1 /*
2 * Copyright (C) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include <gtest/gtest.h>
16
17 #include "access_token.h"
18 #include "accesstoken_kit.h"
19 #include "data_share_permission.h"
20 #include "datashare_errno.h"
21 #include "datashare_log.h"
22 #include "errors.h"
23 #include "token_setproc.h"
24 #include "uri.h"
25
26 namespace OHOS {
27 namespace DataShare {
28 using namespace testing::ext;
29 using namespace OHOS::Security::AccessToken;
30 static int USER_100 = 100;
31 std::string EMPTY_URI = "";
32 std::string PROXY_ERROR_BUNDLE_URI = "datashareproxy://com.acts.datasharetest.error/test";
33 std::string URI_DIFF_PROXY_DATA = "datashareproxy://com.acts.datasharetest/test/error";
34 std::string PROXY_URI_OK = "datashareproxy://com.acts.datasharetest/test";
35 std::string PROXY_URI_HAVA_QUERY = "datashareproxy://com.acts.datasharetest/test?table=user&key=zhangsan";
36 std::string DATA_SHARE_ERROR_BUNDLE_URI = "datashare:///error.bundle.name/test";
37 std::string DATA_SHARE_URI = "datashare:///com.acts.datasharetest/test";
38 std::string DATA_SHARE_WRITEURI = "datashare:///com.acts.datasharetest/test/permission";
39
40 class PermissionTest : public testing::Test {
41 public:
42 static void SetUpTestCase(void);
43 static void TearDownTestCase(void);
44 void SetUp();
45 void TearDown();
46 };
47
SetUpTestCase(void)48 void PermissionTest::SetUpTestCase(void)
49 {
50 LOG_INFO("SetUpTestCase invoked");
51 int sleepTime = 3;
52 sleep(sleepTime);
53 HapInfoParams info = {
54 .userID = USER_100,
55 .bundleName = "ohos.datashareclienttest.demo",
56 .instIndex = 0,
57 .isSystemApp = true,
58 .apiVersion = 8,
59 .appIDDesc = "ohos.datashareclienttest.demo"
60 };
61 HapPolicyParams policy = {
62 .apl = APL_SYSTEM_CORE,
63 .domain = "test.domain",
64 .permStateList = {
65 {
66 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
67 .isGeneral = true,
68 .resDeviceID = { "local" },
69 .grantStatus = { PermissionState::PERMISSION_GRANTED },
70 .grantFlags = { 1 }
71 },
72 {
73 .permissionName = "ohos.permission.READ_CONTACTS",
74 .isGeneral = true,
75 .resDeviceID = { "local" },
76 .grantStatus = { PermissionState::PERMISSION_GRANTED },
77 .grantFlags = { 1 }
78 },
79 {
80 .permissionName = "ohos.permission.WRITE_CALL_LOG",
81 .isGeneral = true,
82 .resDeviceID = { "local" },
83 .grantStatus = { PermissionState::PERMISSION_GRANTED },
84 .grantFlags = { 1 }
85 }
86 }
87 };
88 AccessTokenKit::AllocHapToken(info, policy);
89 auto testTokenId = Security::AccessToken::AccessTokenKit::GetHapTokenIDEx(
90 info.userID, info.bundleName, info.instIndex);
91 SetSelfTokenID(testTokenId.tokenIDEx);
92 LOG_INFO("SetUpTestCase end");
93 }
94
TearDownTestCase(void)95 void PermissionTest::TearDownTestCase(void)
96 {
97 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
98 AccessTokenKit::DeleteToken(tokenId.tokenIDEx);
99 }
100
SetUp(void)101 void PermissionTest::SetUp(void) {}
TearDown(void)102 void PermissionTest::TearDown(void) {}
103
104 HWTEST_F(PermissionTest, PermissionTest_Uri_Empty_Test_001, TestSize.Level0)
105 {
106 LOG_INFO("PermissionTest_Uri_Scheme_Error_Test_001::Start");
107 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
108 Uri uri(EMPTY_URI);
109 auto ret = DataShare::DataSharePermission::VerifyPermission(tokenId.tokenIDEx, uri, true);
110 EXPECT_EQ(ret, ERR_INVALID_VALUE);
111 LOG_INFO("PermissionTest_Uri_Scheme_Error_Test_001::End");
112 }
113
114 HWTEST_F(PermissionTest, PermissionTest_Bundle_Name_Error_Test_001, TestSize.Level0)
115 {
116 LOG_INFO("PermissionTest_Bundle_Name_Error_Test_001::Start");
117 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
118 Uri uri(PROXY_ERROR_BUNDLE_URI);
119 auto ret = DataShare::DataSharePermission::VerifyPermission(tokenId.tokenIDEx, uri, true);
120 EXPECT_EQ(ret, E_BUNDLE_NAME_NOT_EXIST);
121 LOG_INFO("PermissionTest_Bundle_Name_Error_Test_001::End");
122 }
123
124 HWTEST_F(PermissionTest, PermissionTest_Uri_Diff_ProxyData_Test_001, TestSize.Level0)
125 {
126 LOG_INFO("PermissionTest_Uri_Diff_ProxyData_Test_001::Start");
127 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
128 Uri uri(URI_DIFF_PROXY_DATA);
129 auto ret = DataShare::DataSharePermission::VerifyPermission(tokenId.tokenIDEx, uri, true);
130 EXPECT_EQ(ret, E_URI_NOT_EXIST);
131 LOG_INFO("PermissionTest_Uri_Diff_ProxyData_Test_001::End");
132 }
133
134 HWTEST_F(PermissionTest, PermissionTest_ProxyUri_OK_Test_001, TestSize.Level0)
135 {
136 LOG_INFO("PermissionTest_ProxyUri_OK_Test_001::Start");
137 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
138 Uri uri(PROXY_URI_OK);
139 auto ret = DataShare::DataSharePermission::VerifyPermission(tokenId.tokenIDEx, uri, true);
140 EXPECT_EQ(ret, E_OK);
141 LOG_INFO("PermissionTest_ProxyUri_OK_Test_001::End");
142 }
143
144 HWTEST_F(PermissionTest, PermissionTest_ProxyUri_OK_Write_Permission_Error_Test_001, TestSize.Level0)
145 {
146 LOG_INFO("PermissionTest_ProxyUri_OK_Write_Permission_Error_Test_001::Start");
147 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
148 Uri uri(PROXY_URI_OK);
149 // isRead is false, verify write permission
150 auto ret = DataShare::DataSharePermission::VerifyPermission(tokenId.tokenIDEx, uri, false);
151 EXPECT_EQ(ret, ERR_PERMISSION_DENIED);
152 LOG_INFO("PermissionTest_ProxyUri_OK_Write_Permission_Error_Test_001::End");
153 }
154
155 HWTEST_F(PermissionTest, PermissionTest_Error_Bundle_Name_Test_001, TestSize.Level0)
156 {
157 LOG_INFO("PermissionTest_Error_Bundle_Name_Test_001::Start");
158 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
159 Uri uri(DATA_SHARE_ERROR_BUNDLE_URI);
160 auto ret = DataShare::DataSharePermission::VerifyPermission(tokenId.tokenIDEx, uri, true);
161 EXPECT_EQ(ret, E_BUNDLE_NAME_NOT_EXIST);
162 LOG_INFO("PermissionTest_Error_Bundle_Name_Test_001::End");
163 }
164
165 HWTEST_F(PermissionTest, PermissionTest_No_Read_Permission_Test_001, TestSize.Level0)
166 {
167 LOG_INFO("PermissionTest_No_Read_Permission_Test_001::Start");
168 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
169 Uri uri(DATA_SHARE_URI);
170 // proxyData requiredReadPermission is ohos.permission.READ_CALL_LOG
171 auto ret = DataShare::DataSharePermission::VerifyPermission(tokenId.tokenIDEx, uri, true);
172 EXPECT_EQ(ret, ERR_PERMISSION_DENIED);
173 LOG_INFO("PermissionTest_No_Read_Permission_Test_001::End");
174 }
175
176 HWTEST_F(PermissionTest, PermissionTest_Have_Write_Permission_Test_001, TestSize.Level0)
177 {
178 LOG_INFO("PermissionTest_HAVA_WRITE_PERMISSION_Test_001::Start");
179 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
180 Uri uri(DATA_SHARE_WRITEURI);
181 // proxyData requiredWritePermission is ohos.permission.WRITE_CALL_LOG
182 auto ret = DataShare::DataSharePermission::VerifyPermission(tokenId.tokenIDEx, uri, false);
183 EXPECT_EQ(ret, E_OK);
184 LOG_INFO("PermissionTest_HAVA_WRITE_PERMISSION_Test_001::End");
185 }
186
187 HWTEST_F(PermissionTest, PermissionTest_Empty_Read_Permission_Test_001, TestSize.Level0)
188 {
189 LOG_INFO("PermissionTest_Empty_Read_Permission_Test_001::Start");
190 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
191 Uri uri(DATA_SHARE_WRITEURI);
192 // proxyData not config requiredReadPermission
193 auto ret = DataShare::DataSharePermission::VerifyPermission(tokenId.tokenIDEx, uri, true);
194 EXPECT_EQ(ret, ERR_PERMISSION_DENIED);
195 LOG_INFO("PermissionTest_Empty_Read_Permission_Test_001::End");
196 }
197
198 HWTEST_F(PermissionTest, PermissionTest_Empty_Write_Permission_Test_001, TestSize.Level0)
199 {
200 LOG_INFO("PermissionTest_Empty_Write_Permission_Test_001::Start");
201 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
202 Uri uri(DATA_SHARE_URI);
203 // proxyData not config requiredWritePermission
204 auto ret = DataShare::DataSharePermission::VerifyPermission(tokenId.tokenIDEx, uri, false);
205 EXPECT_EQ(ret, ERR_PERMISSION_DENIED);
206 LOG_INFO("PermissionTest_Empty_Write_Permission_Test_001::End");
207 }
208
209 HWTEST_F(PermissionTest, PermissionTest_Have_Query_Param_001, TestSize.Level0)
210 {
211 LOG_INFO("PermissionTest_Have_Query_Param_001::Start");
212 auto tokenId = AccessTokenKit::GetHapTokenIDEx(USER_100, "ohos.datashareclienttest.demo", 0);
213 Uri uri(PROXY_URI_HAVA_QUERY);
214 auto ret = DataShare::DataSharePermission::VerifyPermission(tokenId.tokenIDEx, uri, true);
215 EXPECT_EQ(ret, E_OK);
216 LOG_INFO("PermissionTest_Have_Query_Param_001::End");
217 }
218
219 HWTEST_F(PermissionTest, PermissionTest_Have_Write_Test_001, TestSize.Level0)
220 {
221 LOG_INFO("PermissionTest_Have_Write_Test_001::Start");
222 HapInfoParams info = {
223 .userID = USER_100,
224 .bundleName = "ohos.permission.write.demo",
225 .instIndex = 0,
226 .isSystemApp = true,
227 .apiVersion = 8,
228 .appIDDesc = "ohos.permission.write.demo"
229 };
230 HapPolicyParams policy = {
231 .apl = APL_SYSTEM_CORE,
232 .domain = "test.domain",
233 .permStateList = {
234 {
235 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
236 .isGeneral = true,
237 .resDeviceID = { "local" },
238 .grantStatus = { PermissionState::PERMISSION_GRANTED },
239 .grantFlags = { 1 }
240 },
241 {
242 .permissionName = "ohos.permission.WRITE_CONTACTS",
243 .isGeneral = true,
244 .resDeviceID = { "local" },
245 .grantStatus = { PermissionState::PERMISSION_GRANTED },
246 .grantFlags = { 1 }
247 }
248 }
249 };
250 AccessTokenKit::AllocHapToken(info, policy);
251 auto testTokenId = Security::AccessToken::AccessTokenKit::GetHapTokenIDEx(
252 info.userID, info.bundleName, info.instIndex);
253 SetSelfTokenID(testTokenId.tokenIDEx);
254
255 Uri uri(PROXY_URI_OK);
256 auto ret = DataShare::DataSharePermission::VerifyPermission(testTokenId.tokenIDEx, uri, false);
257 EXPECT_EQ(ret, E_OK);
258 AccessTokenKit::DeleteToken(testTokenId.tokenIDEx);
259 LOG_INFO("PermissionTest_Have_Write_Test_001::End");
260 }
261
262 HWTEST_F(PermissionTest, PermissionTest_Hava_Read_Permission_Test_001, TestSize.Level0)
263 {
264 LOG_INFO("PermissionTest_Hava_Read_Permission_Test_001::Start");
265 HapInfoParams info = {
266 .userID = USER_100,
267 .bundleName = "ohos.permission.demo",
268 .instIndex = 0,
269 .isSystemApp = true,
270 .apiVersion = 8,
271 .appIDDesc = "ohos.permission.demo"
272 };
273 HapPolicyParams policy = {
274 .apl = APL_SYSTEM_CORE,
275 .domain = "test.domain",
276 .permStateList = {
277 {
278 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
279 .isGeneral = true,
280 .resDeviceID = { "local" },
281 .grantStatus = { PermissionState::PERMISSION_GRANTED },
282 .grantFlags = { 1 }
283 },
284 {
285 .permissionName = "ohos.permission.READ_CALL_LOG",
286 .isGeneral = true,
287 .resDeviceID = { "local" },
288 .grantStatus = { PermissionState::PERMISSION_GRANTED },
289 .grantFlags = { 1 }
290 }
291 }
292 };
293 AccessTokenKit::AllocHapToken(info, policy);
294 auto testTokenId = Security::AccessToken::AccessTokenKit::GetHapTokenIDEx(
295 info.userID, info.bundleName, info.instIndex);
296 SetSelfTokenID(testTokenId.tokenIDEx);
297 Uri uri(DATA_SHARE_URI);
298 auto ret = DataShare::DataSharePermission::VerifyPermission(testTokenId.tokenIDEx, uri, true);
299 EXPECT_EQ(ret, E_OK);
300
301 AccessTokenKit::DeleteToken(testTokenId.tokenIDEx);
302 LOG_INFO("PermissionTest_Hava_Read_Permission_Test_001::End");
303 }
304 } // namespace DataShare
305 } // namespace OHOS