1 /*
2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "accesstoken_kit_test.h"
17 #include <thread>
18
19 #include "access_token_error.h"
20 #include "accesstoken_log.h"
21 #include "i_accesstoken_manager.h"
22 #include "native_token_info_for_sync_parcel.h"
23 #include "nativetoken_kit.h"
24 #include "permission_grant_info.h"
25 #include "permission_state_change_info_parcel.h"
26 #include "string_ex.h"
27 #include "token_setproc.h"
28 #define private public
29 #include "accesstoken_manager_client.h"
30 #undef private
31
32 using namespace testing::ext;
33
34 namespace OHOS {
35 namespace Security {
36 namespace AccessToken {
37 namespace {
38 static const int INVALID_DLP_TOKEN_FLAG = -1;
39 static constexpr int32_t DEFAULT_API_VERSION = 8;
40 static const int32_t INDEX_ZERO = 0;
41 static const int32_t INDEX_ONE = 1;
42 static const int32_t INDEX_TWO = 2;
43 static const int32_t INDEX_THREE = 3;
44 static const int32_t INDEX_FOUR = 4;
45
46 PermissionDef g_infoManagerTestPermDef1 = {
47 .permissionName = "ohos.permission.test1",
48 .bundleName = "accesstoken_test",
49 .grantMode = 1,
50 .availableLevel = APL_NORMAL,
51 .label = "label3",
52 .labelId = 1,
53 .description = "open the door",
54 .descriptionId = 1,
55 .availableType = MDM
56 };
57
58 PermissionDef g_infoManagerTestPermDef2 = {
59 .permissionName = "ohos.permission.test2",
60 .bundleName = "accesstoken_test",
61 .grantMode = 1,
62 .availableLevel = APL_NORMAL,
63 .label = "label3",
64 .labelId = 1,
65 .description = "break the door",
66 .descriptionId = 1,
67 };
68
69 PermissionStateFull g_infoManagerTestState1 = {
70 .permissionName = "ohos.permission.test1",
71 .isGeneral = true,
72 .resDeviceID = {"local3"},
73 .grantStatus = {PermissionState::PERMISSION_GRANTED},
74 .grantFlags = {1}
75 };
76
77 PermissionStateFull g_infoManagerTestState2 = {
78 .permissionName = "ohos.permission.test2",
79 .isGeneral = false,
80 .resDeviceID = {"device 1", "device 2"},
81 .grantStatus = {PermissionState::PERMISSION_GRANTED, PermissionState::PERMISSION_GRANTED},
82 .grantFlags = {1, 2}
83 };
84
85 HapInfoParams g_infoManagerTestInfoParms = {
86 .userID = 1,
87 .bundleName = "accesstoken_test",
88 .instIndex = 0,
89 .appIDDesc = "test3",
90 .apiVersion = DEFAULT_API_VERSION,
91 .appDistributionType = "enterprise_mdm"
92 };
93
94 HapPolicyParams g_infoManagerTestPolicyPrams = {
95 .apl = APL_NORMAL,
96 .domain = "test.domain3",
97 .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2},
98 .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2}
99 };
100
101 HapInfoParams g_infoManagerTestInfoParmsBak = g_infoManagerTestInfoParms;
102 HapPolicyParams g_infoManagerTestPolicyPramsBak = g_infoManagerTestPolicyPrams;
103
104 HapInfoParams g_infoManagerTestNormalInfoParms = {
105 .userID = 1,
106 .bundleName = "accesstoken_test",
107 .instIndex = 0,
108 .appIDDesc = "test3",
109 .apiVersion = DEFAULT_API_VERSION,
110 .isSystemApp = false
111 };
112
113 HapInfoParams g_infoManagerTestSystemInfoParms = {
114 .userID = 1,
115 .bundleName = "accesstoken_test",
116 .instIndex = 0,
117 .appIDDesc = "test3",
118 .apiVersion = DEFAULT_API_VERSION,
119 .isSystemApp = true
120 };
121 }
GetNativeTokenTest(const char * processName,const char ** perms,int32_t permNum)122 uint64_t GetNativeTokenTest(const char *processName, const char **perms, int32_t permNum)
123 {
124 uint64_t tokenId;
125 NativeTokenInfoParams infoInstance = {
126 .dcapsNum = 0,
127 .permsNum = permNum,
128 .aclsNum = 0,
129 .dcaps = nullptr,
130 .perms = perms,
131 .acls = nullptr,
132 .aplStr = "system_core",
133 .processName = processName,
134 };
135
136 tokenId = GetAccessTokenId(&infoInstance);
137 AccessTokenKit::ReloadNativeTokenInfo();
138 return tokenId;
139 }
140
NativeTokenGet()141 void NativeTokenGet()
142 {
143 uint64_t tokenID;
144 const char **perms = new const char *[5]; // 5: array size
145 perms[INDEX_ZERO] = "ohos.permission.DISTRIBUTED_DATASYNC";
146 perms[INDEX_ONE] = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS";
147 perms[INDEX_TWO] = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS";
148 perms[INDEX_THREE] = "ohos.permission.GET_SENSITIVE_PERMISSIONS";
149 perms[INDEX_FOUR] = "ohos.permission.DISABLE_PERMISSION_DIALOG";
150
151 tokenID = GetNativeTokenTest("TestCase", perms, 5); // 5: array size
152 EXPECT_EQ(0, SetSelfTokenID(tokenID));
153 delete[] perms;
154 }
155
SetUpTestCase()156 void AccessTokenKitTest::SetUpTestCase()
157 {
158 setuid(0);
159 // make test case clean
160 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
161 g_infoManagerTestInfoParms.bundleName,
162 g_infoManagerTestInfoParms.instIndex);
163 AccessTokenKit::DeleteToken(tokenID);
164
165 tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestNormalInfoParms.userID,
166 g_infoManagerTestNormalInfoParms.bundleName,
167 g_infoManagerTestNormalInfoParms.instIndex);
168 AccessTokenKit::DeleteToken(tokenID);
169
170 tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestSystemInfoParms.userID,
171 g_infoManagerTestSystemInfoParms.bundleName,
172 g_infoManagerTestSystemInfoParms.instIndex);
173 AccessTokenKit::DeleteToken(tokenID);
174
175 tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
176 AccessTokenKit::DeleteToken(tokenID);
177
178 NativeTokenGet();
179 }
180
TearDownTestCase()181 void AccessTokenKitTest::TearDownTestCase()
182 {
183 }
184
TestPreparePermStateList(HapPolicyParams & policy)185 void TestPreparePermStateList(HapPolicyParams &policy)
186 {
187 PermissionStateFull permStatAlpha = {
188 .permissionName = TEST_PERMISSION_NAME_ALPHA,
189 .isGeneral = true,
190 .resDeviceID = {"device3"},
191 .grantStatus = {PermissionState::PERMISSION_DENIED},
192 .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
193 };
194 PermissionStateFull permStatBeta = {
195 .permissionName = TEST_PERMISSION_NAME_BETA,
196 .isGeneral = true,
197 .resDeviceID = {"device3"},
198 .grantStatus = {PermissionState::PERMISSION_GRANTED},
199 .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED}
200 };
201
202 policy.permStateList.emplace_back(permStatAlpha);
203 policy.permStateList.emplace_back(permStatBeta);
204 }
205
TestPreparePermDefList(HapPolicyParams & policy)206 void TestPreparePermDefList(HapPolicyParams &policy)
207 {
208 PermissionDef permissionDefBeta;
209 permissionDefBeta.permissionName = TEST_PERMISSION_NAME_BETA;
210 permissionDefBeta.bundleName = TEST_BUNDLE_NAME;
211 permissionDefBeta.grantMode = GrantMode::SYSTEM_GRANT;
212 permissionDefBeta.availableLevel = APL_NORMAL;
213 permissionDefBeta.provisionEnable = false;
214 permissionDefBeta.distributedSceneEnable = false;
215
216 PermissionDef permissionDefAlpha;
217 permissionDefAlpha.permissionName = TEST_PERMISSION_NAME_ALPHA;
218 permissionDefAlpha.bundleName = TEST_BUNDLE_NAME;
219 permissionDefAlpha.grantMode = GrantMode::USER_GRANT;
220 permissionDefAlpha.availableLevel = APL_NORMAL;
221 permissionDefAlpha.provisionEnable = false;
222 permissionDefAlpha.distributedSceneEnable = false;
223
224 policy.permList.emplace_back(permissionDefBeta);
225 policy.permList.emplace_back(permissionDefAlpha);
226 }
227
SetUp()228 void AccessTokenKitTest::SetUp()
229 {
230 selfTokenId_ = GetSelfTokenID();
231 g_infoManagerTestPolicyPrams = g_infoManagerTestPolicyPramsBak;
232 g_infoManagerTestInfoParms = g_infoManagerTestInfoParmsBak;
233 HapInfoParams info = {
234 .userID = TEST_USER_ID,
235 .bundleName = TEST_BUNDLE_NAME,
236 .instIndex = 0,
237 .appIDDesc = "appIDDesc",
238 .apiVersion = DEFAULT_API_VERSION
239 };
240
241 HapPolicyParams policy = {
242 .apl = APL_NORMAL,
243 .domain = "domain"
244 };
245 TestPreparePermDefList(policy);
246 TestPreparePermStateList(policy);
247
248 AccessTokenKit::AllocHapToken(info, policy);
249 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
250 g_infoManagerTestInfoParms.bundleName,
251 g_infoManagerTestInfoParms.instIndex);
252 AccessTokenKit::DeleteToken(tokenID);
253 }
254
TearDown()255 void AccessTokenKitTest::TearDown()
256 {
257 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
258 AccessTokenKit::DeleteToken(tokenID);
259 tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestNormalInfoParms.userID,
260 g_infoManagerTestNormalInfoParms.bundleName,
261 g_infoManagerTestNormalInfoParms.instIndex);
262 AccessTokenKit::DeleteToken(tokenID);
263
264 tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestSystemInfoParms.userID,
265 g_infoManagerTestSystemInfoParms.bundleName,
266 g_infoManagerTestSystemInfoParms.instIndex);
267 AccessTokenKit::DeleteToken(tokenID);
268 EXPECT_EQ(0, SetSelfTokenID(selfTokenId_));
269
270 DeleteTestToken();
271 }
272
GetAccessTokenID(int userID,std::string bundleName,int instIndex)273 unsigned int AccessTokenKitTest::GetAccessTokenID(int userID, std::string bundleName, int instIndex)
274 {
275 return AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex);
276 }
277
DeleteTestToken() const278 void AccessTokenKitTest::DeleteTestToken() const
279 {
280 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
281 g_infoManagerTestInfoParms.bundleName,
282 g_infoManagerTestInfoParms.instIndex);
283 int ret = AccessTokenKit::DeleteToken(tokenID);
284 if (tokenID != 0) {
285 ASSERT_EQ(RET_SUCCESS, ret);
286 }
287 }
288
AllocTestToken(const HapInfoParams & hapInfo,const HapPolicyParams & hapPolicy) const289 AccessTokenID AccessTokenKitTest::AllocTestToken(
290 const HapInfoParams& hapInfo, const HapPolicyParams& hapPolicy) const
291 {
292 AccessTokenIDEx tokenIdEx = {0};
293 tokenIdEx = AccessTokenKit::AllocHapToken(hapInfo, hapPolicy);
294 return tokenIdEx.tokenIdExStruct.tokenID;
295 }
296
297 /**
298 * @tc.name: GetUserGrantedPermissionUsedType001
299 * @tc.desc: Get hap permission visit type return invalid.
300 * @tc.type: FUNC
301 * @tc.require:
302 */
303 HWTEST_F(AccessTokenKitTest, GetUserGrantedPermissionUsedType001, TestSize.Level1)
304 {
305 std::string accessBluetooth = "ohos.permission.ACCESS_BLUETOOTH";
306
307 EXPECT_EQ(PermUsedTypeEnum::INVALID_USED_TYPE,
308 AccessTokenKit::GetUserGrantedPermissionUsedType(selfTokenId_, accessBluetooth));
309 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
310
311 EXPECT_EQ(PermUsedTypeEnum::INVALID_USED_TYPE,
312 AccessTokenKit::GetUserGrantedPermissionUsedType(0, accessBluetooth));
313
314 EXPECT_EQ(PermUsedTypeEnum::INVALID_USED_TYPE,
315 AccessTokenKit::GetUserGrantedPermissionUsedType(tokenID, "ohos.permission.ACCELEROMETER"));
316
317 EXPECT_EQ(PermUsedTypeEnum::INVALID_USED_TYPE,
318 AccessTokenKit::GetUserGrantedPermissionUsedType(tokenID, "ohos.permission.xxxxx"));
319
320 EXPECT_EQ(PermUsedTypeEnum::INVALID_USED_TYPE,
321 AccessTokenKit::GetUserGrantedPermissionUsedType(tokenID, accessBluetooth));
322 }
323
324 /**
325 * @tc.name: GetUserGrantedPermissionUsedType002
326 * @tc.desc: Different grant permission modes get different visit type.
327 * @tc.type: FUNC
328 * @tc.require:
329 */
330 HWTEST_F(AccessTokenKitTest, GetUserGrantedPermissionUsedType002, TestSize.Level1)
331 {
332 std::string accessBluetooth = "ohos.permission.ACCESS_BLUETOOTH";
333 std::string sendMessages = "ohos.permission.SEND_MESSAGES";
334 std::string writeCalendar = "ohos.permission.WRITE_CALENDAR";
335 PermissionStateFull testState1 = {
336 .permissionName = accessBluetooth,
337 .isGeneral = true,
338 .resDeviceID = {"local3"},
339 .grantStatus = {PermissionState::PERMISSION_GRANTED},
340 .grantFlags = {PermissionFlag::PERMISSION_COMPONENT_SET}
341 };
342 PermissionStateFull testState2 = {
343 .permissionName = sendMessages,
344 .isGeneral = true,
345 .resDeviceID = {"local3"},
346 .grantStatus = {PermissionState::PERMISSION_GRANTED},
347 .grantFlags = {1}
348 };
349 PermissionStateFull testState3 = {
350 .permissionName = writeCalendar,
351 .isGeneral = false,
352 .resDeviceID = {"local3"},
353 .grantStatus = {PermissionState::PERMISSION_GRANTED},
354 .grantFlags = {1}
355 };
356 HapPolicyParams testPolicyPrams = {
357 .apl = APL_NORMAL,
358 .domain = "test.domain3",
359 .permStateList = {testState1, testState2, testState3}
360 };
361 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, testPolicyPrams);
362
363 EXPECT_EQ(PermUsedTypeEnum::SEC_COMPONENT_TYPE,
364 AccessTokenKit::GetUserGrantedPermissionUsedType(tokenID, accessBluetooth));
365
366 EXPECT_EQ(PermUsedTypeEnum::NORMAL_TYPE, AccessTokenKit::GetUserGrantedPermissionUsedType(tokenID, sendMessages));
367
368 EXPECT_EQ(PermUsedTypeEnum::INVALID_USED_TYPE,
369 AccessTokenKit::GetUserGrantedPermissionUsedType(tokenID, writeCalendar));
370 int32_t selfUid = getuid();
371 EXPECT_EQ(0, SetSelfTokenID(tokenID));
372 setuid(1);
373 EXPECT_EQ(PermUsedTypeEnum::INVALID_USED_TYPE,
374 AccessTokenKit::GetUserGrantedPermissionUsedType(tokenID, writeCalendar));
375 setuid(selfUid);
376 ASSERT_EQ(0, SetSelfTokenID(selfTokenId_));
377 }
378
379 /**
380 * @tc.name: GetUserGrantedPermissionUsedType003
381 * @tc.desc: Get security component visit type.
382 * @tc.type: FUNC
383 * @tc.require:
384 */
385 HWTEST_F(AccessTokenKitTest, GetUserGrantedPermissionUsedType003, TestSize.Level1)
386 {
387 std::string distributedDatasync = "ohos.permission.DISTRIBUTED_DATASYNC";
388 PermissionStateFull testState1 = {
389 .permissionName = distributedDatasync,
390 .isGeneral = true,
391 .resDeviceID = {"local5"},
392 .grantStatus = {PermissionState::PERMISSION_DENIED},
393 .grantFlags = {0},
394 };
395 HapPolicyParams testPolicyPrams = {
396 .apl = APL_NORMAL,
397 .domain = "test.domain5",
398 .permList = {},
399 .permStateList = {testState1}
400 };
401 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, testPolicyPrams);
402
403 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GrantPermission(tokenID, distributedDatasync, PERMISSION_COMPONENT_SET));
404 EXPECT_EQ(PermUsedTypeEnum::SEC_COMPONENT_TYPE,
405 AccessTokenKit::GetUserGrantedPermissionUsedType(tokenID, distributedDatasync));
406 }
407
408 /**
409 * @tc.name: GetDefPermission001
410 * @tc.desc: Get permission definition info after AllocHapToken function has been invoked.
411 * @tc.type: FUNC
412 * @tc.require: Issue Number
413 */
414 HWTEST_F(AccessTokenKitTest, GetDefPermission001, TestSize.Level1)
415 {
416 PermissionDef permDefResultAlpha;
417 int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha);
418 ASSERT_EQ(RET_SUCCESS, ret);
419 ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName);
420
421 PermissionDef permDefResultBeta;
422 ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_BETA, permDefResultBeta);
423 ASSERT_EQ(RET_SUCCESS, ret);
424 ASSERT_EQ(TEST_PERMISSION_NAME_BETA, permDefResultBeta.permissionName);
425 }
426
427 /**
428 * @tc.name: GetDefPermission002
429 * @tc.desc: Get permission definition info that permission is invalid.
430 * @tc.type: FUNC
431 * @tc.require: Issue Number
432 */
433 HWTEST_F(AccessTokenKitTest, GetDefPermission002, TestSize.Level1)
434 {
435 PermissionDef permDefResult;
436 int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_GAMMA, permDefResult);
437 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
438
439 ret = AccessTokenKit::GetDefPermission("", permDefResult);
440 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
441
442 std::string invalidPerm(INVALID_PERMNAME_LEN, 'a');
443 ret = AccessTokenKit::GetDefPermission(invalidPerm, permDefResult);
444 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
445 }
446
447 /**
448 * @tc.name: GetDefPermission003
449 * @tc.desc: GetDefPermission is invoked multiple times.
450 * @tc.type: FUNC
451 * @tc.require: Issue Number
452 */
453 HWTEST_F(AccessTokenKitTest, GetDefPermission003, TestSize.Level0)
454 {
455 for (int j = 0; j < CYCLE_TIMES; j++) {
456 PermissionDef permDefResultAlpha;
457 int32_t ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha);
458 ASSERT_EQ(RET_SUCCESS, ret);
459 ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName);
460 }
461 }
462
463 /**
464 * @tc.name: GetDefPermissions001
465 * @tc.desc: Get permission definition info list after AllocHapToken function has been invoked.
466 * @tc.type: FUNC
467 * @tc.require: Issue Number
468 */
469 HWTEST_F(AccessTokenKitTest, GetDefPermissions001, TestSize.Level1)
470 {
471 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
472 ASSERT_NE(INVALID_TOKENID, tokenID);
473 std::vector<PermissionDef> permDefList;
474 int ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList);
475 ASSERT_EQ(RET_SUCCESS, ret);
476 ASSERT_EQ(static_cast<uint32_t>(2), permDefList.size());
477 }
478
479 /**
480 * @tc.name: GetDefPermissions002
481 * @tc.desc: Get permission definition info list after clear permission definition list
482 * @tc.type: FUNC
483 * @tc.require: Issue Number
484 */
485 HWTEST_F(AccessTokenKitTest, GetDefPermissions002, TestSize.Level1)
486 {
487 HapPolicyParams testPolicyPrams = g_infoManagerTestPolicyPrams;
488 testPolicyPrams.permList.clear();
489 AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, testPolicyPrams);
490
491 AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
492 g_infoManagerTestInfoParms.bundleName,
493 g_infoManagerTestInfoParms.instIndex);
494 ASSERT_NE(INVALID_TOKENID, tokenID);
495
496 std::vector<PermissionDef> permDefList;
497 int ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList);
498 ASSERT_EQ(RET_SUCCESS, ret);
499 ASSERT_EQ(static_cast<uint32_t>(0), permDefList.size());
500
501 AccessTokenKit::DeleteToken(tokenID);
502 }
503
504 /**
505 * @tc.name: GetDefPermissions003
506 * @tc.desc: Get permission definition info list that tokenID is invalid.
507 * @tc.type: FUNC
508 * @tc.require: Issue Number
509 */
510 HWTEST_F(AccessTokenKitTest, GetDefPermissions003, TestSize.Level1)
511 {
512 AccessTokenID tokenId = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
513 ASSERT_NE(INVALID_TOKENID, tokenId);
514 AccessTokenKit::DeleteToken(tokenId);
515
516 std::vector<PermissionDef> permDefList;
517 int ret = AccessTokenKit::GetDefPermissions(TEST_TOKENID_INVALID, permDefList);
518 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
519
520 std::vector<PermissionDef> permDefListRes;
521 ret = AccessTokenKit::GetDefPermissions(tokenId, permDefListRes);
522 ASSERT_EQ(ERR_TOKENID_NOT_EXIST, ret);
523 ASSERT_EQ(static_cast<uint32_t>(0), permDefListRes.size());
524 }
525
526 /**
527 * @tc.name: GetDefPermissions004
528 * @tc.desc: GetDefPermissions is invoked multiple times.
529 * @tc.type: FUNC
530 * @tc.require: Issue Number
531 */
532 HWTEST_F(AccessTokenKitTest, GetDefPermissions004, TestSize.Level0)
533 {
534 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
535 ASSERT_NE(INVALID_TOKENID, tokenID);
536 for (int i = 0; i < CYCLE_TIMES; i++) {
537 std::vector<PermissionDef> permDefList;
538 int32_t ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList);
539 ASSERT_EQ(RET_SUCCESS, ret);
540 ASSERT_EQ(static_cast<uint32_t>(2), permDefList.size());
541 }
542 }
543
544 /**
545 * @tc.name: GetReqPermissions001
546 * @tc.desc: Get user granted permission state info.
547 * @tc.type: FUNC
548 * @tc.require: Issue Number
549 */
550 HWTEST_F(AccessTokenKitTest, GetReqPermissions001, TestSize.Level1)
551 {
552 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
553 ASSERT_NE(INVALID_TOKENID, tokenID);
554 std::vector<PermissionStateFull> permStatList;
555 int res = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false);
556 ASSERT_EQ(RET_SUCCESS, res);
557 ASSERT_EQ(static_cast<uint32_t>(1), permStatList.size());
558 ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permStatList[0].permissionName);
559
560 res = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
561 ASSERT_EQ(res, permStatList[0].grantStatus[0]);
562 }
563
564 /**
565 * @tc.name: GetReqPermissions002
566 * @tc.desc: Get system granted permission state info.
567 * @tc.type: FUNC
568 * @tc.require: Issue Number
569 */
570 HWTEST_F(AccessTokenKitTest, GetReqPermissions002, TestSize.Level1)
571 {
572 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
573 ASSERT_NE(INVALID_TOKENID, tokenID);
574 std::vector<PermissionStateFull> permStatList;
575 int ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, true);
576 ASSERT_EQ(RET_SUCCESS, ret);
577 ASSERT_EQ(static_cast<uint32_t>(1), permStatList.size());
578 ASSERT_EQ(TEST_PERMISSION_NAME_BETA, permStatList[0].permissionName);
579
580 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA, false);
581 ASSERT_EQ(ret, permStatList[0].grantStatus[0]);
582 }
583
584 /**
585 * @tc.name: GetReqPermissions003
586 * @tc.desc: Get user granted permission state info after clear request permission list.
587 * @tc.type: FUNC
588 * @tc.require: Issue Number
589 */
590 HWTEST_F(AccessTokenKitTest, GetReqPermissions003, TestSize.Level1)
591 {
592 AccessTokenIDEx tokenIdEx = AccessTokenKit::GetHapTokenIDEx(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
593 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
594 ASSERT_NE(INVALID_TOKENID, tokenID);
595
596 HapTokenInfo hapInfo;
597 int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapInfo);
598 ASSERT_EQ(RET_SUCCESS, ret);
599
600 HapPolicyParams policy = {
601 .apl = hapInfo.apl,
602 .domain = "domain"
603 };
604 policy.permStateList.clear();
605 UpdateHapInfoParams info;
606 info.appIDDesc = hapInfo.appID;
607 info.apiVersion = DEFAULT_API_VERSION;
608 info.isSystemApp = false;
609 ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, policy);
610 ASSERT_EQ(RET_SUCCESS, ret);
611
612 std::vector<PermissionStateFull> permStatUserList;
613 ret = AccessTokenKit::GetReqPermissions(tokenID, permStatUserList, false);
614 ASSERT_EQ(RET_SUCCESS, ret);
615 ASSERT_EQ(static_cast<uint32_t>(0), permStatUserList.size());
616
617 std::vector<PermissionStateFull> permStatSystemList;
618 ret = AccessTokenKit::GetReqPermissions(tokenID, permStatSystemList, true);
619 ASSERT_EQ(RET_SUCCESS, ret);
620 ASSERT_EQ(static_cast<uint32_t>(0), permStatSystemList.size());
621 }
622
623 /**
624 * @tc.name: GetReqPermissions004
625 * @tc.desc: Get permission state info list that tokenID is invalid.
626 * @tc.type: FUNC
627 * @tc.require: Issue Number
628 */
629 HWTEST_F(AccessTokenKitTest, GetReqPermissions004, TestSize.Level1)
630 {
631 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
632 ASSERT_NE(INVALID_TOKENID, tokenID);
633
634 std::vector<PermissionStateFull> permStatList;
635 int ret = AccessTokenKit::GetReqPermissions(TEST_TOKENID_INVALID, permStatList, false);
636 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
637
638 AccessTokenKit::DeleteToken(tokenID);
639
640 ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false);
641 ASSERT_EQ(ERR_TOKENID_NOT_EXIST, ret);
642 ASSERT_EQ(static_cast<uint32_t>(0), permStatList.size());
643 }
644
645 /**
646 * @tc.name: GetReqPermissions005
647 * @tc.desc: GetReqPermissions is invoked multiple times.
648 * @tc.type: FUNC
649 * @tc.require: Issue Number
650 */
651 HWTEST_F(AccessTokenKitTest, GetReqPermissions005, TestSize.Level0)
652 {
653 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
654 ASSERT_NE(INVALID_TOKENID, tokenID);
655 for (int i = 0; i < CYCLE_TIMES; i++) {
656 std::vector<PermissionStateFull> permStatList;
657 int32_t ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false);
658 ASSERT_EQ(RET_SUCCESS, ret);
659 ASSERT_EQ(static_cast<uint32_t>(1), permStatList.size());
660 ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permStatList[0].permissionName);
661 }
662 }
663
664 /**
665 * @tc.name: GetPermissionFlag001
666 * @tc.desc: Get permission flag after grant permission.
667 * @tc.type: FUNC
668 * @tc.require: Issue Number
669 */
670 HWTEST_F(AccessTokenKitTest, GetPermissionFlag001, TestSize.Level1)
671 {
672 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
673 ASSERT_NE(INVALID_TOKENID, tokenID);
674 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
675 ASSERT_EQ(RET_SUCCESS, ret);
676
677 uint32_t flag;
678 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
679 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
680 ASSERT_EQ(RET_SUCCESS, ret);
681 }
682
683 /**
684 * @tc.name: GetPermissionFlag002
685 * @tc.desc: Get permission flag that tokenID or permission is invalid.
686 * @tc.type: FUNC
687 * @tc.require: Issue Number
688 */
689 HWTEST_F(AccessTokenKitTest, GetPermissionFlag002, TestSize.Level1)
690 {
691 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
692 ASSERT_NE(INVALID_TOKENID, tokenID);
693
694 uint32_t flag;
695 int ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_GAMMA, flag);
696 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
697
698 ret = AccessTokenKit::GetPermissionFlag(tokenID, "", flag);
699 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
700
701 std::string invalidPerm(INVALID_PERMNAME_LEN, 'a');
702 ret = AccessTokenKit::GetPermissionFlag(tokenID, invalidPerm, flag);
703 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
704
705 ret = AccessTokenKit::GetPermissionFlag(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_ALPHA, flag);
706 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
707
708 AccessTokenKit::DeleteToken(tokenID);
709
710 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
711 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
712 }
713
714 /**
715 * @tc.name: GetPermissionFlag003
716 * @tc.desc: GetPermissionFlag is invoked multiple times.
717 * @tc.type: FUNC
718 * @tc.require: Issue Number
719 */
720 HWTEST_F(AccessTokenKitTest, GetPermissionFlag003, TestSize.Level0)
721 {
722 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
723 ASSERT_NE(INVALID_TOKENID, tokenID);
724 uint32_t flag;
725 for (int i = 0; i < CYCLE_TIMES; i++) {
726 int32_t ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
727 ASSERT_EQ(RET_SUCCESS, ret);
728
729 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
730 ASSERT_EQ(RET_SUCCESS, ret);
731 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
732 }
733 }
734
735 /**
736 * @tc.name: GetPermissionFlag004
737 * @tc.desc: GetPermissionFlag caller is normal app.
738 * @tc.type: FUNC
739 * @tc.require: issueI66BH3
740 */
741 HWTEST_F(AccessTokenKitTest, GetPermissionFlag004, TestSize.Level0)
742 {
743 AccessTokenIDEx tokenIdEx = {0};
744 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestNormalInfoParms, g_infoManagerTestPolicyPrams);
745 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
746 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
747
748 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
749
750 uint32_t flag;
751 int ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
752 ASSERT_EQ(ERR_NOT_SYSTEM_APP, ret);
753
754 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
755 }
756
757 /**
758 * @tc.name: GetPermissionFlag005
759 * @tc.desc: GetPermissionFlag caller is system app.
760 * @tc.type: FUNC
761 * @tc.require: issueI66BH3
762 */
763 HWTEST_F(AccessTokenKitTest, GetPermissionFlag005, TestSize.Level0)
764 {
765 AccessTokenIDEx tokenIdEx = {0};
766 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams);
767 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
768 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
769
770 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
771 ASSERT_NE(INVALID_TOKENID, tokenID);
772 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
773 ASSERT_EQ(RET_SUCCESS, ret);
774
775 uint32_t flag;
776 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
777 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
778 ASSERT_EQ(RET_SUCCESS, ret);
779
780 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
781 }
782
783 /**
784 * @tc.name: SetPermissionRequestToggleStatus001
785 * @tc.desc: Set permission request toggle status that userId, permission or status is invalid.
786 * @tc.type: FUNC
787 * @tc.require: Issue Number
788 */
789 HWTEST_F(AccessTokenKitTest, SetPermissionRequestToggleStatus001, TestSize.Level1)
790 {
791 int32_t userID = 100;
792 uint32_t status = PermissionRequestToggleStatus::CLOSED;
793
794 // Permission name is invalid.
795 int32_t ret = AccessTokenKit::SetPermissionRequestToggleStatus("", status, userID);
796 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
797
798 // Status is invalid.
799 status = 2;
800 ret = AccessTokenKit::SetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, status, userID);
801 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
802
803 // UserID is invalid.
804 userID = -1;
805 status = PermissionRequestToggleStatus::CLOSED;
806 ret = AccessTokenKit::SetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, status, userID);
807 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
808 }
809
810 /**
811 * @tc.name: SetPermissionRequestToggleStatus002
812 * @tc.desc: SetPermissionRequestToggleStatus caller is a normal app, not a system app.
813 * @tc.type: FUNC
814 * @tc.require: Issue Number
815 */
816 HWTEST_F(AccessTokenKitTest, SetPermissionRequestToggleStatus002, TestSize.Level0)
817 {
818 AccessTokenIDEx tokenIdEx = {0};
819 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestNormalInfoParms, g_infoManagerTestPolicyPrams);
820 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
821 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
822
823 uint32_t status = PermissionRequestToggleStatus::CLOSED;
824 int32_t ret = AccessTokenKit::SetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, status,
825 g_infoManagerTestNormalInfoParms.userID);
826 ASSERT_EQ(ERR_NOT_SYSTEM_APP, ret);
827 }
828
829 /**
830 * @tc.name: SetPermissionRequestToggleStatus003
831 * @tc.desc: SetPermissionRequestToggleStatus caller is a system app without related permissions.
832 * @tc.type: FUNC
833 * @tc.require: Issue Number
834 */
835 HWTEST_F(AccessTokenKitTest, SetPermissionRequestToggleStatus003, TestSize.Level0)
836 {
837 AccessTokenIDEx tokenIdEx = {0};
838 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams);
839 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
840 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
841
842 int32_t selfUid = getuid();
843 setuid(10001); // 10001: UID
844
845 uint32_t status = PermissionRequestToggleStatus::CLOSED;
846 int32_t ret = AccessTokenKit::SetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, status,
847 g_infoManagerTestSystemInfoParms.userID);
848 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, ret);
849
850 status = PermissionRequestToggleStatus::OPEN;
851 ret = AccessTokenKit::SetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, status,
852 g_infoManagerTestSystemInfoParms.userID);
853 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, ret);
854
855 // restore environment
856 setuid(selfUid);
857 }
858
859 /**
860 * @tc.name: SetPermissionRequestToggleStatus004
861 * @tc.desc: SetPermissionRequestToggleStatus caller is a system app with related permissions.
862 * @tc.type: FUNC
863 * @tc.require: Issue Number
864 */
865 HWTEST_F(AccessTokenKitTest, SetPermissionRequestToggleStatus004, TestSize.Level0)
866 {
867 AccessTokenIDEx tokenIdEx = {0};
868
869 PermissionDef infoManagerTestPermDef = {
870 .permissionName = "ohos.permission.DISABLE_PERMISSION_DIALOG_TEST",
871 .bundleName = "accesstoken_test",
872 .grantMode = 1,
873 .availableLevel = APL_NORMAL,
874 .label = "label3",
875 .labelId = 1,
876 .description = "open the door",
877 .descriptionId = 1,
878 .availableType = MDM
879 };
880
881 PermissionStateFull infoManagerTestState = {
882 .permissionName = "ohos.permission.DISABLE_PERMISSION_DIALOG",
883 .isGeneral = true,
884 .resDeviceID = {"local3"},
885 .grantStatus = {PermissionState::PERMISSION_GRANTED},
886 .grantFlags = {1}
887 };
888
889 HapPolicyParams infoManagerTestPolicyPrams = {
890 .apl = APL_NORMAL,
891 .domain = "test.domain3",
892 .permList = {infoManagerTestPermDef},
893 .permStateList = {infoManagerTestState}
894 };
895
896 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, infoManagerTestPolicyPrams);
897 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
898 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
899
900 int32_t selfUid = getuid();
901 setuid(10001); // 10001: UID
902
903 uint32_t status = PermissionRequestToggleStatus::CLOSED;
904 int32_t ret = AccessTokenKit::SetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, status,
905 g_infoManagerTestSystemInfoParms.userID);
906 ASSERT_EQ(RET_SUCCESS, ret);
907
908 status = PermissionRequestToggleStatus::OPEN;
909 ret = AccessTokenKit::SetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, status,
910 g_infoManagerTestSystemInfoParms.userID);
911 ASSERT_EQ(RET_SUCCESS, ret);
912
913 // restore environment
914 setuid(selfUid);
915 }
916
917 /**
918 * @tc.name: GetPermissionRequestToggleStatus001
919 * @tc.desc: Get permission request toggle status that userId, permission is invalid.
920 * @tc.type: FUNC
921 * @tc.require: Issue Number
922 */
923 HWTEST_F(AccessTokenKitTest, GetPermissionRequestToggleStatus001, TestSize.Level1)
924 {
925 int32_t userID = 100;
926 uint32_t status;
927
928 // Permission name is invalid.
929 int32_t ret = AccessTokenKit::GetPermissionRequestToggleStatus("", status, userID);
930 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
931
932 // UserId is invalid.
933 userID = -1;
934 ret = AccessTokenKit::GetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, status, userID);
935 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
936 }
937
938 /**
939 * @tc.name: GetPermissionRequestToggleStatus002
940 * @tc.desc: GetPermissionRequestToggleStatus caller is a normal app, not a system app.
941 * @tc.type: FUNC
942 * @tc.require: Issue Number
943 */
944 HWTEST_F(AccessTokenKitTest, GetPermissionRequestToggleStatus002, TestSize.Level0)
945 {
946 AccessTokenIDEx tokenIdEx = {0};
947 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestNormalInfoParms, g_infoManagerTestPolicyPrams);
948 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
949 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
950
951 uint32_t status;
952 int32_t ret = AccessTokenKit::GetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, status,
953 g_infoManagerTestNormalInfoParms.userID);
954 ASSERT_EQ(ERR_NOT_SYSTEM_APP, ret);
955 }
956
957 /**
958 * @tc.name: GetPermissionRequestToggleStatus003
959 * @tc.desc: GetPermissionRequestToggleStatus caller is a system app without related permissions.
960 * @tc.type: FUNC
961 * @tc.require: Issue Number
962 */
963 HWTEST_F(AccessTokenKitTest, GetPermissionRequestToggleStatus003, TestSize.Level0)
964 {
965 AccessTokenIDEx tokenIdEx = {0};
966 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams);
967 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
968 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
969
970 int32_t selfUid = getuid();
971 setuid(10001); // 10001: UID
972
973 uint32_t getStatus;
974 int32_t ret = AccessTokenKit::GetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, getStatus,
975 g_infoManagerTestSystemInfoParms.userID);
976 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, ret);
977
978 // restore environment
979 setuid(selfUid);
980 }
981
AllocAndSetHapToken(void)982 static void AllocAndSetHapToken(void)
983 {
984 AccessTokenIDEx tokenIdEx = {0};
985
986 PermissionDef infoManagerTestPermDef1 = {
987 .permissionName = "ohos.permission.DISABLE_PERMISSION_DIALOG_TEST",
988 .bundleName = "accesstoken_test",
989 .grantMode = 1,
990 .availableLevel = APL_NORMAL,
991 .label = "label3",
992 .labelId = 1,
993 .description = "open the door",
994 .descriptionId = 1,
995 .availableType = MDM
996 };
997
998 PermissionStateFull infoManagerTestState1 = {
999 .permissionName = "ohos.permission.DISABLE_PERMISSION_DIALOG",
1000 .isGeneral = true,
1001 .resDeviceID = {"local3"},
1002 .grantStatus = {PermissionState::PERMISSION_GRANTED},
1003 .grantFlags = {1}
1004 };
1005
1006 PermissionDef infoManagerTestPermDef2 = {
1007 .permissionName = "ohos.permission.GET_SENSITIVE_PERMISSIONS_TEST",
1008 .bundleName = "accesstoken_test",
1009 .grantMode = 1,
1010 .availableLevel = APL_NORMAL,
1011 .label = "label3",
1012 .labelId = 1,
1013 .description = "open the door",
1014 .descriptionId = 1,
1015 .availableType = MDM
1016 };
1017
1018 PermissionStateFull infoManagerTestState2 = {
1019 .permissionName = "ohos.permission.GET_SENSITIVE_PERMISSIONS",
1020 .isGeneral = true,
1021 .resDeviceID = {"local3"},
1022 .grantStatus = {PermissionState::PERMISSION_GRANTED},
1023 .grantFlags = {1}
1024 };
1025
1026 HapPolicyParams infoManagerTestPolicyPrams = {
1027 .apl = APL_NORMAL,
1028 .domain = "test.domain3",
1029 .permList = {infoManagerTestPermDef1, infoManagerTestPermDef2},
1030 .permStateList = {infoManagerTestState1, infoManagerTestState2}
1031 };
1032
1033 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, infoManagerTestPolicyPrams);
1034 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1035 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
1036 }
1037
1038 /**
1039 * @tc.name: GetPermissionRequestToggleStatus004
1040 * @tc.desc: GetPermissionRequestToggleStatus caller is a system app with related permissions.
1041 * @tc.type: FUNC
1042 * @tc.require: Issue Number
1043 */
1044 HWTEST_F(AccessTokenKitTest, GetPermissionRequestToggleStatus004, TestSize.Level0)
1045 {
1046 AllocAndSetHapToken();
1047
1048 int32_t selfUid = getuid();
1049 setuid(10001); // 10001: UID
1050
1051 // Set a closed status value.
1052 uint32_t status = PermissionRequestToggleStatus::CLOSED;
1053 int32_t ret = AccessTokenKit::SetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, status,
1054 g_infoManagerTestSystemInfoParms.userID);
1055 ASSERT_EQ(RET_SUCCESS, ret);
1056
1057 // Get a closed status value.
1058 uint32_t getStatus;
1059 ret = AccessTokenKit::GetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, getStatus,
1060 g_infoManagerTestSystemInfoParms.userID);
1061 ASSERT_EQ(RET_SUCCESS, ret);
1062 ASSERT_EQ(PermissionRequestToggleStatus::CLOSED, getStatus);
1063
1064 // Set a open status value.
1065 status = PermissionRequestToggleStatus::OPEN;
1066 ret = AccessTokenKit::SetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, status,
1067 g_infoManagerTestSystemInfoParms.userID);
1068 ASSERT_EQ(RET_SUCCESS, ret);
1069
1070 // Get a open status value.
1071 ret = AccessTokenKit::GetPermissionRequestToggleStatus(TEST_PERMISSION_NAME_ALPHA, getStatus,
1072 g_infoManagerTestSystemInfoParms.userID);
1073 ASSERT_EQ(RET_SUCCESS, ret);
1074 ASSERT_EQ(PermissionRequestToggleStatus::OPEN, getStatus);
1075
1076 // restore environment
1077 setuid(selfUid);
1078 }
1079
1080 /**
1081 * @tc.name: VerifyAccessToken001
1082 * @tc.desc: Verify user granted permission.
1083 * @tc.type: FUNC
1084 * @tc.require: Issue Number
1085 */
1086 HWTEST_F(AccessTokenKitTest, VerifyAccessToken001, TestSize.Level0)
1087 {
1088 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1089 ASSERT_NE(INVALID_TOKENID, tokenID);
1090 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1091 ASSERT_EQ(RET_SUCCESS, ret);
1092
1093 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
1094 ASSERT_EQ(PERMISSION_GRANTED, ret);
1095 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1096 ASSERT_EQ(PERMISSION_GRANTED, ret);
1097
1098 ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1099 ASSERT_EQ(RET_SUCCESS, ret);
1100
1101 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
1102 ASSERT_EQ(PERMISSION_DENIED, ret);
1103 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1104 ASSERT_EQ(PERMISSION_DENIED, ret);
1105 }
1106
1107 /**
1108 * @tc.name: VerifyAccessToken002
1109 * @tc.desc: Verify system granted permission.
1110 * @tc.type: FUNC
1111 * @tc.require: Issue Number
1112 */
1113 HWTEST_F(AccessTokenKitTest, VerifyAccessToken002, TestSize.Level0)
1114 {
1115 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1116 ASSERT_NE(INVALID_TOKENID, tokenID);
1117 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1118 ASSERT_EQ(RET_SUCCESS, ret);
1119
1120 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA);
1121 ASSERT_EQ(PERMISSION_GRANTED, ret);
1122 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA, false);
1123 ASSERT_EQ(PERMISSION_GRANTED, ret);
1124
1125 ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1126 ASSERT_EQ(RET_SUCCESS, ret);
1127
1128 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA);
1129 ASSERT_EQ(PERMISSION_DENIED, ret);
1130 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA, false);
1131 ASSERT_EQ(PERMISSION_DENIED, ret);
1132 }
1133
1134 /**
1135 * @tc.name: VerifyAccessToken003
1136 * @tc.desc: Verify permission that tokenID or permission is invalid.
1137 * @tc.type: FUNC
1138 * @tc.require: Issue Number
1139 */
1140 HWTEST_F(AccessTokenKitTest, VerifyAccessToken003, TestSize.Level0)
1141 {
1142 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1143 ASSERT_NE(INVALID_TOKENID, tokenID);
1144 int ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_GAMMA, false);
1145 ASSERT_EQ(PERMISSION_DENIED, ret);
1146
1147 ret = AccessTokenKit::VerifyAccessToken(tokenID, "");
1148 ASSERT_EQ(PERMISSION_DENIED, ret);
1149 ret = AccessTokenKit::VerifyAccessToken(tokenID, "", false);
1150 ASSERT_EQ(PERMISSION_DENIED, ret);
1151
1152 std::string invalidPerm(INVALID_PERMNAME_LEN, 'a');
1153 ret = AccessTokenKit::VerifyAccessToken(tokenID, invalidPerm, false);
1154 ASSERT_EQ(PERMISSION_DENIED, ret);
1155
1156 AccessTokenKit::VerifyAccessToken(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_BETA);
1157 ASSERT_EQ(PERMISSION_DENIED, ret);
1158 AccessTokenKit::VerifyAccessToken(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_BETA, false);
1159 ASSERT_EQ(PERMISSION_DENIED, ret);
1160
1161 AccessTokenKit::DeleteToken(tokenID);
1162
1163 AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA);
1164 ASSERT_EQ(PERMISSION_DENIED, ret);
1165 AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA, false);
1166 ASSERT_EQ(PERMISSION_DENIED, ret);
1167 }
1168
1169 /**
1170 * @tc.name: VerifyAccessToken004
1171 * @tc.desc: Verify permission after update.
1172 * @tc.type: FUNC
1173 * @tc.require: Issue Number
1174 */
1175 HWTEST_F(AccessTokenKitTest, VerifyAccessToken004, TestSize.Level0)
1176 {
1177 AccessTokenIDEx tokenIdEx = AccessTokenKit::GetHapTokenIDEx(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1178 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
1179 ASSERT_NE(INVALID_TOKENID, tokenID);
1180
1181 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1182 ASSERT_EQ(RET_SUCCESS, ret);
1183
1184 HapTokenInfo hapInfo;
1185 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapInfo);
1186 ASSERT_EQ(RET_SUCCESS, ret);
1187
1188 std::vector<PermissionDef> permDefList;
1189 ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList);
1190 ASSERT_EQ(RET_SUCCESS, ret);
1191
1192 std::vector<PermissionStateFull> permStatList;
1193 ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false);
1194 ASSERT_EQ(RET_SUCCESS, ret);
1195
1196 HapPolicyParams policy = {
1197 .apl = hapInfo.apl,
1198 .domain = "domain",
1199 .permList = permDefList,
1200 .permStateList = permStatList
1201 };
1202 UpdateHapInfoParams info;
1203 info.appIDDesc = hapInfo.appID;
1204 info.apiVersion = DEFAULT_API_VERSION;
1205 info.isSystemApp = false;
1206 ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, policy);
1207 ASSERT_EQ(RET_SUCCESS, ret);
1208
1209 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1210 ASSERT_EQ(PERMISSION_GRANTED, ret);
1211 }
1212
1213 /**
1214 * @tc.name: GrantPermission001
1215 * @tc.desc: Grant permission that has ohos.permission.GRANT_SENSITIVE_PERMISSIONS
1216 * @tc.type: FUNC
1217 * @tc.require: Issue Number
1218 */
1219 HWTEST_F(AccessTokenKitTest, GrantPermission001, TestSize.Level0)
1220 {
1221 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1222 ASSERT_NE(INVALID_TOKENID, tokenID);
1223 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1224 ASSERT_EQ(RET_SUCCESS, ret);
1225
1226 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1227 ASSERT_EQ(PERMISSION_GRANTED, ret);
1228
1229 ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1230 ASSERT_EQ(RET_SUCCESS, ret);
1231
1232 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1233 ASSERT_EQ(PERMISSION_GRANTED, ret);
1234 }
1235
1236 /**
1237 * @tc.name: GrantPermission002
1238 * @tc.desc: Grant permission that tokenID or permission is invalid.
1239 * @tc.type: FUNC
1240 * @tc.require: Issue Number
1241 */
1242 HWTEST_F(AccessTokenKitTest, GrantPermission002, TestSize.Level0)
1243 {
1244 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1245 ASSERT_NE(INVALID_TOKENID, tokenID);
1246
1247 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_GAMMA, PERMISSION_USER_FIXED);
1248 ASSERT_EQ(ERR_PERMISSION_NOT_EXIST, ret);
1249
1250 ret = AccessTokenKit::GrantPermission(tokenID, "", PERMISSION_USER_FIXED);
1251 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1252
1253 std::string invalidPerm(INVALID_PERMNAME_LEN, 'a');
1254 ret = AccessTokenKit::GrantPermission(tokenID, invalidPerm, PERMISSION_USER_FIXED);
1255 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1256
1257 ret = AccessTokenKit::GrantPermission(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1258 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1259
1260 AccessTokenKit::DeleteToken(tokenID);
1261
1262 ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1263 ASSERT_EQ(ERR_PERMISSION_NOT_EXIST, ret);
1264 }
1265
1266 /**
1267 * @tc.name: GrantPermission003
1268 * @tc.desc: GrantPermission is invoked multiple times.
1269 * @tc.type: FUNC
1270 * @tc.require: Issue Number
1271 */
1272 HWTEST_F(AccessTokenKitTest, GrantPermission003, TestSize.Level0)
1273 {
1274 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1275 ASSERT_NE(INVALID_TOKENID, tokenID);
1276 uint32_t flag;
1277 for (int i = 0; i < CYCLE_TIMES; i++) {
1278 int32_t ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1279 ASSERT_EQ(RET_SUCCESS, ret);
1280
1281 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1282 ASSERT_EQ(PERMISSION_GRANTED, ret);
1283
1284 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
1285 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
1286 ASSERT_EQ(RET_SUCCESS, ret);
1287 }
1288 }
1289
1290 /**
1291 * @tc.name: GrantPermission004
1292 * @tc.desc: GrantPermission function abnormal branch
1293 * @tc.type: FUNC
1294 * @tc.require:Issue I5RJBB
1295 */
1296 HWTEST_F(AccessTokenKitTest, GrantPermission004, TestSize.Level0)
1297 {
1298 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1299 ASSERT_NE(INVALID_TOKENID, tokenID);
1300 int32_t invalidFlag = -1;
1301 int32_t ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, invalidFlag);
1302 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1303 }
1304
1305 /**
1306 * @tc.name: GrantPermission005
1307 * @tc.desc: GrantPermission caller is normal app.
1308 * @tc.type: FUNC
1309 * @tc.require: issueI66BH3
1310 */
1311 HWTEST_F(AccessTokenKitTest, GrantPermission005, TestSize.Level0)
1312 {
1313 AccessTokenIDEx tokenIdEx = {0};
1314 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestNormalInfoParms, g_infoManagerTestPolicyPrams);
1315 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1316 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
1317
1318 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1319 ASSERT_NE(INVALID_TOKENID, tokenID);
1320 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1321 ASSERT_EQ(ERR_NOT_SYSTEM_APP, ret);
1322 }
1323
1324 /**
1325 * @tc.name: GrantPermission006
1326 * @tc.desc: GrantPermission caller is system app.
1327 * @tc.type: FUNC
1328 * @tc.require: issueI66BH3
1329 */
1330 HWTEST_F(AccessTokenKitTest, GrantPermission006, TestSize.Level0)
1331 {
1332 AccessTokenIDEx tokenIdEx = {0};
1333 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams);
1334 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1335 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
1336
1337 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1338 ASSERT_NE(INVALID_TOKENID, tokenID);
1339 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1340 ASSERT_EQ(RET_SUCCESS, ret);
1341
1342 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1343 ASSERT_EQ(PERMISSION_GRANTED, ret);
1344
1345 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
1346 }
1347
1348 /**
1349 * @tc.name: RevokePermission001
1350 * @tc.desc: Revoke permission that has ohos.permission.REVOKE_SENSITIVE_PERMISSIONS
1351 * @tc.type: FUNC
1352 * @tc.require: Issue Number
1353 */
1354 HWTEST_F(AccessTokenKitTest, RevokePermission001, TestSize.Level0)
1355 {
1356 AccessTokenID tokenId = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1357 ASSERT_NE(INVALID_TOKENID, tokenId);
1358 int ret = AccessTokenKit::RevokePermission(tokenId, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1359 ASSERT_EQ(RET_SUCCESS, ret);
1360
1361 ret = AccessTokenKit::VerifyAccessToken(tokenId, TEST_PERMISSION_NAME_ALPHA, false);
1362 ASSERT_EQ(PERMISSION_DENIED, ret);
1363
1364 ret = AccessTokenKit::RevokePermission(tokenId, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1365 ASSERT_EQ(RET_SUCCESS, ret);
1366
1367 ret = AccessTokenKit::VerifyAccessToken(tokenId, TEST_PERMISSION_NAME_ALPHA, false);
1368 ASSERT_EQ(PERMISSION_DENIED, ret);
1369 }
1370
1371 /**
1372 * @tc.name: RevokePermission002
1373 * @tc.desc: Revoke permission that tokenID or permission is invalid.
1374 * @tc.type: FUNC
1375 * @tc.require: Issue Number
1376 */
1377 HWTEST_F(AccessTokenKitTest, RevokePermission002, TestSize.Level0)
1378 {
1379 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1380 ASSERT_NE(INVALID_TOKENID, tokenID);
1381
1382 int ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_GAMMA, PERMISSION_USER_FIXED);
1383 ASSERT_EQ(ERR_PERMISSION_NOT_EXIST, ret);
1384
1385 ret = AccessTokenKit::RevokePermission(tokenID, "", PERMISSION_USER_FIXED);
1386 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1387
1388 std::string invalidPerm(INVALID_PERMNAME_LEN, 'a');
1389 ret = AccessTokenKit::RevokePermission(tokenID, invalidPerm, PERMISSION_USER_FIXED);
1390 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1391
1392 ret = AccessTokenKit::RevokePermission(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1393 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1394
1395 AccessTokenKit::DeleteToken(tokenID);
1396
1397 ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1398 ASSERT_EQ(ERR_PERMISSION_NOT_EXIST, ret);
1399 }
1400
1401 /**
1402 * @tc.name: RevokePermission003
1403 * @tc.desc: RevokePermission is invoked multiple times.
1404 * @tc.type: FUNC
1405 * @tc.require: Issue Number
1406 */
1407 HWTEST_F(AccessTokenKitTest, RevokePermission003, TestSize.Level0)
1408 {
1409 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1410 ASSERT_NE(INVALID_TOKENID, tokenID);
1411 uint32_t flag;
1412 for (int i = 0; i < CYCLE_TIMES; i++) {
1413 int32_t ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1414 ASSERT_EQ(RET_SUCCESS, ret);
1415
1416 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1417 ASSERT_EQ(PERMISSION_DENIED, ret);
1418
1419 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
1420 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
1421 ASSERT_EQ(RET_SUCCESS, ret);
1422 }
1423 }
1424
1425 /**
1426 * @tc.name: RevokePermission004
1427 * @tc.desc: Revoke permission abnormal branch.
1428 * @tc.type: FUNC
1429 * @tc.require:Issue I5RJBB
1430 */
1431 HWTEST_F(AccessTokenKitTest, RevokePermission004, TestSize.Level0)
1432 {
1433 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1434 ASSERT_NE(INVALID_TOKENID, tokenID);
1435 int invalidFlag = -1;
1436 int32_t ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, invalidFlag);
1437 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1438 }
1439
1440 /**
1441 * @tc.name: RevokePermission005
1442 * @tc.desc: Revoke permission caller is normal app.
1443 * @tc.type: FUNC
1444 * @tc.require: issueI66BH3
1445 */
1446 HWTEST_F(AccessTokenKitTest, RevokePermission005, TestSize.Level0)
1447 {
1448 AccessTokenIDEx tokenIdEx = {0};
1449 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestNormalInfoParms, g_infoManagerTestPolicyPrams);
1450 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1451 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
1452
1453 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1454 ASSERT_NE(INVALID_TOKENID, tokenID);
1455 int ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1456 ASSERT_EQ(ERR_NOT_SYSTEM_APP, ret);
1457
1458 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
1459 }
1460
1461 /**
1462 * @tc.name: RevokePermission006
1463 * @tc.desc: Revoke permission caller is system app.
1464 * @tc.type: FUNC
1465 * @tc.require: issueI66BH3
1466 */
1467 HWTEST_F(AccessTokenKitTest, RevokePermission006, TestSize.Level0)
1468 {
1469 AccessTokenIDEx tokenIdEx = {0};
1470 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams);
1471 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1472 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
1473
1474 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1475 ASSERT_NE(INVALID_TOKENID, tokenID);
1476 int ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1477 ASSERT_EQ(RET_SUCCESS, ret);
1478
1479 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1480 ASSERT_EQ(PERMISSION_DENIED, ret);
1481
1482 ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1483 ASSERT_EQ(RET_SUCCESS, ret);
1484
1485 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1486 ASSERT_EQ(PERMISSION_DENIED, ret);
1487
1488 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
1489 }
1490
1491 /**
1492 * @tc.name: ClearUserGrantedPermissionState001
1493 * @tc.desc: Clear user/system granted permission after ClearUserGrantedPermissionState has been invoked.
1494 * @tc.type: FUNC
1495 * @tc.require: Issue Number
1496 */
1497 HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState001, TestSize.Level0)
1498 {
1499 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1500 ASSERT_NE(INVALID_TOKENID, tokenID);
1501 int ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID);
1502 ASSERT_EQ(RET_SUCCESS, ret);
1503
1504 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1505 ASSERT_EQ(PERMISSION_DENIED, ret);
1506
1507 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA, false);
1508 ASSERT_EQ(PERMISSION_DENIED, ret);
1509 }
1510
1511 /**
1512 * @tc.name: ClearUserGrantedPermissionState002
1513 * @tc.desc: Clear user/system granted permission that tokenID or permission is invalid.
1514 * @tc.type: FUNC
1515 * @tc.require: Issue Number
1516 */
1517 HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState002, TestSize.Level0)
1518 {
1519 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1520 ASSERT_NE(INVALID_TOKENID, tokenID);
1521
1522 int ret = AccessTokenKit::ClearUserGrantedPermissionState(TEST_TOKENID_INVALID);
1523 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1524
1525 AccessTokenKit::DeleteToken(tokenID);
1526
1527 ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID);
1528 ASSERT_EQ(RET_SUCCESS, ret);
1529 }
1530
1531 /**
1532 * @tc.name: ClearUserGrantedPermissionState003
1533 * @tc.desc: ClearUserGrantedPermissionState is invoked multiple times.
1534 * @tc.type: FUNC
1535 * @tc.require: Issue Number
1536 */
1537 HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState003, TestSize.Level0)
1538 {
1539 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1540 ASSERT_NE(INVALID_TOKENID, tokenID);
1541 for (int i = 0; i < CYCLE_TIMES; i++) {
1542 int32_t ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID);
1543 ASSERT_EQ(RET_SUCCESS, ret);
1544
1545 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
1546 ASSERT_EQ(PERMISSION_DENIED, ret);
1547 }
1548 }
1549
1550 /**
1551 * @tc.name: ClearUserGrantedPermissionState004
1552 * @tc.desc: Clear user/system granted permission after ClearUserGrantedPermissionState has been invoked.
1553 * @tc.type: FUNC
1554 * @tc.require: Issue Number
1555 */
1556 HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState004, TestSize.Level0)
1557 {
1558 AccessTokenIDEx tokenIdEx = {0};
1559 OHOS::Security::AccessToken::PermissionStateFull infoManagerTestState1 = {
1560 .permissionName = "ohos.permission.CAMERA",
1561 .isGeneral = true,
1562 .resDeviceID = {"local"},
1563 .grantStatus = {OHOS::Security::AccessToken::PermissionState::PERMISSION_DENIED},
1564 .grantFlags = {PERMISSION_GRANTED_BY_POLICY | PERMISSION_DEFAULT_FLAG}
1565 };
1566 OHOS::Security::AccessToken::PermissionStateFull infoManagerTestState2 = {
1567 .permissionName = "ohos.permission.SEND_MESSAGES",
1568 .isGeneral = true,
1569 .resDeviceID = {"local"},
1570 .grantStatus = {OHOS::Security::AccessToken::PermissionState::PERMISSION_DENIED},
1571 .grantFlags = {PERMISSION_GRANTED_BY_POLICY | PERMISSION_USER_FIXED}
1572 };
1573 OHOS::Security::AccessToken::PermissionStateFull infoManagerTestState3 = {
1574 .permissionName = "ohos.permission.RECEIVE_SMS",
1575 .isGeneral = true,
1576 .resDeviceID = {"local"},
1577 .grantStatus = {OHOS::Security::AccessToken::PermissionState::PERMISSION_GRANTED},
1578 .grantFlags = {PERMISSION_USER_FIXED}
1579 };
1580 OHOS::Security::AccessToken::HapPolicyParams infoManagerTestPolicyPrams = {
1581 .apl = OHOS::Security::AccessToken::ATokenAplEnum::APL_NORMAL,
1582 .domain = "test.domain",
1583 .permList = {g_infoManagerTestPermDef1},
1584 .permStateList = {infoManagerTestState1, infoManagerTestState2, infoManagerTestState3}
1585 };
1586 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
1587 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
1588 ASSERT_NE(INVALID_TOKENID, tokenID);
1589
1590 int ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID);
1591 ASSERT_EQ(RET_SUCCESS, ret);
1592
1593 ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false);
1594 ASSERT_EQ(PERMISSION_GRANTED, ret);
1595
1596 ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.SEND_MESSAGES", false);
1597 ASSERT_EQ(PERMISSION_GRANTED, ret);
1598
1599 ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.RECEIVE_SMS", false);
1600 ASSERT_EQ(PERMISSION_DENIED, ret);
1601
1602 ret = AccessTokenKit::DeleteToken(tokenID);
1603 ASSERT_EQ(RET_SUCCESS, ret);
1604 }
1605
1606 /**
1607 * @tc.name: GetTokenType001
1608 * @tc.desc: get the token type.
1609 * @tc.type: FUNC
1610 * @tc.require: Issue Number
1611 */
1612 HWTEST_F(AccessTokenKitTest, GetTokenType001, TestSize.Level0)
1613 {
1614 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1615 int ret = AccessTokenKit::GetTokenType(tokenID);
1616 ASSERT_EQ(TOKEN_HAP, ret);
1617 DeleteTestToken();
1618 }
1619
1620 /**
1621 * @tc.name: GetTokenType002
1622 * @tc.desc: get the token type abnormal branch.
1623 * @tc.type: FUNC
1624 * @tc.require Issue I5RJBB
1625 */
1626 HWTEST_F(AccessTokenKitTest, GetTokenType002, TestSize.Level0)
1627 {
1628 AccessTokenID tokenID = 0;
1629 int32_t ret = AccessTokenKit::GetTokenType(tokenID);
1630 ASSERT_EQ(TOKEN_INVALID, ret);
1631 }
1632
1633 /**
1634 * @tc.name: GetHapDlpFlag001
1635 * @tc.desc: GetHapDlpFlag function abnormal branch.
1636 * @tc.type: FUNC
1637 * @tc.require Issue Number:I5RJBB
1638 */
1639 HWTEST_F(AccessTokenKitTest, GetHapDlpFlag001, TestSize.Level0)
1640 {
1641 AccessTokenID tokenID = 0;
1642 int32_t ret = AccessTokenKit::GetHapDlpFlag(tokenID);
1643 ASSERT_EQ(INVALID_DLP_TOKEN_FLAG, ret);
1644 }
1645
1646 /**
1647 * @tc.name: GetHapTokenInfo001
1648 * @tc.desc: get the token info and verify.
1649 * @tc.type: FUNC
1650 * @tc.require: Issue Number
1651 */
1652 HWTEST_F(AccessTokenKitTest, GetHapTokenInfo001, TestSize.Level0)
1653 {
1654 HapTokenInfo hapTokenInfoRes;
1655 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1656 int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
1657 ASSERT_EQ(RET_SUCCESS, ret);
1658
1659 ASSERT_EQ(hapTokenInfoRes.apl, APL_NORMAL);
1660 ASSERT_EQ(hapTokenInfoRes.userID, TEST_USER_ID);
1661 ASSERT_EQ(hapTokenInfoRes.tokenID, tokenID);
1662 ASSERT_EQ(hapTokenInfoRes.tokenAttr, static_cast<AccessTokenAttr>(0));
1663 ASSERT_EQ(hapTokenInfoRes.instIndex, 0);
1664
1665 ASSERT_EQ(hapTokenInfoRes.appID, "appIDDesc");
1666
1667 ASSERT_EQ(hapTokenInfoRes.bundleName, TEST_BUNDLE_NAME);
1668 }
1669
1670 /**
1671 * @tc.name: GetHapTokenInfo002
1672 * @tc.desc: try to get the token info with invalid tokenId.
1673 * @tc.type: FUNC
1674 * @tc.require: Issue Number
1675 */
1676 HWTEST_F(AccessTokenKitTest, GetHapTokenInfo002, TestSize.Level0)
1677 {
1678 HapTokenInfo hapTokenInfoRes;
1679 int ret = AccessTokenKit::GetHapTokenInfo(TEST_TOKENID_INVALID, hapTokenInfoRes);
1680 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1681 }
1682
1683 /**
1684 * @tc.name: DeleteToken001
1685 * @tc.desc: Cannot get permission definition info after DeleteToken function has been invoked.
1686 * @tc.type: FUNC
1687 * @tc.require: Issue Number
1688 */
1689 HWTEST_F(AccessTokenKitTest, DeleteToken001, TestSize.Level1)
1690 {
1691 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1692 PermissionDef permDefResultAlpha;
1693 int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha);
1694 ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName);
1695 ASSERT_EQ(RET_SUCCESS, ret);
1696
1697 ret = AccessTokenKit::DeleteToken(tokenID);
1698 ASSERT_EQ(RET_SUCCESS, ret);
1699
1700 PermissionDef defResult;
1701 ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, defResult);
1702 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
1703 }
1704
1705 /**
1706 * @tc.name: DeleteToken002
1707 * @tc.desc: Delete invalid tokenID.
1708 * @tc.type: FUNC
1709 * @tc.require: Issue Number
1710 */
1711 HWTEST_F(AccessTokenKitTest, DeleteToken002, TestSize.Level1)
1712 {
1713 int ret = AccessTokenKit::DeleteToken(TEST_TOKENID_INVALID);
1714 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1715 }
1716
1717 /**
1718 * @tc.name: DeleteToken002
1719 * @tc.desc: Delete invalid tokenID.
1720 * @tc.type: FUNC
1721 * @tc.require: Issue Number
1722 */
1723 HWTEST_F(AccessTokenKitTest, DeleteToken003, TestSize.Level1)
1724 {
1725 HapTokenInfo hapTokenInfoRes;
1726 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1727
1728 int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
1729 ASSERT_EQ(RET_SUCCESS, ret);
1730
1731 ret = AccessTokenKit::DeleteToken(tokenID);
1732 ASSERT_EQ(RET_SUCCESS, ret);
1733
1734 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
1735 ASSERT_EQ(AccessTokenError::ERR_TOKENID_NOT_EXIST, ret);
1736 }
1737
1738 /**
1739 * @tc.name: DeleteToken004
1740 * @tc.desc: alloc a tokenId successfully, delete it successfully the first time and fail to delete it again.
1741 * @tc.type: FUNC
1742 * @tc.require: Issue Number
1743 */
1744 HWTEST_F(AccessTokenKitTest, DeleteToken004, TestSize.Level1)
1745 {
1746 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1747 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
1748
1749 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
1750 ASSERT_NE(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
1751 }
1752
1753 /**
1754 * @tc.name: GetHapTokenID001
1755 * @tc.desc: get hap tokenid.
1756 * @tc.type: FUNC
1757 * @tc.require: Issue Number
1758 */
1759 HWTEST_F(AccessTokenKitTest, GetHapTokenID001, TestSize.Level1)
1760 {
1761 HapTokenInfo hapTokenInfoRes;
1762 AccessTokenID tokenID;
1763 tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1764
1765 int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
1766 ASSERT_EQ(RET_SUCCESS, ret);
1767 ASSERT_EQ(hapTokenInfoRes.bundleName, TEST_BUNDLE_NAME);
1768 }
1769
1770 /**
1771 * @tc.name: GetHapTokenID002
1772 * @tc.desc: cannot get hap tokenid with invalid userId.
1773 * @tc.type: FUNC
1774 * @tc.require: Issue Number
1775 */
1776 HWTEST_F(AccessTokenKitTest, GetHapTokenID002, TestSize.Level1)
1777 {
1778 AccessTokenID tokenID;
1779 tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID_INVALID, TEST_BUNDLE_NAME, 0);
1780 ASSERT_EQ(INVALID_TOKENID, tokenID);
1781 }
1782
1783 /**
1784 * @tc.name: GetHapTokenID003
1785 * @tc.desc: cannot get hap tokenid with invalid bundlename.
1786 * @tc.type: FUNC
1787 * @tc.require: Issue Number
1788 */
1789 HWTEST_F(AccessTokenKitTest, GetHapTokenID003, TestSize.Level1)
1790 {
1791 AccessTokenID tokenID;
1792 tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, "invalid bundlename", 0);
1793 ASSERT_EQ(INVALID_TOKENID, tokenID);
1794 }
1795
1796 /**
1797 * @tc.name: GetHapTokenID004
1798 * @tc.desc: cannot get hap tokenid with invalid bundlename.
1799 * @tc.type: FUNC
1800 * @tc.require: Issue Number
1801 */
1802 HWTEST_F(AccessTokenKitTest, GetHapTokenID004, TestSize.Level1)
1803 {
1804 AccessTokenID tokenID;
1805 tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0xffff);
1806 ASSERT_EQ(INVALID_TOKENID, tokenID);
1807 }
1808
1809 /**
1810 * @tc.name: GetHapTokenIDEx001
1811 * @tc.desc: get hap tokenid.
1812 * @tc.type: FUNC
1813 * @tc.require: issueI60F1M
1814 */
1815 HWTEST_F(AccessTokenKitTest, GetHapTokenIDEx001, TestSize.Level1)
1816 {
1817 AccessTokenIDEx tokenIdEx;
1818 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams);
1819
1820 AccessTokenIDEx tokenIdEx1;
1821 tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(g_infoManagerTestSystemInfoParms.userID,
1822 g_infoManagerTestSystemInfoParms.bundleName,
1823 g_infoManagerTestSystemInfoParms.instIndex);
1824
1825 ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx);
1826 HapTokenInfo hapTokenInfoRes;
1827 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
1828 int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
1829 ASSERT_EQ(RET_SUCCESS, ret);
1830 ASSERT_EQ(hapTokenInfoRes.bundleName, g_infoManagerTestSystemInfoParms.bundleName);
1831 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
1832 }
1833
1834 /**
1835 * @tc.name: GetHapTokenIDEx002
1836 * @tc.desc: cannot get hap tokenid with invalid userId.
1837 * @tc.type: FUNC
1838 * @tc.require: issueI60F1M
1839 */
1840 HWTEST_F(AccessTokenKitTest, GetHapTokenIDEx002, TestSize.Level1)
1841 {
1842 AccessTokenIDEx tokenIdEx;
1843 tokenIdEx = AccessTokenKit::GetHapTokenIDEx(TEST_USER_ID_INVALID, TEST_BUNDLE_NAME, 0);
1844 ASSERT_EQ(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1845 }
1846
1847 /**
1848 * @tc.name: GetHapTokenIDEx003
1849 * @tc.desc: cannot get hap tokenid with invalid bundlename.
1850 * @tc.type: FUNC
1851 * @tc.require: issueI60F1M
1852 */
1853 HWTEST_F(AccessTokenKitTest, GetHapTokenIDEx003, TestSize.Level1)
1854 {
1855 AccessTokenIDEx tokenIdEx;
1856 tokenIdEx = AccessTokenKit::GetHapTokenIDEx(TEST_USER_ID, "invalid bundlename", 0);
1857 ASSERT_EQ(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1858 }
1859
1860 /**
1861 * @tc.name: GetHapTokenIDEx004
1862 * @tc.desc: cannot get hap tokenid with invalid instIndex.
1863 * @tc.type: FUNC
1864 * @tc.require: issueI60F1M
1865 */
1866 HWTEST_F(AccessTokenKitTest, GetHapTokenIDEx004, TestSize.Level1)
1867 {
1868 AccessTokenIDEx tokenIdEx;
1869 tokenIdEx = AccessTokenKit::GetHapTokenIDEx(TEST_USER_ID, TEST_BUNDLE_NAME, 0xffff);
1870 ASSERT_EQ(INVALID_TOKENID, tokenIdEx.tokenIDEx);
1871 }
1872
1873 /**
1874 * @tc.name: ReloadNativeTokenInfo001
1875 * @tc.desc: cannot get hap tokenid with invalid bundlename.
1876 * @tc.type: FUNC
1877 * @tc.require: Issue Number
1878 */
1879 HWTEST_F(AccessTokenKitTest, ReloadNativeTokenInfo001, TestSize.Level1)
1880 {
1881 int32_t ret = AccessTokenKit::ReloadNativeTokenInfo();
1882 ASSERT_EQ(RET_SUCCESS, ret);
1883 }
1884
1885 /**
1886 * @tc.name: ReloadNativeTokenInfo002
1887 * @tc.desc: ReloadNativeTokenInfo with same bundlename twicely.
1888 * @tc.type: FUNC
1889 * @tc.require: Issue Number
1890 */
1891 HWTEST_F(AccessTokenKitTest, ReloadNativeTokenInfo002, TestSize.Level1)
1892 {
1893 const char **perms = new const char *[1];
1894 perms[0] = "ohos.permission.MANAGE_HAP_TOKENID";
1895 uint64_t token1 = GetNativeTokenTest("TestCase_core", perms, 1);
1896 ASSERT_NE(INVALID_TOKENID, token1);
1897 ASSERT_EQ(
1898 PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(token1, "ohos.permission.MANAGE_HAP_TOKENID", false));
1899
1900 uint64_t token2 = GetNativeTokenTest("TestCase_core", nullptr, 0);
1901 ASSERT_NE(INVALID_TOKENID, token2);
1902
1903 ASSERT_EQ(token1, token2);
1904 ASSERT_EQ(
1905 PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(token2, "ohos.permission.MANAGE_HAP_TOKENID", false));
1906 }
1907
1908 /**
1909 * @tc.name: GetNativeTokenId001
1910 * @tc.desc: cannot get native tokenid with invalid processName.
1911 * @tc.type: FUNC
1912 * @tc.require: Issue Number
1913 */
1914 HWTEST_F(AccessTokenKitTest, GetNativeTokenId001, TestSize.Level1)
1915 {
1916 std::string processName = "";
1917 ASSERT_EQ(INVALID_TOKENID, AccessTokenKit::GetNativeTokenId(processName));
1918
1919 processName = "invalid processName";
1920 ASSERT_EQ(INVALID_TOKENID, AccessTokenKit::GetNativeTokenId(processName));
1921 }
1922
1923 /**
1924 * @tc.name: GetNativeTokenId002
1925 * @tc.desc: get native tokenid with processName.
1926 * @tc.type: FUNC
1927 * @tc.require: Issue Number
1928 */
1929 HWTEST_F(AccessTokenKitTest, GetNativeTokenId002, TestSize.Level1)
1930 {
1931 std::string processName = "hdcd";
1932 AccessTokenID tokenID = AccessTokenKit::GetNativeTokenId(processName);
1933 ASSERT_NE(INVALID_TOKENID, tokenID);
1934
1935 NativeTokenInfo tokenInfo;
1936 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetNativeTokenInfo(tokenID, tokenInfo));
1937 ASSERT_EQ(true, tokenInfo.processName == processName);
1938 }
1939
1940 /**
1941 * @tc.name: GetNativeTokenId003
1942 * @tc.desc: get native tokenid with hap.
1943 * @tc.type: FUNC
1944 * @tc.require: Issue Number
1945 */
1946 HWTEST_F(AccessTokenKitTest, GetNativeTokenId003, TestSize.Level1)
1947 {
1948 std::string processName = "hdcd";
1949 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1950 ASSERT_NE(INVALID_TOKENID, tokenID);
1951 ASSERT_EQ(0, SetSelfTokenID(tokenID));
1952 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::ReloadNativeTokenInfo());
1953
1954 tokenID = AccessTokenKit::GetNativeTokenId(processName);
1955 ASSERT_NE(INVALID_TOKENID, tokenID);
1956
1957 NativeTokenInfo tokenInfo;
1958 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetNativeTokenInfo(tokenID, tokenInfo));
1959 ASSERT_EQ(true, tokenInfo.processName == processName);
1960
1961 ASSERT_EQ(0, SetSelfTokenID(selfTokenId_));
1962 }
1963
1964 /**
1965 * @tc.name: GetNativeTokenId004
1966 * @tc.desc: get native tokenid with hap.
1967 * @tc.type: FUNC
1968 * @tc.require: Issue Number
1969 */
1970 HWTEST_F(AccessTokenKitTest, GetNativeTokenId004, TestSize.Level1)
1971 {
1972 std::string processName = "hdcd";
1973 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1974 ASSERT_NE(INVALID_TOKENID, tokenID);
1975 ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(tokenID));
1976 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::ReloadNativeTokenInfo());
1977
1978 int32_t selfUid = getuid();
1979 setuid(10001); // 10001: UID
1980
1981 ASSERT_EQ(INVALID_TOKENID, AccessTokenKit::GetNativeTokenId(processName));
1982
1983 // restore environment
1984 setuid(selfUid);
1985 ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(selfTokenId_));
1986 }
1987
1988 /**
1989 * @tc.name: AllocHapToken001
1990 * @tc.desc: alloc a tokenId successfully, delete it successfully the first time and fail to delete it again.
1991 * @tc.type: FUNC
1992 * @tc.require: Issue Number
1993 */
1994 HWTEST_F(AccessTokenKitTest, AllocHapToken001, TestSize.Level1)
1995 {
1996 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1997 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
1998 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
1999 ASSERT_NE(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
2000 }
2001
2002 /**
2003 * @tc.name: AllocHapToken002
2004 * @tc.desc: alloc a tokenId successfully,
2005 * and fail to alloc it with the same info and policy again.
2006 * @tc.type: FUNC
2007 * @tc.require: Issue Number
2008 */
2009 HWTEST_F(AccessTokenKitTest, AllocHapToken002, TestSize.Level1)
2010 {
2011 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2012 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
2013 ASSERT_NE(INVALID_TOKENID, tokenID);
2014
2015 AccessTokenID tokenID1 = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2016 ASSERT_NE(INVALID_TOKENID, tokenID1);
2017 ASSERT_NE(tokenID, tokenID1);
2018 ASSERT_NE(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
2019 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID1));
2020 }
2021
2022 /**
2023 * @tc.name: AllocHapToken003
2024 * @tc.desc: cannot alloc a tokenId with invalid bundlename.
2025 * @tc.type: FUNC
2026 * @tc.require: Issue Number
2027 */
2028 HWTEST_F(AccessTokenKitTest, AllocHapToken003, TestSize.Level1)
2029 {
2030 std::string invalidBundleName (INVALID_BUNDLENAME_LEN, 'x');
2031 std::string bundle = g_infoManagerTestInfoParms.bundleName;
2032
2033 DeleteTestToken();
2034 GTEST_LOG_(INFO) << "get hap token info:" << invalidBundleName.length();
2035
2036 g_infoManagerTestInfoParms.bundleName = invalidBundleName;
2037 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2038 ASSERT_EQ(INVALID_TOKENID, tokenID);
2039
2040 tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
2041 g_infoManagerTestInfoParms.bundleName,
2042 g_infoManagerTestInfoParms.instIndex);
2043 ASSERT_EQ(INVALID_TOKENID, tokenID);
2044 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, AccessTokenKit::DeleteToken(tokenID));
2045
2046 g_infoManagerTestInfoParms.bundleName = bundle;
2047
2048 DeleteTestToken();
2049 }
2050
2051 /**
2052 * @tc.name: AllocHapToken004
2053 * @tc.desc: cannot alloc a tokenId with invalid apl.
2054 * @tc.type: FUNC
2055 * @tc.require: Issue Number
2056 */
2057 HWTEST_F(AccessTokenKitTest, AllocHapToken004, TestSize.Level1)
2058 {
2059 ATokenAplEnum typeBackUp = g_infoManagerTestPolicyPrams.apl;
2060 DeleteTestToken();
2061
2062 g_infoManagerTestPolicyPrams.apl = (ATokenAplEnum)5;
2063 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2064 ASSERT_EQ(INVALID_TOKENID, tokenID);
2065
2066 tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
2067 g_infoManagerTestInfoParms.bundleName,
2068 g_infoManagerTestInfoParms.instIndex);
2069 ASSERT_EQ(INVALID_TOKENID, tokenID);
2070
2071 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, AccessTokenKit::DeleteToken(tokenID));
2072 g_infoManagerTestPolicyPrams.apl = typeBackUp;
2073
2074 DeleteTestToken();
2075 }
2076
2077 /**
2078 * @tc.name: AllocHapToken005
2079 * @tc.desc: can alloc a tokenId when bundlename in permdef is different with bundlename in info.
2080 * @tc.type: FUNC
2081 * @tc.require: Issue Number
2082 */
2083 HWTEST_F(AccessTokenKitTest, AllocHapToken005, TestSize.Level1)
2084 {
2085 std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName;
2086 std::string bundleNameBackUp = g_infoManagerTestPolicyPrams.permList[INDEX_ONE].bundleName;
2087 ATokenAvailableTypeEnum typeBakup = g_infoManagerTestPolicyPrams.permList[INDEX_ONE].availableType;
2088 DeleteTestToken();
2089
2090 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].bundleName = "invalid_bundleName";
2091 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName = "ohos.permission.testtmp01";
2092 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].availableType = MDM;
2093 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2094 ASSERT_NE(INVALID_TOKENID, tokenID);
2095
2096 PermissionDef permDefResult;
2097 int ret = AccessTokenKit::GetDefPermission(
2098 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName, permDefResult);
2099 ASSERT_EQ(RET_SUCCESS, ret);
2100 ASSERT_EQ(permDefResult.availableType, MDM);
2101 ret = AccessTokenKit::GetDefPermission(
2102 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName, permDefResult);
2103 ASSERT_EQ(RET_SUCCESS, ret);
2104 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].bundleName = bundleNameBackUp;
2105 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName = backUpPermission;
2106 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].availableType = typeBakup;
2107
2108 DeleteTestToken();
2109 }
2110
2111 /**
2112 * @tc.name: AllocHapToken006
2113 * @tc.desc: can alloc a tokenId with a invalid permList permissionName.
2114 * @tc.type: FUNC
2115 * @tc.require: Issue Number
2116 */
2117 HWTEST_F(AccessTokenKitTest, AllocHapToken006, TestSize.Level1)
2118 {
2119 std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2120 DeleteTestToken();
2121
2122 const std::string invalidPermissionName (INVALID_PERMNAME_LEN, 'x');
2123 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = invalidPermissionName;
2124 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2125 ASSERT_NE(INVALID_TOKENID, tokenID);
2126
2127 PermissionDef permDefResultBeta;
2128 int ret = AccessTokenKit::GetDefPermission(invalidPermissionName, permDefResultBeta);
2129 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
2130 ret = AccessTokenKit::GetDefPermission(
2131 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName, permDefResultBeta);
2132 ASSERT_EQ(RET_SUCCESS, ret);
2133 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backUp;
2134
2135 DeleteTestToken();
2136 }
2137
2138 /**
2139 * @tc.name: AllocHapToken007
2140 * @tc.desc: can alloc a tokenId with invalid permdef.
2141 * @tc.type: FUNC
2142 * @tc.require: Issue Number
2143 */
2144 HWTEST_F(AccessTokenKitTest, AllocHapToken007, TestSize.Level1)
2145 {
2146 std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName;
2147 std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2148 DeleteTestToken();
2149
2150 const std::string invalidBundleName (INVALID_BUNDLENAME_LEN, 'x');
2151
2152 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "ohos.permission.testtmp02";
2153 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName = invalidBundleName;
2154 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2155 ASSERT_NE(INVALID_TOKENID, tokenID);
2156
2157 PermissionDef permDefResultBeta;
2158 int ret = AccessTokenKit::GetDefPermission(
2159 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResultBeta);
2160 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
2161 ret = AccessTokenKit::GetDefPermission(
2162 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName, permDefResultBeta);
2163 ASSERT_EQ(RET_SUCCESS, ret);
2164 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName = backUp;
2165 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backUpPermission;
2166
2167 DeleteTestToken();
2168 }
2169
2170 /**
2171 * @tc.name: AllocHapToken008
2172 * @tc.desc: can alloc a tokenId with invalid permdef.
2173 * @tc.type: FUNC
2174 * @tc.require: Issue Number
2175 */
2176 HWTEST_F(AccessTokenKitTest, AllocHapToken008, TestSize.Level1)
2177 {
2178 std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label;
2179 std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2180 DeleteTestToken();
2181
2182 const std::string invalidLabel (INVALID_LABEL_LEN, 'x');
2183 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "ohos.permission.testtmp03";
2184 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label = invalidLabel;
2185 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2186 ASSERT_NE(INVALID_TOKENID, tokenID);
2187
2188 PermissionDef permDefResultBeta;
2189 int ret = AccessTokenKit::GetDefPermission(
2190 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResultBeta);
2191 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
2192 ret = AccessTokenKit::GetDefPermission(
2193 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName, permDefResultBeta);
2194 ASSERT_EQ(RET_SUCCESS, ret);
2195 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label = backUp;
2196 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backUpPermission;
2197
2198 DeleteTestToken();
2199 }
2200
2201 /**
2202 * @tc.name: AllocHapToken009
2203 * @tc.desc: can alloc a tokenId with invalid permdef.
2204 * @tc.type: FUNC
2205 * @tc.require: Issue Number
2206 */
2207 HWTEST_F(AccessTokenKitTest, AllocHapToken009, TestSize.Level1)
2208 {
2209 std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description;
2210 std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2211 DeleteTestToken();
2212
2213 const std::string invalidDescription (INVALID_DESCRIPTION_LEN, 'x');
2214
2215 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "ohos.permission.testtmp04";
2216 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description = invalidDescription;
2217 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2218 ASSERT_NE(INVALID_TOKENID, tokenID);
2219
2220 PermissionDef permDefResultBeta;
2221 int ret = AccessTokenKit::GetDefPermission(
2222 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResultBeta);
2223 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
2224 ret = AccessTokenKit::GetDefPermission(
2225 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName, permDefResultBeta);
2226 ASSERT_EQ(RET_SUCCESS, ret);
2227
2228 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description = backUp;
2229 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backUpPermission;
2230
2231 DeleteTestToken();
2232 }
2233
ExistInVector(vector<unsigned int> array,unsigned int value)2234 static bool ExistInVector(vector<unsigned int> array, unsigned int value)
2235 {
2236 vector<unsigned int>::iterator it;
2237 it = find(array.begin(), array.end(), value);
2238 if (it != array.end()) {
2239 return true;
2240 } else {
2241 return false;
2242 }
2243 }
2244
2245 /**
2246 * @tc.name: AllocHapToken010
2247 * @tc.desc: alloc and delete in a loop.
2248 * @tc.type: FUNC
2249 * @tc.require: Issue Number
2250 */
2251 HWTEST_F(AccessTokenKitTest, AllocHapToken010, TestSize.Level1)
2252 {
2253 int ret;
2254 bool exist = false;
2255 int allocFlag = 0;
2256 int deleteFlag = 0;
2257
2258 DeleteTestToken();
2259 vector<unsigned int> obj;
2260 for (int i = 0; i < CYCLE_TIMES; i++) {
2261 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2262
2263 exist = ExistInVector(obj, tokenID);
2264 if (exist) {
2265 allocFlag = 1;
2266 }
2267 obj.push_back(tokenID);
2268
2269 ret = AccessTokenKit::DeleteToken(tokenID);
2270 if (RET_SUCCESS != ret) {
2271 deleteFlag = 1;
2272 }
2273 }
2274 ASSERT_EQ(allocFlag, 0);
2275 ASSERT_EQ(deleteFlag, 0);
2276 }
2277
2278 /**
2279 * @tc.name: AllocHapToken011
2280 * @tc.desc: cannot alloc a tokenId with invalid appIDDesc.
2281 * @tc.type: FUNC
2282 * @tc.require: Issue Number
2283 */
2284 HWTEST_F(AccessTokenKitTest, AllocHapToken011, TestSize.Level1)
2285 {
2286 std::string invalidAppIDDesc (INVALID_APPIDDESC_LEN, 'x');
2287 std::string backup = g_infoManagerTestInfoParms.appIDDesc;
2288
2289 DeleteTestToken();
2290
2291 g_infoManagerTestInfoParms.appIDDesc = invalidAppIDDesc;
2292 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2293 ASSERT_EQ(INVALID_TOKENID, tokenID);
2294 g_infoManagerTestInfoParms.appIDDesc = backup;
2295 }
2296
2297 /**
2298 * @tc.name: AllocHapToken012
2299 * @tc.desc: cannot alloc a tokenId with invalid bundleName.
2300 * @tc.type: FUNC
2301 * @tc.require: Issue Number
2302 */
2303 HWTEST_F(AccessTokenKitTest, AllocHapToken012, TestSize.Level1)
2304 {
2305 std::string backup = g_infoManagerTestInfoParms.bundleName;
2306
2307 g_infoManagerTestInfoParms.bundleName = "";
2308 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2309 ASSERT_EQ(INVALID_TOKENID, tokenID);
2310 g_infoManagerTestInfoParms.bundleName = backup;
2311 }
2312
2313 /**
2314 * @tc.name: AllocHapToken013
2315 * @tc.desc: cannot alloc a tokenId with invalid appIDDesc.
2316 * @tc.type: FUNC
2317 * @tc.require: Issue Number
2318 */
2319 HWTEST_F(AccessTokenKitTest, AllocHapToken013, TestSize.Level1)
2320 {
2321 std::string backup = g_infoManagerTestInfoParms.appIDDesc;
2322
2323 g_infoManagerTestInfoParms.appIDDesc = "";
2324 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2325 ASSERT_EQ(INVALID_TOKENID, tokenID);
2326 g_infoManagerTestInfoParms.appIDDesc = backup;
2327 }
2328
2329 /**
2330 * @tc.name: AllocHapToken014
2331 * @tc.desc: can alloc a tokenId with permList permissionName as "".
2332 * @tc.type: FUNC
2333 * @tc.require: Issue Number
2334 */
2335 HWTEST_F(AccessTokenKitTest, AllocHapToken014, TestSize.Level1)
2336 {
2337 std::string backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2338
2339 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "";
2340 AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2341 PermissionDef permDefResultBeta;
2342 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, AccessTokenKit::GetDefPermission("", permDefResultBeta));
2343 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backup;
2344
2345 DeleteTestToken();
2346 }
2347
2348 /**
2349 * @tc.name: AllocHapToken015
2350 * @tc.desc: can alloc a tokenId with permList bundleName as "".
2351 * @tc.type: FUNC
2352 * @tc.require: Issue Number
2353 */
2354 HWTEST_F(AccessTokenKitTest, AllocHapToken015, TestSize.Level1)
2355 {
2356 std::string backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName;
2357 std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2358
2359 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName = "";
2360 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "ohos.permission.testtmp05";
2361 AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2362
2363 PermissionDef permDefResultBeta;
2364 int ret = AccessTokenKit::GetDefPermission(
2365 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResultBeta);
2366 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
2367 ret = AccessTokenKit::GetDefPermission(
2368 g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName, permDefResultBeta);
2369 ASSERT_EQ(RET_SUCCESS, ret);
2370 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName = backup;
2371 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backUpPermission;
2372
2373 DeleteTestToken();
2374 }
2375
2376 /**
2377 * @tc.name: AllocHapToken016
2378 * @tc.desc: can alloc a tokenId with label as "".
2379 * @tc.type: FUNC
2380 * @tc.require: Issue Number
2381 */
2382 HWTEST_F(AccessTokenKitTest, AllocHapToken016, TestSize.Level1)
2383 {
2384 std::string backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label;
2385 std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2386
2387 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label = "";
2388 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "ohos.permission.testtmp06";
2389 AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2390
2391 PermissionDef permDefResult;
2392 int ret = AccessTokenKit::GetDefPermission(
2393 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResult);
2394 ASSERT_EQ(ret, RET_SUCCESS);
2395 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label = backup;
2396 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backUpPermission;
2397
2398 DeleteTestToken();
2399 }
2400
2401 /**
2402 * @tc.name: AllocHapToken017
2403 * @tc.desc: cannot alloc a tokenId with invalid permdef.
2404 * @tc.type: FUNC
2405 * @tc.require: Issue Number
2406 */
2407 HWTEST_F(AccessTokenKitTest, AllocHapToken017, TestSize.Level1)
2408 {
2409 std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2410 std::string backupDec = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description;
2411
2412 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description = "";
2413 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "ohos.permission.testtmp07";
2414 AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2415
2416 PermissionDef permDefResult;
2417 int ret = AccessTokenKit::GetDefPermission(
2418 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResult);
2419 ASSERT_EQ(ret, RET_SUCCESS);
2420 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description = backupDec;
2421 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backUpPermission;
2422
2423 DeleteTestToken();
2424 }
2425
GetDlpFlagTest(HapInfoParams info,HapPolicyParams policy,int flag)2426 void AccessTokenKitTest::GetDlpFlagTest(HapInfoParams info, HapPolicyParams policy, int flag)
2427 {
2428 int32_t ret;
2429 HapTokenInfo hapTokenInfoRes;
2430 uint32_t tokenID = GetAccessTokenID(info.userID, info.bundleName, 2);
2431 if (tokenID != 0) {
2432 ret = AccessTokenKit::DeleteToken(tokenID);
2433 }
2434 AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(info, policy);
2435 EXPECT_NE(INVALID_TOKENID, tokenIdEx.tokenIdExStruct.tokenID);
2436 ret = AccessTokenKit::GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapTokenInfoRes);
2437 EXPECT_EQ(ret, RET_SUCCESS);
2438 EXPECT_EQ(hapTokenInfoRes.dlpType, flag);
2439 if (flag == DLP_COMMON) {
2440 EXPECT_EQ(AccessTokenKit::GetHapDlpFlag(tokenIdEx.tokenIdExStruct.tokenID), 0);
2441 } else {
2442 EXPECT_EQ(AccessTokenKit::GetHapDlpFlag(tokenIdEx.tokenIdExStruct.tokenID), 1);
2443 }
2444 ret = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
2445 EXPECT_EQ(RET_SUCCESS, ret);
2446 GTEST_LOG_(INFO) << "tokenID :" << tokenIdEx.tokenIdExStruct.tokenID;
2447 ret = AccessTokenKit::GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapTokenInfoRes);
2448 EXPECT_EQ(ret, AccessTokenError::ERR_TOKENID_NOT_EXIST);
2449 }
2450
2451 /**
2452 * @tc.name: AllocHapToken018
2453 * @tc.desc: alloc a tokenId with vaild dlptype.
2454 * @tc.type: FUNC
2455 * @tc.require: Issue Number
2456 */
2457 HWTEST_F(AccessTokenKitTest, AllocHapToken018, TestSize.Level1)
2458 {
2459 HapPolicyParams infoManagerTestPolicyPrams = {
2460 .apl = APL_NORMAL,
2461 .domain = "test.domain",
2462 .permList = {},
2463 .permStateList = {}
2464 };
2465 HapInfoParams infoManagerTestInfoParms1 = {
2466 .userID = 1,
2467 .bundleName = "dlp_test1",
2468 .instIndex = 0,
2469 .dlpType = DLP_COMMON,
2470 .appIDDesc = "test3",
2471 .apiVersion = DEFAULT_API_VERSION
2472 };
2473 HapInfoParams infoManagerTestInfoParms2 = {
2474 .userID = 1,
2475 .bundleName = "dlp_test2",
2476 .instIndex = 1,
2477 .dlpType = DLP_READ,
2478 .appIDDesc = "test3",
2479 .apiVersion = DEFAULT_API_VERSION
2480 };
2481 HapInfoParams infoManagerTestInfoParms3 = {
2482 .userID = 1,
2483 .bundleName = "dlp_test3",
2484 .instIndex = 2,
2485 .dlpType = DLP_FULL_CONTROL,
2486 .appIDDesc = "test3",
2487 .apiVersion = DEFAULT_API_VERSION
2488 };
2489 GetDlpFlagTest(infoManagerTestInfoParms1, infoManagerTestPolicyPrams, DLP_COMMON);
2490 GetDlpFlagTest(infoManagerTestInfoParms2, infoManagerTestPolicyPrams, DLP_READ);
2491 GetDlpFlagTest(infoManagerTestInfoParms3, infoManagerTestPolicyPrams, DLP_FULL_CONTROL);
2492 }
2493
2494 /**
2495 * @tc.name: AllocHapToken019
2496 * @tc.desc: cannot alloc a tokenId with invalid dlpType.
2497 * @tc.type: FUNC
2498 * @tc.require: Issue Number
2499 */
2500 HWTEST_F(AccessTokenKitTest, AllocHapToken019, TestSize.Level1)
2501 {
2502 AccessTokenIDEx tokenIdEx = {0};
2503 HapPolicyParams infoManagerTestPolicyPrams = {
2504 .apl = APL_NORMAL,
2505 .domain = "test.domain",
2506 .permList = {},
2507 .permStateList = {}
2508 };
2509 HapInfoParams infoManagerTestInfoParms1 = {
2510 .userID = 1,
2511 .bundleName = "accesstoken_test",
2512 .instIndex = 4,
2513 .dlpType = INVALID_DLP_TYPE,
2514 .appIDDesc = "test3",
2515 .apiVersion = DEFAULT_API_VERSION
2516 };
2517
2518 tokenIdEx = AccessTokenKit::AllocHapToken(infoManagerTestInfoParms1, infoManagerTestPolicyPrams);
2519 ASSERT_EQ(INVALID_TOKENID, tokenIdEx.tokenIdExStruct.tokenID);
2520 }
2521
2522 /**
2523 * @tc.name: AvailableType001
2524 * @tc.desc: get permission availableType
2525 * @tc.type: FUNC
2526 * @tc.require:issue I82QGU
2527 */
2528 HWTEST_F(AccessTokenKitTest, AvailableType001, TestSize.Level1)
2529 {
2530 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2531 ASSERT_NE(INVALID_TOKENID, tokenID);
2532
2533 // test MDM permission
2534 std::string permission = g_infoManagerTestPermDef1.permissionName;
2535 ATokenAvailableTypeEnum type = g_infoManagerTestPermDef1.availableType;
2536 PermissionDef permDef1;
2537 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetDefPermission(permission, permDef1));
2538 ASSERT_EQ(permDef1.availableType, type);
2539
2540 // test NORMAL permission(default)
2541 permission = g_infoManagerTestPermDef2.permissionName;
2542 type = g_infoManagerTestPermDef2.availableType;
2543 PermissionDef permDef2;
2544 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetDefPermission(permission, permDef2));
2545 ASSERT_EQ(permDef2.availableType, type);
2546 }
2547
2548 /**
2549 * @tc.name: UpdateHapToken001
2550 * @tc.desc: alloc a tokenId successfully, update it successfully and verify it.
2551 * @tc.type: FUNC
2552 * @tc.require: Issue Number
2553 */
2554 HWTEST_F(AccessTokenKitTest, UpdateHapToken001, TestSize.Level1)
2555 {
2556 ATokenAplEnum apl = g_infoManagerTestPolicyPrams.apl;
2557
2558 DeleteTestToken();
2559 AccessTokenIDEx tokenIdEx = {0};
2560 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2561 GTEST_LOG_(INFO) << "tokenID :" << tokenIdEx.tokenIdExStruct.tokenID;
2562 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2563 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
2564 g_infoManagerTestPolicyPrams.apl = APL_SYSTEM_BASIC;
2565 UpdateHapInfoParams info;
2566 info.appIDDesc = "housework app";
2567 info.apiVersion = DEFAULT_API_VERSION;
2568 info.isSystemApp = false;
2569 info.appDistributionType = "enterprise_mdm";
2570 int ret = AccessTokenKit::UpdateHapToken(
2571 tokenIdEx, info, g_infoManagerTestPolicyPrams);
2572 ASSERT_EQ(0, ret);
2573
2574 HapTokenInfo hapTokenInfoRes;
2575 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes));
2576
2577 ASSERT_EQ(hapTokenInfoRes.appID, info.appIDDesc);
2578 ASSERT_EQ(hapTokenInfoRes.apl, APL_SYSTEM_BASIC);
2579
2580 g_infoManagerTestPolicyPrams.apl = apl;
2581
2582 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
2583 }
2584
2585 /**
2586 * @tc.name: UpdateHapToken002
2587 * @tc.desc: cannot update hap token info with invalid userId.
2588 * @tc.type: FUNC
2589 * @tc.require: Issue Number
2590 */
2591 HWTEST_F(AccessTokenKitTest, UpdateHapToken002, TestSize.Level1)
2592 {
2593 AccessTokenIDEx tokenIdEx = {
2594 .tokenIdExStruct.tokenID = TEST_TOKENID_INVALID,
2595 .tokenIdExStruct.tokenAttr = 0,
2596 };
2597 UpdateHapInfoParams info;
2598 info.appIDDesc = "appIDDesc";
2599 info.apiVersion = DEFAULT_API_VERSION;
2600 info.isSystemApp = false;
2601 int ret = AccessTokenKit::UpdateHapToken(
2602 tokenIdEx, info, g_infoManagerTestPolicyPrams);
2603 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
2604 }
2605
2606 /**
2607 * @tc.name: UpdateHapToken003
2608 * @tc.desc: cannot update hap token info with invalid appIDDesc.
2609 * @tc.type: FUNC
2610 * @tc.require: Issue Number
2611 */
2612 HWTEST_F(AccessTokenKitTest, UpdateHapToken003, TestSize.Level1)
2613 {
2614 const std::string appIDDesc (INVALID_APPIDDESC_LEN, 'x');
2615
2616 AccessTokenIDEx tokenIdEx = {0};
2617 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2618
2619 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2620 UpdateHapInfoParams info;
2621 info.appIDDesc = appIDDesc;
2622 info.apiVersion = DEFAULT_API_VERSION;
2623 info.isSystemApp = false;
2624 int ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams);
2625 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
2626
2627 HapTokenInfo hapTokenInfoRes;
2628 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes));
2629
2630 ASSERT_EQ(hapTokenInfoRes.appID, g_infoManagerTestInfoParms.appIDDesc);
2631
2632 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
2633 }
2634
2635 /**
2636 * @tc.name: UpdateHapToken004
2637 * @tc.desc: cannot update a tokenId with invalid apl.
2638 * @tc.type: FUNC
2639 * @tc.require: Issue Number
2640 */
2641 HWTEST_F(AccessTokenKitTest, UpdateHapToken004, TestSize.Level1)
2642 {
2643 ATokenAplEnum apl = g_infoManagerTestPolicyPrams.apl;
2644
2645 AccessTokenIDEx tokenIdEx = {0};
2646 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2647
2648 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2649
2650 g_infoManagerTestPolicyPrams.apl = (ATokenAplEnum)5;
2651 UpdateHapInfoParams info;
2652 info.appIDDesc = "housework app";
2653 info.apiVersion = DEFAULT_API_VERSION;
2654 info.isSystemApp = false;
2655 int ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams);
2656 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
2657
2658 HapTokenInfo hapTokenInfoRes;
2659 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes));
2660
2661 ASSERT_EQ(hapTokenInfoRes.apl, apl);
2662 g_infoManagerTestPolicyPrams.apl = apl;
2663
2664 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
2665 }
2666
2667 /**
2668 * @tc.name: UpdateHapToken005
2669 * @tc.desc: cannot update a tokenId with invalid string value.
2670 * @tc.type: FUNC
2671 * @tc.require: Issue Number
2672 */
2673 HWTEST_F(AccessTokenKitTest, UpdateHapToken005, TestSize.Level1)
2674 {
2675 std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2676 PermissionDef permDefResult;
2677
2678 DeleteTestToken();
2679 AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2680 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIdExStruct.tokenID);
2681
2682 UpdateHapInfoParams info;
2683 info.appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2684 info.apiVersion = DEFAULT_API_VERSION;
2685 info.appDistributionType = "enterprise_mdm";
2686 info.isSystemApp = false;
2687
2688 std::string backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2689 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "";
2690 int ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams);
2691 ret = AccessTokenKit::GetDefPermission(
2692 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResult);
2693 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
2694 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backup;
2695
2696 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "ohos.permission.testtmp11";
2697 backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName;
2698 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName = "";
2699 ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams);
2700 ret = AccessTokenKit::GetDefPermission(
2701 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResult);
2702 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
2703 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName = backup;
2704 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backUpPermission;
2705
2706 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "ohos.permission.testtmp12";
2707 backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label;
2708 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label = "";
2709 ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams);
2710 ASSERT_EQ(RET_SUCCESS, ret);
2711 ret = AccessTokenKit::GetDefPermission(
2712 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResult);
2713 ASSERT_EQ(RET_SUCCESS, ret);
2714 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label = backup;
2715 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backUpPermission;
2716
2717 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "ohos.permission.testtmp13";
2718 backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description;
2719 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description = "";
2720 ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams);
2721 ASSERT_EQ(RET_SUCCESS, ret);
2722 ret = AccessTokenKit::GetDefPermission(
2723 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResult);
2724 ASSERT_EQ(RET_SUCCESS, ret);
2725 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description = backup;
2726 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backUpPermission;
2727
2728 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID));
2729 }
2730
2731 /**
2732 * @tc.name: UpdateHapToken006
2733 * @tc.desc: update a batch of tokenId.
2734 * @tc.type: FUNC
2735 * @tc.require: Issue Number
2736 */
2737 HWTEST_F(AccessTokenKitTest, UpdateHapToken006, TestSize.Level1)
2738 {
2739 int allocFlag = 0;
2740 int updateFlag = 0;
2741 int deleteFlag = 0;
2742 AccessTokenIDEx tokenIdEx = {0};
2743 vector<AccessTokenID> obj;
2744 bool exist;
2745 HapInfoParams testInfo = g_infoManagerTestInfoParms;
2746 DeleteTestToken();
2747
2748 for (int i = 0; i < CYCLE_TIMES; i++) {
2749 tokenIdEx = AccessTokenKit::AllocHapToken(testInfo, g_infoManagerTestPolicyPrams);
2750 AccessTokenID tokenID = GetAccessTokenID(testInfo.userID, testInfo.bundleName, testInfo.instIndex);
2751
2752 exist = ExistInVector(obj, tokenID);
2753 if (exist) {
2754 allocFlag = 1;
2755 break;
2756 }
2757 obj.push_back(tokenID);
2758 testInfo.userID++;
2759 }
2760
2761 testInfo.instIndex = 1;
2762 g_infoManagerTestPolicyPrams.apl = APL_SYSTEM_BASIC;
2763 UpdateHapInfoParams info;
2764 info.appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2765 info.apiVersion = DEFAULT_API_VERSION;
2766 info.appDistributionType = "enterprise_mdm";
2767 info.isSystemApp = false;
2768 for (size_t i = 0; i < obj.size(); i++) {
2769 AccessTokenIDEx idEx = {
2770 .tokenIdExStruct.tokenID = obj[i],
2771 .tokenIdExStruct.tokenAttr = 0,
2772 };
2773 int ret = AccessTokenKit::UpdateHapToken(idEx, info, g_infoManagerTestPolicyPrams);
2774 if (RET_SUCCESS != ret) {
2775 updateFlag = 1;
2776 break;
2777 }
2778 }
2779 g_infoManagerTestPolicyPrams.apl = APL_NORMAL;
2780
2781 for (size_t i = 0; i < obj.size(); i++) {
2782 int ret = AccessTokenKit::DeleteToken(obj[i]);
2783 if (RET_SUCCESS != ret) {
2784 deleteFlag = 1;
2785 }
2786 }
2787 ASSERT_EQ(allocFlag, 0);
2788 ASSERT_EQ(updateFlag, 0);
2789 ASSERT_EQ(deleteFlag, 0);
2790 }
2791
2792 /**
2793 * @tc.name: UpdateHapToken007
2794 * @tc.desc: add new permissdef.
2795 * @tc.type: FUNC
2796 * @tc.require: Issue Number
2797 */
2798 HWTEST_F(AccessTokenKitTest, UpdateHapToken007, TestSize.Level1)
2799 {
2800 int ret;
2801 DeleteTestToken();
2802
2803 AccessTokenIDEx tokenIdEx = {0};
2804 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2805 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2806 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
2807
2808 PermissionDef permDefResult;
2809 /* check permission define before update */
2810 ret = AccessTokenKit::GetDefPermission("ohos.permission.test3", permDefResult);
2811 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
2812
2813 std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2814 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = "ohos.permission.test3";
2815 UpdateHapInfoParams info;
2816 info.appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2817 info.apiVersion = DEFAULT_API_VERSION;
2818 info.isSystemApp = false;
2819 info.appDistributionType = "enterprise_mdm";
2820 ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams);
2821 ASSERT_EQ(RET_SUCCESS, ret);
2822 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName = backUp;
2823
2824 GTEST_LOG_(INFO) << "permissionName :" << g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName;
2825
2826 ret = AccessTokenKit::GetDefPermission("ohos.permission.test3", permDefResult);
2827 if (ret != RET_SUCCESS) {
2828 ret = AccessTokenKit::DeleteToken(tokenID);
2829 ASSERT_EQ(RET_SUCCESS, ret);
2830 }
2831 ASSERT_EQ(RET_SUCCESS, ret);
2832 ASSERT_EQ("ohos.permission.test3", permDefResult.permissionName);
2833
2834 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
2835 }
2836 /**
2837 * @tc.name: UpdateHapToken008
2838 * @tc.desc: modify permissdef's grantMode.
2839 * @tc.type: FUNC
2840 * @tc.require: Issue Number
2841 */
2842 HWTEST_F(AccessTokenKitTest, UpdateHapToken008, TestSize.Level1)
2843 {
2844 int ret;
2845 const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2846 int backupMode = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].grantMode;
2847 std::string backupLable = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label;
2848 DeleteTestToken();
2849
2850 AccessTokenIDEx tokenIdEx = {0};
2851 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2852 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2853 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
2854
2855 PermissionDef permDefResult;
2856 /* check permission define before update */
2857 ret = AccessTokenKit::GetDefPermission(
2858 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResult);
2859 ASSERT_EQ(RET_SUCCESS, ret);
2860 ASSERT_EQ(g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResult.permissionName);
2861 ASSERT_EQ(g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label, permDefResult.label);
2862 ASSERT_EQ(g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].grantMode, permDefResult.grantMode);
2863
2864 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].grantMode = 0;
2865 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label = "updated label";
2866 UpdateHapInfoParams info;
2867 info.appIDDesc = appIDDesc;
2868 info.apiVersion = DEFAULT_API_VERSION;
2869 info.isSystemApp = false;
2870 info.appDistributionType = "enterprise_mdm";
2871 ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams);
2872 ASSERT_EQ(RET_SUCCESS, ret);
2873
2874 /* check permission define after update */
2875 ret = AccessTokenKit::GetDefPermission(
2876 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResult);
2877 ASSERT_EQ(RET_SUCCESS, ret);
2878 ASSERT_EQ(g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName, permDefResult.permissionName);
2879 ASSERT_EQ(g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label, permDefResult.label);
2880 ASSERT_EQ(g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].grantMode, permDefResult.grantMode);
2881
2882 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label = backupLable;
2883 g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].grantMode = backupMode;
2884 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
2885 }
2886
2887 /**
2888 * @tc.name: UpdateHapToken009
2889 * @tc.desc: old permission define will not update its grantStatus.
2890 * @tc.type: FUNC
2891 * @tc.require: Issue Number
2892 */
2893 HWTEST_F(AccessTokenKitTest, UpdateHapToken009, TestSize.Level1)
2894 {
2895 int ret;
2896 std::vector<PermissionDef> permDefList;
2897 const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2898 PermissionDef infoManagerTestPermDef = g_infoManagerTestPermDef1;
2899 PermissionStateFull infoManagerTestState = g_infoManagerTestState1;
2900 std::string permisson = infoManagerTestState.permissionName;
2901
2902 DeleteTestToken();
2903 AccessTokenIDEx tokenIdEx = {0};
2904 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2905 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2906 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
2907
2908 ASSERT_EQ(AccessTokenKit::VerifyAccessToken(tokenID, permisson, false), infoManagerTestState.grantStatus[0]);
2909
2910 infoManagerTestState.grantStatus[0] = PermissionState::PERMISSION_DENIED;
2911 HapPolicyParams infoManagerTestPolicyPrams = {
2912 .apl = APL_NORMAL,
2913 .domain = "test.domain",
2914 .permList = {infoManagerTestPermDef},
2915 .permStateList = {infoManagerTestState}
2916 };
2917 UpdateHapInfoParams info;
2918 info.appIDDesc = appIDDesc;
2919 info.apiVersion = DEFAULT_API_VERSION;
2920 info.isSystemApp = false;
2921 info.appDistributionType = "enterprise_mdm";
2922 ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, infoManagerTestPolicyPrams);
2923 ASSERT_EQ(RET_SUCCESS, ret);
2924
2925 ASSERT_NE(AccessTokenKit::VerifyAccessToken(tokenID, permisson, false), PermissionState::PERMISSION_DENIED);
2926
2927 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
2928 }
2929
2930 /**
2931 * @tc.name: UpdateHapToken010
2932 * @tc.desc: update api version.
2933 * @tc.type: FUNC
2934 * @tc.require:Issue Number
2935 */
2936 HWTEST_F(AccessTokenKitTest, UpdateHapToken010, TestSize.Level1)
2937 {
2938 AccessTokenIDEx tokenIdEx = {0};
2939 const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2940 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2941 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2942 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
2943
2944 UpdateHapInfoParams info;
2945 info.appIDDesc = appIDDesc;
2946 info.isSystemApp = false;
2947 info.appDistributionType = "enterprise_mdm";
2948
2949 info.apiVersion = DEFAULT_API_VERSION - 1;
2950 int ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams);
2951
2952 HapTokenInfo hapTokenInfoRes;
2953 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
2954 ASSERT_EQ(info.apiVersion, hapTokenInfoRes.apiVersion);
2955
2956 info.apiVersion = DEFAULT_API_VERSION + 1;
2957 ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams);
2958
2959 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
2960 ASSERT_EQ(info.apiVersion, hapTokenInfoRes.apiVersion);
2961
2962 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
2963 }
2964
2965 /**
2966 * @tc.name: UpdateHapToken011
2967 * @tc.desc: AccessTokenKit::UpdateHapToken function test
2968 * @tc.type: FUNC
2969 * @tc.require: issueI61A6M
2970 */
2971 HWTEST_F(AccessTokenKitTest, UpdateHapToken011, TestSize.Level1)
2972 {
2973 AccessTokenIDEx tokenID = {0};
2974 HapPolicyParams policy;
2975 UpdateHapInfoParams info;
2976 info.appIDDesc = std::string("updateFailed");
2977 info.apiVersion = 0;
2978 info.isSystemApp = false;
2979 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID,
2980 AccessTokenKit::UpdateHapToken(tokenID, info, policy));
2981 }
2982
ThreadTestFunc01(void * args)2983 static void *ThreadTestFunc01(void *args)
2984 {
2985 ATokenTypeEnum type;
2986 AccessTokenID tokenID;
2987
2988 for (int i = 0; i < CYCLE_TIMES; i++) {
2989 tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
2990 g_infoManagerTestInfoParms.bundleName,
2991 g_infoManagerTestInfoParms.instIndex);
2992 type = AccessTokenKit::GetTokenType(tokenID);
2993 if (type != TOKEN_HAP) {
2994 GTEST_LOG_(INFO) << "ThreadTestFunc01 failed" << tokenID;
2995 }
2996 }
2997 return nullptr;
2998 }
2999
ThreadTestFunc02(void * args)3000 static void *ThreadTestFunc02(void *args)
3001 {
3002 int ret;
3003 AccessTokenID tokenID;
3004 HapTokenInfo hapTokenInfoRes;
3005
3006 for (int i = 0; i < CYCLE_TIMES; i++) {
3007 tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
3008 g_infoManagerTestInfoParms.bundleName,
3009 g_infoManagerTestInfoParms.instIndex);
3010 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
3011 if (ret != RET_SUCCESS) {
3012 GTEST_LOG_(INFO) << "ThreadTestFunc02 failed" << tokenID;
3013 }
3014 }
3015 return nullptr;
3016 }
3017
3018 /**
3019 * @tc.name: AllocHapToken011
3020 * @tc.desc: Mulitpulthread test.
3021 * @tc.type: FUNC
3022 * @tc.require: Issue Number
3023 */
3024 HWTEST_F(AccessTokenKitTest, Mulitpulthread001, TestSize.Level1)
3025 {
3026 int ret;
3027 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
3028 ASSERT_NE(INVALID_TOKENID, tokenID);
3029 pthread_t tid[2];
3030 (void)pthread_create(&tid[0], nullptr, &ThreadTestFunc01, nullptr);
3031 (void)pthread_create(&tid[1], nullptr, &ThreadTestFunc01, nullptr);
3032 (void)pthread_join(tid[0], nullptr);
3033 (void)pthread_join(tid[1], nullptr);
3034
3035 (void)pthread_create(&tid[0], nullptr, &ThreadTestFunc02, nullptr);
3036 (void)pthread_create(&tid[1], nullptr, &ThreadTestFunc02, nullptr);
3037 (void)pthread_join(tid[0], nullptr);
3038 (void)pthread_join(tid[1], nullptr);
3039
3040 ret = AccessTokenKit::DeleteToken(tokenID);
3041 ASSERT_EQ(RET_SUCCESS, ret);
3042 }
3043
ConcurrencyTask(unsigned int tokenID)3044 void ConcurrencyTask(unsigned int tokenID)
3045 {
3046 uint32_t flag;
3047 for (int i = 0; i < CYCLE_TIMES; i++) {
3048 AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
3049 AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
3050 AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
3051
3052 AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_SET);
3053 AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
3054 AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA, false);
3055 }
3056 }
3057
3058 /**
3059 * @tc.name: ConcurrencyTest001
3060 * @tc.desc: Concurrency testing
3061 * @tc.type: FUNC
3062 * @tc.require: Issue Number
3063 */
3064 HWTEST_F(AccessTokenKitTest, ConcurrencyTest001, TestSize.Level1)
3065 {
3066 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
3067 ASSERT_NE(INVALID_TOKENID, tokenID);
3068 std::vector<std::thread> threadVec;
3069 for (int i = 0; i < THREAD_NUM; i++) {
3070 threadVec.emplace_back(std::thread(ConcurrencyTask, tokenID));
3071 }
3072 for (auto it = threadVec.begin(); it != threadVec.end(); it++) {
3073 it->join();
3074 }
3075 }
3076
3077 /**
3078 * @tc.name: CheckNativeDCap001
3079 * @tc.desc: cannot Check native dcap with invalid tokenID.
3080 * @tc.type: FUNC
3081 * @tc.require: Issue Number
3082 */
3083 HWTEST_F(AccessTokenKitTest, CheckNativeDCap001, TestSize.Level1)
3084 {
3085 AccessTokenID tokenID = 0;
3086 const std::string dcap = "AT_CAP";
3087 int ret = AccessTokenKit::CheckNativeDCap(tokenID, dcap);
3088 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
3089
3090 tokenID = 1;
3091 ret = AccessTokenKit::CheckNativeDCap(tokenID, dcap);
3092 ASSERT_EQ(ERR_TOKENID_NOT_EXIST, ret);
3093 }
3094
3095 /**
3096 * @tc.name: CheckNativeDCap002
3097 * @tc.desc: cannot Check native dcap with invalid dcap.
3098 * @tc.type: FUNC
3099 * @tc.require: Issue Number
3100 */
3101 HWTEST_F(AccessTokenKitTest, CheckNativeDCap002, TestSize.Level1)
3102 {
3103 AccessTokenID tokenID = 0Xff;
3104 const std::string invalidDcap (INVALID_DCAP_LEN, 'x');
3105 int ret = AccessTokenKit::CheckNativeDCap(tokenID, invalidDcap);
3106 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
3107 }
3108
3109 /**
3110 * @tc.name: GetNativeTokenInfo001
3111 * @tc.desc: cannot get native token with invalid tokenID.
3112 * @tc.type: FUNC
3113 * @tc.require: Issue Number
3114 */
3115 HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo001, TestSize.Level1)
3116 {
3117 AccessTokenID tokenID = 0;
3118 NativeTokenInfo findInfo;
3119 int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo);
3120 ASSERT_EQ(ret, AccessTokenError::ERR_PARAM_INVALID);
3121 }
3122
3123 /**
3124 * @tc.name: GetNativeTokenInfo002
3125 * @tc.desc: cannot get native token with invalid tokenID.
3126 * @tc.type: FUNC
3127 * @tc.require: Issue Number
3128 */
3129 HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo002, TestSize.Level1)
3130 {
3131 AccessTokenID tokenHap = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
3132 ASSERT_NE(INVALID_TOKENID, tokenHap);
3133
3134 NativeTokenInfo nativeInfo;
3135 HapTokenInfo hapInfo;
3136 int ret = AccessTokenKit::GetNativeTokenInfo(tokenHap, nativeInfo);
3137 ASSERT_EQ(ret, AccessTokenError::ERR_PARAM_INVALID);
3138
3139 ret = AccessTokenKit::GetHapTokenInfo(tokenHap, hapInfo);
3140 ASSERT_EQ(ret, RET_SUCCESS);
3141
3142 AccessTokenID tokenNative = AccessTokenKit::GetNativeTokenId("token_sync_service");
3143 ASSERT_NE(INVALID_TOKENID, tokenNative);
3144
3145 ret = AccessTokenKit::GetNativeTokenInfo(tokenNative, nativeInfo);
3146 ASSERT_EQ(ret, RET_SUCCESS);
3147
3148 ret = AccessTokenKit::GetHapTokenInfo(tokenNative, hapInfo);
3149 ASSERT_EQ(ret, AccessTokenError::ERR_PARAM_INVALID);
3150
3151 AccessTokenKit::DeleteToken(tokenHap);
3152 }
3153
3154 /**
3155 * @tc.name: GetTokenTypeFlag001
3156 * @tc.desc: cannot get token type with tokenID.
3157 * @tc.type: FUNC
3158 * @tc.require: Issue Number
3159 */
3160 HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag001, TestSize.Level1)
3161 {
3162 AccessTokenID tokenID = 0;
3163 ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenID);
3164 ASSERT_EQ(ret, TOKEN_INVALID);
3165 }
3166
3167 /**
3168 * @tc.name: GetTokenTypeFlag002
3169 * @tc.desc: Get token type with native tokenID.
3170 * @tc.type: FUNC
3171 * @tc.require: Issue Number
3172 */
3173 HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag002, TestSize.Level1)
3174 {
3175 NativeTokenInfoParams infoInstance = {
3176 .dcapsNum = 0,
3177 .permsNum = 0,
3178 .aclsNum = 0,
3179 .dcaps = nullptr,
3180 .perms = nullptr,
3181 .acls = nullptr,
3182 .processName = "GetTokenTypeFlag002",
3183 .aplStr = "system_core",
3184 };
3185 uint64_t tokenId01 = GetAccessTokenId(&infoInstance);
3186
3187 AccessTokenID tokenID = tokenId01 & 0xffffffff;
3188 ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenID);
3189 ASSERT_EQ(ret, TOKEN_NATIVE);
3190 }
3191
3192 /**
3193 * @tc.name: SetPermDialogCap001
3194 * @tc.desc: Set permission dialog capability with noexist app.
3195 * @tc.type: FUNC
3196 * @tc.require: Issue Number
3197 */
3198 HWTEST_F(AccessTokenKitTest, SetPermDialogCap001, TestSize.Level1)
3199 {
3200 HapBaseInfo hapBaseInfo = {
3201 .userID = 111, // 111: user id
3202 .bundleName = "noexist bundle",
3203 .instIndex = 0,
3204 };
3205
3206 HapTokenInfo hapInfo;
3207 ASSERT_EQ(ERR_TOKENID_NOT_EXIST, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true));
3208 }
3209
3210 /**
3211 * @tc.name: SetPermDialogCap002
3212 * @tc.desc: Set permission dialog capability, and get set permissionState.
3213 * @tc.type: FUNC
3214 * @tc.require:
3215 */
3216 HWTEST_F(AccessTokenKitTest, SetPermDialogCap002, TestSize.Level1)
3217 {
3218 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
3219 HapBaseInfo hapBaseInfo = {
3220 .userID = g_infoManagerTestInfoParms.userID,
3221 .bundleName = g_infoManagerTestInfoParms.bundleName,
3222 .instIndex = g_infoManagerTestInfoParms.instIndex,
3223 };
3224
3225 std::vector<PermissionListState> permsList;
3226 PermissionListState tmp = {
3227 .permissionName = g_infoManagerTestPolicyPrams.permStateList[0].permissionName,
3228 .state = PASS_OPER
3229 };
3230 permsList.emplace_back(tmp);
3231
3232 // test dialog is forbiddedn
3233 ASSERT_EQ(0, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true));
3234 SetSelfTokenID(tokenID);
3235 PermissionGrantInfo info;
3236 ASSERT_EQ(FORBIDDEN_OPER, AccessTokenKit::GetSelfPermissionsState(permsList, info));
3237 SetSelfTokenID(selfTokenId_);
3238
3239 // test dialog is not forbiddedn
3240 ASSERT_EQ(0, AccessTokenKit::SetPermDialogCap(hapBaseInfo, false));
3241 SetSelfTokenID(tokenID);
3242 ASSERT_NE(FORBIDDEN_OPER, AccessTokenKit::GetSelfPermissionsState(permsList, info));
3243 SetSelfTokenID(selfTokenId_);
3244
3245 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID));
3246 }
3247
3248 /**
3249 * @tc.name: GetSelfPermissionsState001
3250 * @tc.desc: get self permissions state with wrong token type.
3251 * @tc.type: FUNC
3252 * @tc.require:
3253 */
3254 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState001, TestSize.Level1)
3255 {
3256 AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
3257 HapBaseInfo hapBaseInfo = {
3258 .userID = g_infoManagerTestInfoParms.userID,
3259 .bundleName = g_infoManagerTestInfoParms.bundleName,
3260 .instIndex = g_infoManagerTestInfoParms.instIndex,
3261 };
3262
3263 std::vector<PermissionListState> permsList;
3264 PermissionListState tmp = {
3265 .permissionName = g_infoManagerTestPolicyPrams.permStateList[0].permissionName,
3266 .state = BUTT_OPER
3267 };
3268 permsList.emplace_back(tmp);
3269
3270 // test dialog isn't forbiddedn
3271 ASSERT_EQ(0, AccessTokenKit::SetPermDialogCap(hapBaseInfo, false));
3272 SetSelfTokenID(tokenID);
3273 PermissionGrantInfo info;
3274 ASSERT_EQ(INVALID_OPER, AccessTokenKit::GetSelfPermissionsState(permsList, info));
3275 }
3276 } // namespace AccessToken
3277 } // namespace Security
3278 } // namespace OHOS
3279