1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "permission_definition_parser_test.h"
17
18 #include "gtest/gtest.h"
19 #include <fcntl.h>
20 #include <memory>
21 #include <string>
22 #include <sys/socket.h>
23 #include <sys/stat.h>
24 #include <sys/un.h>
25 #include <thread>
26 #include <unistd.h>
27 #include <vector>
28
29 #include "access_token.h"
30 #include "accesstoken_info_manager.h"
31 #include "accesstoken_kit.h"
32 #include "access_token_error.h"
33 #include "permission_manager.h"
34 #include "permission_state_full.h"
35 #define private public
36 #include "json_parser.h"
37 #include "permission_definition_cache.h"
38 #include "permission_definition_parser.h"
39 #undef private
40 #include "securec.h"
41 #include "access_token_db.h"
42 #include "token_field_const.h"
43
44 using namespace testing::ext;
45 using namespace OHOS::Security::AccessToken;
46
47 namespace {
48 static bool g_hasHapPermissionDefinition;
49 static std::map<std::string, PermissionDefData> g_permissionDefinitionMap;
50 static const int32_t EXTENSION_PERMISSION_ID = 0;
51 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE,
52 SECURITY_DOMAIN_ACCESSTOKEN, "PermissionDefinitionParserTest"};
53 static const std::string SYSTEM_PERMISSION_A = "ohos.permission.PermDefParserTestA";
54 static const std::string USER_PERMISSION_B = "ohos.permission.PermDefParserTestB";
55 }
56
SetUpTestCase()57 void PermissionDefinitionParserTest::SetUpTestCase()
58 {
59 }
60
TearDownTestCase()61 void PermissionDefinitionParserTest::TearDownTestCase()
62 {
63 }
64
SetUp()65 void PermissionDefinitionParserTest::SetUp()
66 {
67 g_permissionDefinitionMap = PermissionDefinitionCache::GetInstance().permissionDefinitionMap_;
68 PermissionDefinitionCache::GetInstance().permissionDefinitionMap_.clear();
69 g_hasHapPermissionDefinition = PermissionDefinitionCache::GetInstance().hasHapPermissionDefinition_;
70 PermissionDefinitionCache::GetInstance().hasHapPermissionDefinition_ = false;
71 }
72
TearDown()73 void PermissionDefinitionParserTest::TearDown()
74 {
75 PermissionDefinitionCache::GetInstance().permissionDefinitionMap_ = g_permissionDefinitionMap; // recovery
76 PermissionDefinitionCache::GetInstance().hasHapPermissionDefinition_ = g_hasHapPermissionDefinition;
77 ACCESSTOKEN_LOG_INFO(LABEL, "test down!");
78 }
79
80 /**
81 * @tc.name: ParserPermsRawDataTest001
82 * @tc.desc: Parse permission definition information.
83 * @tc.type: FUNC
84 * @tc.require: Issue Number
85 */
86 HWTEST_F(PermissionDefinitionParserTest, ParserPermsRawDataTest001, TestSize.Level1)
87 {
88 EXPECT_FALSE(PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
89 EXPECT_FALSE(PermissionDefinitionCache::GetInstance().HasDefinition(USER_PERMISSION_B));
90 PermissionDefinitionParser& parser = PermissionDefinitionParser::GetInstance();
91 std::string permsRawData = R"({"systemGrantPermissions":[)"\
92 R"({"name":"ohos.permission.PermDefParserTestA","grantMode":"system_grant","availableLevel":"system_basic",)"\
93 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\
94 R"("userGrantPermissions":[)"\
95 R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\
96 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,)"\
97 R"("label":"$string:test_label_B","description":"$string:test_description_B"}]})";
98 std::vector<PermissionDef> permDefList;
99 int32_t ret = parser.ParserPermsRawData(permsRawData, permDefList);
100 ASSERT_EQ(ret, RET_SUCCESS);
101 EXPECT_EQ(2, permDefList.size());
102
103 for (const auto& perm : permDefList) {
104 GTEST_LOG_(INFO) << perm.permissionName.c_str();
105 PermissionDefinitionCache::GetInstance().Insert(perm, EXTENSION_PERMISSION_ID);
106 }
107
108 EXPECT_TRUE(PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
109 EXPECT_TRUE(PermissionDefinitionCache::GetInstance().HasDefinition(USER_PERMISSION_B));
110 PermissionDef permissionDefResult;
111 PermissionManager::GetInstance().GetDefPermission(SYSTEM_PERMISSION_A, permissionDefResult);
112 EXPECT_EQ(SYSTEM_GRANT, permissionDefResult.grantMode);
113 EXPECT_EQ(APL_SYSTEM_BASIC, permissionDefResult.availableLevel);
114 EXPECT_EQ(SERVICE, permissionDefResult.availableType);
115 EXPECT_EQ(true, permissionDefResult.provisionEnable);
116 EXPECT_EQ(false, permissionDefResult.distributedSceneEnable);
117 EXPECT_EQ("", permissionDefResult.label);
118 EXPECT_EQ("", permissionDefResult.description);
119
120 PermissionManager::GetInstance().GetDefPermission(USER_PERMISSION_B, permissionDefResult);
121 EXPECT_EQ(USER_GRANT, permissionDefResult.grantMode);
122 EXPECT_EQ(APL_SYSTEM_BASIC, permissionDefResult.availableLevel);
123 EXPECT_EQ(SERVICE, permissionDefResult.availableType);
124 EXPECT_EQ(true, permissionDefResult.provisionEnable);
125 EXPECT_EQ(false, permissionDefResult.distributedSceneEnable);
126 EXPECT_EQ("$string:test_label_B", permissionDefResult.label);
127 EXPECT_EQ("$string:test_description_B", permissionDefResult.description);
128 }
129
130 /**
131 * @tc.name: ParserPermsRawDataTest002
132 * @tc.desc: Invalid file.
133 * @tc.type: FUNC
134 * @tc.require: Issue Number
135 */
136 HWTEST_F(PermissionDefinitionParserTest, ParserPermsRawDataTest002, TestSize.Level1)
137 {
138 PermissionDefinitionParser& parser = PermissionDefinitionParser::GetInstance();
139 std::string permsRawData = R"({"systemGrantPermissions":[)"\
140 R"({"name":"ohos.permission.xxxxxxxxxxxxxxxxxxxxxxxxxx",)"\
141 R"("xxxxxxxxxxxxxxxxxxxxxxxxxx":"$string:test_description_B"}]})";
142 std::vector<PermissionDef> permDefList;
143 int32_t ret = parser.ParserPermsRawData(permsRawData, permDefList);
144 ASSERT_EQ(ret, ERR_PERM_REQUEST_CFG_FAILED);
145 }
146
147 /**
148 * @tc.name: ParserPermsRawDataTest003
149 * @tc.desc: Permission definition file missing.
150 * @tc.type: FUNC
151 * @tc.require: Issue Number
152 */
153 HWTEST_F(PermissionDefinitionParserTest, ParserPermsRawDataTest003, TestSize.Level1)
154 {
155 EXPECT_FALSE(PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
156 EXPECT_FALSE(PermissionDefinitionCache::GetInstance().HasDefinition(USER_PERMISSION_B));
157 PermissionDefinitionParser& parser = PermissionDefinitionParser::GetInstance();
158 std::string permsRawData = R"({"systemGrantPermissions":[)"\
159 R"({"name":"ohos.permission.PermDefParserTestA","grantMode":"system_grant","availableLevel":"system_basic",)"\
160 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}]})";
161 std::vector<PermissionDef> permDefList;
162 int32_t ret = parser.ParserPermsRawData(permsRawData, permDefList);
163 ASSERT_EQ(ret, ERR_PARAM_INVALID);
164
165 permsRawData = R"({"userGrantPermissions":[)"\
166 R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\
167 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,)"\
168 R"("label":"$string:test_label_B","description":"$string:test_description_B"}]})";
169 ret = parser.ParserPermsRawData(permsRawData, permDefList);
170 ASSERT_EQ(ret, ERR_PARAM_INVALID);
171 }
172
173 /**
174 * @tc.name: FromJson001
175 * @tc.desc: Test property value is missing
176 * @tc.type: FUNC
177 * @tc.require: Issue Number
178 */
179 HWTEST_F(PermissionDefinitionParserTest, FromJson001, TestSize.Level1)
180 {
181 PermissionDefinitionParser& instance = PermissionDefinitionParser::GetInstance();
182 std::string permsRawData = R"({"systemGrantPermissions":[)"\
183 R"({"grantMode":"system_grant","availableLevel":"system_basic",)"\
184 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\
185 R"("userGrantPermissions":[]})";
186 std::vector<PermissionDef> permDefList;
187 instance.ParserPermsRawData(permsRawData, permDefList);
188 EXPECT_EQ(0, permDefList.size());
189 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
190
191 permsRawData = R"({"systemGrantPermissions":[)"\
192 R"({"name":"ohos.permission.PermDefParserTestA","availableLevel":"system_basic",)"\
193 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\
194 R"("userGrantPermissions":[]})";
195 instance.ParserPermsRawData(permsRawData, permDefList);
196 EXPECT_EQ(0, permDefList.size());
197 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
198
199 permsRawData = R"({"systemGrantPermissions":[)"\
200 R"({"name":"ohos.permission.PermDefParserTestA","grantMode":"system_grant",)"\
201 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\
202 R"("userGrantPermissions":[]})";
203 instance.ParserPermsRawData(permsRawData, permDefList);
204 EXPECT_EQ(0, permDefList.size());
205 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
206
207 permsRawData = R"({"systemGrantPermissions":[)"\
208 R"({"name":"ohos.permission.PermDefParserTestA","grantMode":"system_grant","availableLevel":"system_basic",)"\
209 R"("provisionEnable":true,"distributedSceneEnable":false}],)"\
210 R"("userGrantPermissions":[]})";
211 instance.ParserPermsRawData(permsRawData, permDefList);
212 EXPECT_EQ(0, permDefList.size());
213 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
214 }
215
216 /**
217 * @tc.name: FromJson002
218 * @tc.desc: Test property value is missing
219 * @tc.type: FUNC
220 * @tc.require: Issue Number
221 */
222 HWTEST_F(PermissionDefinitionParserTest, FromJson002, TestSize.Level1)
223 {
224 PermissionDefinitionParser& instance = PermissionDefinitionParser::GetInstance();
225 std::string permsRawData = R"({"systemGrantPermissions":[)"\
226 R"({"name":"ohos.permission.PermDefParserTestA","grantMode":"system_grant","availableLevel":"system_basic",)"\
227 R"("availableType":"SERVICE","distributedSceneEnable":false}],)"\
228 R"("userGrantPermissions":[]})";
229 std::vector<PermissionDef> permDefList;
230 instance.ParserPermsRawData(permsRawData, permDefList);
231 EXPECT_EQ(0, permDefList.size());
232 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
233
234 permsRawData = R"({"systemGrantPermissions":[],)"\
235 R"("userGrantPermissions":[)"\
236 R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\
237 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,)"\
238 R"("description":"$string:test_description_B"}]})";
239 instance.ParserPermsRawData(permsRawData, permDefList);
240 EXPECT_EQ(0, permDefList.size());
241 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(USER_PERMISSION_B));
242
243 permsRawData = R"({"systemGrantPermissions":[],)"\
244 R"("userGrantPermissions":[)"\
245 R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\
246 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,})"\
247 R"("label":"$string:test_label_B"]})";
248 instance.ParserPermsRawData(permsRawData, permDefList);
249 EXPECT_EQ(0, permDefList.size());
250 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(USER_PERMISSION_B));
251 }
252
253 /**
254 * @tc.name: FromJson003
255 * @tc.desc: Invalid param
256 * @tc.type: FUNC
257 * @tc.require: Issue Number
258 */
259 HWTEST_F(PermissionDefinitionParserTest, FromJson003, TestSize.Level1)
260 {
261 PermissionDefinitionParser& instance = PermissionDefinitionParser::GetInstance();
262 std::string permsRawData = R"({"systemGrantPermissions":[)"\
263 R"({"name":123,"grantMode":"system_grant","availableLevel":"system_basic",)"\
264 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\
265 R"("userGrantPermissions":[]})";
266 std::vector<PermissionDef> permDefList;
267 instance.ParserPermsRawData(permsRawData, permDefList);
268 EXPECT_EQ(0, permDefList.size());
269 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
270
271 permsRawData = R"({"systemGrantPermissions":[)"\
272 R"({"name":"ohos.permission.PermDefParserTestA","grantMode":123,"availableLevel":"system_basic",)"\
273 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\
274 R"("userGrantPermissions":[]})";
275 instance.ParserPermsRawData(permsRawData, permDefList);
276 EXPECT_EQ(0, permDefList.size());
277 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
278
279 permsRawData = R"({"systemGrantPermissions":[)"\
280 R"({"name":"ohos.permission.PermDefParserTestA","grantMode":"system_grant","availableLevel":123,)"\
281 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\
282 R"("userGrantPermissions":[]})";
283 instance.ParserPermsRawData(permsRawData, permDefList);
284 EXPECT_EQ(0, permDefList.size());
285 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
286
287 permsRawData = R"({"systemGrantPermissions":[)"\
288 R"({"name":"ohos.permission.PermDefParserTestA","grantMode":"system_grant","availableLevel":"system_basic",)"\
289 R"("availableType":SERVICE,"provisionEnable":true,"distributedSceneEnable":false}],)"\
290 R"("userGrantPermissions":[]})";
291 instance.ParserPermsRawData(permsRawData, permDefList);
292 EXPECT_EQ(0, permDefList.size());
293 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
294 }
295
296 /**
297 * @tc.name: FromJson004
298 * @tc.desc: Invalid param
299 * @tc.type: FUNC
300 * @tc.require: Issue Number
301 */
302 HWTEST_F(PermissionDefinitionParserTest, FromJson004, TestSize.Level1)
303 {
304 PermissionDefinitionParser& instance = PermissionDefinitionParser::GetInstance();
305 std::string permsRawData = R"({"systemGrantPermissions":[)"\
306 R"({"name":"ohos.permission.PermDefParserTestA","grantMode":"system_grant","availableLevel":"system_basic",)"\
307 R"("availableType":"SERVICE","provisionEnable":"true","distributedSceneEnable":false}],)"\
308 R"("userGrantPermissions":[]})";
309 std::vector<PermissionDef> permDefList;
310 instance.ParserPermsRawData(permsRawData, permDefList);
311 EXPECT_EQ(0, permDefList.size());
312 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
313
314 permsRawData = R"({"systemGrantPermissions":[)"\
315 R"({"name":"ohos.permission.PermDefParserTestA","grantMode":"system_grant","availableLevel":"system_basic",)"\
316 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":"false"}],)"\
317 R"("userGrantPermissions":[]})";
318 instance.ParserPermsRawData(permsRawData, permDefList);
319 EXPECT_EQ(0, permDefList.size());
320 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A));
321
322 permsRawData = R"({"systemGrantPermissions":[],)"\
323 R"("userGrantPermissions":[)"\
324 R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\
325 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,"label":123,)"\
326 R"("description":"$string:test_description_B"}]})";
327 instance.ParserPermsRawData(permsRawData, permDefList);
328 EXPECT_EQ(0, permDefList.size());
329 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(USER_PERMISSION_B));
330
331 permsRawData = R"({"systemGrantPermissions":[],)"\
332 R"("userGrantPermissions":[)"\
333 R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\
334 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,)"\
335 R"("label":"$string:test_label_B","description":123}]})";
336 instance.ParserPermsRawData(permsRawData, permDefList);
337 EXPECT_EQ(0, permDefList.size());
338 EXPECT_EQ(false, PermissionDefinitionCache::GetInstance().HasDefinition(USER_PERMISSION_B));
339 }
340
341 /**
342 * @tc.name: FromJson005
343 * @tc.desc: Invalid param
344 * @tc.type: FUNC
345 * @tc.require: Issue Number
346 */
347 HWTEST_F(PermissionDefinitionParserTest, FromJson005, TestSize.Level1)
348 {
349 PermissionDefinitionParser& instance = PermissionDefinitionParser::GetInstance();
350 std::string permsRawData = R"({"systemGrantPermissions":[)"\
351 R"({"name":"","grantMode":"system_grant","availableLevel":"system_basic",)"\
352 R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\
353 R"("userGrantPermissions":[]})";
354 std::vector<PermissionDef> permDefList;
355 instance.ParserPermsRawData(permsRawData, permDefList);
356 EXPECT_EQ(0, permDefList.size());
357
358 permsRawData = R"({"systemGrantPermissions":[)"\
359 R"({"name":"ohos.permission.PermDefParserTestA","grantMode":"system_grant","availableLevel":"test",)"\
360 R"("availableType":TEST,"provisionEnable":true,"distributedSceneEnable":"false"}],)"\
361 R"("userGrantPermissions":[]})";
362 instance.ParserPermsRawData(permsRawData, permDefList);
363 EXPECT_EQ(0, permDefList.size());
364 }
365
366 /**
367 * @tc.name: IsSystemGrantedPermission001
368 * @tc.desc: Invalid param
369 * @tc.type: FUNC
370 * @tc.require:
371 */
372 HWTEST_F(PermissionDefinitionParserTest, IsSystemGrantedPermission001, TestSize.Level1)
373 {
374 EXPECT_FALSE(
375 PermissionDefinitionCache::GetInstance().IsSystemGrantedPermission("ohos.permission.SYSTEM_GRANT_FASLE"));
376 }
377