1985 info.apiVersion = g_infoManagerTestSystemInfoParms.apiVersion;
1986 info.isSystemApp = false;
1987 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams));
1988 tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0);
1989 ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
1990 res = TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx);
1991 ASSERT_EQ(false, res);
1992 }
1993
1994 /**
1995 * @tc.name: IsSystemAppByFullTokenIDTest002
1996 * @tc.desc: check systemapp level by TokenIDEx after AllocHapToken function set isSystemApp false.
1997 * @tc.type: FUNC
1998 * @tc.require: issueI60F1M
1999 */
2000 HWTEST_F(AccessTokenKitExtensionTest, IsSystemAppByFullTokenIDTest002, TestSize.Level1)
2001 {
2002 AccessTokenIDEx tokenIdEx = {0};
2003 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestNormalInfoParms, g_infoManagerTestPolicyPrams);
2004 bool res = TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx);
2005 AccessTokenIDEx tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0);
2006 ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
2007 ASSERT_EQ(false, res);
2008 UpdateHapInfoParams info;
2009 info.appIDDesc = g_infoManagerTestNormalInfoParms.appIDDesc;
2010 info.apiVersion = g_infoManagerTestNormalInfoParms.apiVersion;
2011 info.isSystemApp = true;
2012 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams));
2013 tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0);
2014 ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
2015 res = TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx);
2016 ASSERT_EQ(true, res);
2017 }
2018
2019 /**
2020 * @tc.name: GetRenderTokenIDTest001
2021 * @tc.desc: TokenIdKit::GetRenderTokenID function test
2022 * @tc.type: FUNC
2023 * @tc.require: issueI7MOA1
2024 */
2025 HWTEST_F(AccessTokenKitExtensionTest, GetRenderTokenIDTest001, TestSize.Level1)
2026 {
2027 uint64_t validTokenID = GetSelfTokenID();
2028 uint64_t retTokenId = validTokenID;
2029
2030 retTokenId = TokenIdKit::GetRenderTokenID(validTokenID);
2031 ASSERT_NE(retTokenId, validTokenID);
2032 ASSERT_NE(retTokenId, INVALID_TOKENID);
2033 }
2034
2035 /**
2036 * @tc.name: GetRenderTokenIDTest002
2037 * @tc.desc: TokenIdKit::GetRenderTokenID function test
2038 * @tc.type: FUNC
2039 * @tc.require: issueI7MOA1
2040 */
2041 HWTEST_F(AccessTokenKitExtensionTest, GetRenderTokenIDTest002, TestSize.Level1)
2042 {
2043 uint64_t invalidTokenID = 0;
2044 uint64_t retTokenId = 1; /* 1, for testing purposes */
2045
2046 retTokenId = TokenIdKit::GetRenderTokenID(invalidTokenID);
2047 ASSERT_EQ(invalidTokenID, retTokenId);
2048 }
2049 #ifdef TOKEN_SYNC_ENABLE
2050 namespace {
2051 class TokenSyncCallbackStubTest : public TokenSyncCallbackStub {
2052 public:
2053 TokenSyncCallbackStubTest() = default;
2054 virtual ~TokenSyncCallbackStubTest() = default;
2055
GetRemoteHapTokenInfo(const std::string & deviceID,AccessTokenID tokenID)2056 int32_t GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) override
2057 {
2058 return 0;
2059 };
DeleteRemoteHapTokenInfo(AccessTokenID tokenID)2060 int32_t DeleteRemoteHapTokenInfo(AccessTokenID tokenID) override
2061 {
2062 return 0;
2063 };
2064
UpdateRemoteHapTokenInfo(const HapTokenInfoForSync & tokenInfo)2065 int32_t UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) override
2066 {
2067 return 0;
2068 };
2069 };
2070
2071 static const int32_t FAKE_SYNC_RET = 0xabcdef;
2072 class TokenSyncCallbackImpl : public TokenSyncKitInterface {
2073 public:
~TokenSyncCallbackImpl()2074 ~TokenSyncCallbackImpl()
2075 {}
2076
GetRemoteHapTokenInfo(const std::string & deviceID,AccessTokenID tokenID) const2077 int32_t GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) const override
2078 {
2079 ACCESSTOKEN_LOG_INFO(LABEL, "GetRemoteHapTokenInfo called.");
2080 return FAKE_SYNC_RET;
2081 };
2082
DeleteRemoteHapTokenInfo(AccessTokenID tokenID) const2083 int32_t DeleteRemoteHapTokenInfo(AccessTokenID tokenID) const override
2084 {
2085 ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteHapTokenInfo called.");
2086 return FAKE_SYNC_RET;
2087 };
2088
UpdateRemoteHapTokenInfo(const HapTokenInfoForSync & tokenInfo) const2089 int32_t UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) const override
2090 {
2091 ACCESSTOKEN_LOG_INFO(LABEL, "UpdateRemoteHapTokenInfo called.");
2092 return FAKE_SYNC_RET;
2093 };
2094 };
2095 };
2096
2097 /**
2098 * @tc.name: TokenSyncCallbackStubTest001
2099 * @tc.desc: TokenSyncCallbackStub OnRemoteRequest deny test
2100 * @tc.type: FUNC
2101 * @tc.require:
2102 */
2103 HWTEST_F(AccessTokenKitExtensionTest, TokenSyncCallbackStubTest001, TestSize.Level1)
2104 {
2105 TokenSyncCallbackStubTest callback;
2106
2107 OHOS::MessageParcel data;
2108 std::string descriptor = "I don't know";
2109 data.WriteInterfaceToken(OHOS::Str8ToStr16(descriptor));
2110
2111 OHOS::MessageParcel reply;
2112 OHOS::MessageOption option(OHOS::MessageOption::TF_SYNC);
2113 EXPECT_EQ(ERROR_IPC_REQUEST_FAIL,
2114 callback.OnRemoteRequest(static_cast<uint32_t>(TokenSyncCallbackInterfaceCode::GET_REMOTE_HAP_TOKEN_INFO),
2115 data, reply, option)); // descriptor false
2116 }
2117
2118 /**
2119 * @tc.name: TokenSyncCallbackStubTest002
2120 * @tc.desc: TokenSyncCallbackStub OnRemoteRequest err code
2121 * @tc.type: FUNC
2122 * @tc.require:
2123 */
2124 HWTEST_F(AccessTokenKitExtensionTest, TokenSyncCallbackStubTest002, TestSize.Level1)
2125 {
2126 TokenSyncCallbackStubTest callback;
2127 OHOS::MessageParcel data;
2128 data.WriteInterfaceToken(ITokenSyncCallback::GetDescriptor());
2129
2130 OHOS::MessageParcel reply;
2131 OHOS::MessageOption option(OHOS::MessageOption::TF_SYNC);
2132 EXPECT_NE(0, callback.OnRemoteRequest(static_cast<uint32_t>(0xff), // code false
2133 data, reply, option));
2134 }
2135
2136 /**
2137 * @tc.name: TokenSyncCallbackStubTest003
2138 * @tc.desc: TokenSyncCallbackStub OnRemoteRequest deny call
2139 * @tc.type: FUNC
2140 * @tc.require:
2141 */
2142 HWTEST_F(AccessTokenKitExtensionTest, TokenSyncCallbackStubTest003, TestSize.Level1)
2143 {
2144 TokenSyncCallbackStubTest callback;
2145 OHOS::MessageParcel data;
2146 data.WriteInterfaceToken(ITokenSyncCallback::GetDescriptor());
2147
2148 OHOS::MessageParcel reply;
2149 OHOS::MessageOption option(OHOS::MessageOption::TF_SYNC);
2150 EXPECT_EQ(0, callback.OnRemoteRequest(
2151 static_cast<uint32_t>(TokenSyncCallbackInterfaceCode::GET_REMOTE_HAP_TOKEN_INFO),
2152 data, reply, option));
2153 EXPECT_EQ(ERR_IDENTITY_CHECK_FAILED, reply.ReadInt32());
2154
2155 data.WriteInterfaceToken(ITokenSyncCallback::GetDescriptor());
2156 EXPECT_EQ(0, callback.OnRemoteRequest(
2157 static_cast<uint32_t>(TokenSyncCallbackInterfaceCode::DELETE_REMOTE_HAP_TOKEN_INFO),
2158 data, reply, option));
2159 EXPECT_EQ(ERR_IDENTITY_CHECK_FAILED, reply.ReadInt32());
2160
2161 data.WriteInterfaceToken(ITokenSyncCallback::GetDescriptor());
2162 EXPECT_EQ(0, callback.OnRemoteRequest(
2163 static_cast<uint32_t>(TokenSyncCallbackInterfaceCode::UPDATE_REMOTE_HAP_TOKEN_INFO),
2164 data, reply, option));
2165 EXPECT_EQ(ERR_IDENTITY_CHECK_FAILED, reply.ReadInt32());
2166 }
2167
2168 /**
2169 * @tc.name: TokenSyncCallbackStubTest004
2170 * @tc.desc: TokenSyncCallbackStub OnRemoteRequest normal call
2171 * @tc.type: FUNC
2172 * @tc.require:
2173 */
2174 HWTEST_F(AccessTokenKitExtensionTest, TokenSyncCallbackStubTest004, TestSize.Level1)
2175 {
2176 setuid(3020); // ACCESSTOKEN_UID
2177
2178 TokenSyncCallbackStubTest callback;
2179 OHOS::MessageParcel data;
2180 OHOS::MessageParcel reply;
2181 OHOS::MessageOption option(OHOS::MessageOption::TF_SYNC);
2182
2183 data.WriteInterfaceToken(ITokenSyncCallback::GetDescriptor());
2184 data.WriteString("test deviceID"); // test deviceID
2185 data.WriteUint32(0); // test tokenid
2186 EXPECT_EQ(0, callback.OnRemoteRequest(
2187 static_cast<uint32_t>(TokenSyncCallbackInterfaceCode::GET_REMOTE_HAP_TOKEN_INFO),
2188 data, reply, option));
2189 EXPECT_EQ(0, reply.ReadInt32());
2190
2191 data.WriteInterfaceToken(ITokenSyncCallback::GetDescriptor());
2192 data.WriteUint32(0); // test tokenid
2193 EXPECT_EQ(0, callback.OnRemoteRequest(
2194 static_cast<uint32_t>(TokenSyncCallbackInterfaceCode::DELETE_REMOTE_HAP_TOKEN_INFO),
2195 data, reply, option));
2196 EXPECT_EQ(0, reply.ReadInt32());
2197
2198 data.WriteInterfaceToken(ITokenSyncCallback::GetDescriptor());
2199 HapTokenInfoForSync info;
2200 HapTokenInfoForSyncParcel tokenInfoParcel;
2201 tokenInfoParcel.hapTokenInfoForSyncParams = info;
2202 data.WriteParcelable(&tokenInfoParcel);
2203 EXPECT_EQ(0, callback.OnRemoteRequest(
2204 static_cast<uint32_t>(TokenSyncCallbackInterfaceCode::UPDATE_REMOTE_HAP_TOKEN_INFO),
2205 data, reply, option));
2206 EXPECT_EQ(0, reply.ReadInt32());
2207 setuid(0); // root uid
2208 }
2209
2210 /**
2211 * @tc.name: TokenSyncCallbackTest001
2212 * @tc.desc: TokenSyncCallback inner call
2213 * @tc.type: FUNC
2214 * @tc.require:
2215 */
2216 HWTEST_F(AccessTokenKitExtensionTest, TokenSyncCallbackTest001, TestSize.Level1)
2217 {
2218 TokenSyncCallback callback(nullptr);
2219 EXPECT_EQ(nullptr, callback.tokenSyncCallback_); // test input
2220
2221 std::shared_ptr<TokenSyncKitInterface> ptr = std::make_shared<TokenSyncCallbackImpl>();
2222 std::shared_ptr<TokenSyncCallback> callbackImpl = std::make_shared<TokenSyncCallback>(ptr);
2223 EXPECT_NE(nullptr, callbackImpl->tokenSyncCallback_);
2224 EXPECT_EQ(FAKE_SYNC_RET, callbackImpl->GetRemoteHapTokenInfo("test", 0)); // test input
2225 EXPECT_EQ(FAKE_SYNC_RET, callbackImpl->DeleteRemoteHapTokenInfo(0)); // test input
2226 HapTokenInfoForSync info;
2227 EXPECT_EQ(FAKE_SYNC_RET, callbackImpl->UpdateRemoteHapTokenInfo(info)); // test input
2228 }
2229 #endif // TOKEN_SYNC_ENABLE
2230
2231 /**
2232 * @tc.name: GetPermissionManagerInfo001
2233 * @tc.desc:
2234 * @tc.type: FUNC
2235 * @tc.require:
2236 */
2237 HWTEST_F(AccessTokenKitExtensionTest, GetPermissionManagerInfo001, TestSize.Level1)
2238 {
2239 PermissionGrantInfo info;
2240 AccessTokenKit::GetPermissionManagerInfo(info);
2241 ASSERT_EQ(false, info.grantBundleName.empty());
2242 }
2243
2244 } // namespace AccessToken
2245 } // namespace Security
2246 } // namespace OHOS
2247