1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "accesstoken_kit_test.h"
17 #include <thread>
18
19 #include "accesstoken_kit.h"
20 #include "accesstoken_log.h"
21 #include "access_token_error.h"
22 #include "i_accesstoken_manager.h"
23 #include "native_token_info_for_sync_parcel.h"
24 #include "nativetoken_kit.h"
25 #include "permission_state_change_info_parcel.h"
26 #include "softbus_bus_center.h"
27 #include "string_ex.h"
28 #include "token_setproc.h"
29 #define private public
30 #include "accesstoken_manager_client.h"
31 #undef private
32
33 using namespace testing::ext;
34
35 namespace OHOS {
36 namespace Security {
37 namespace AccessToken {
38 namespace {
39 static const int MAX_PERMISSION_SIZE = 1000;
40 static const int INVALID_DLP_TOKEN_FLAG = -1;
41 static constexpr int32_t DEFAULT_API_VERSION = 8;
42 static constexpr int32_t VAGUE_LOCATION_API_VERSION = 9;
43 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenKitTest"};
44
45 PermissionStateFull g_grantPermissionReq = {
46 .permissionName = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS",
47 .isGeneral = true,
48 .resDeviceID = {"device"},
49 .grantStatus = {PermissionState::PERMISSION_GRANTED},
50 .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
51 };
52 PermissionStateFull g_revokePermissionReq = {
53 .permissionName = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS",
54 .isGeneral = true,
55 .resDeviceID = {"device"},
56 .grantStatus = {PermissionState::PERMISSION_GRANTED},
57 .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
58 };
59
60 PermissionDef g_infoManagerTestPermDef1 = {
61 .permissionName = "ohos.permission.test1",
62 .bundleName = "accesstoken_test",
63 .grantMode = 1,
64 .availableLevel = APL_NORMAL,
65 .label = "label",
66 .labelId = 1,
67 .description = "open the door",
68 .descriptionId = 1
69 };
70
71 PermissionDef g_infoManagerTestPermDef2 = {
72 .permissionName = "ohos.permission.test2",
73 .bundleName = "accesstoken_test",
74 .grantMode = 1,
75 .availableLevel = APL_NORMAL,
76 .label = "label",
77 .labelId = 1,
78 .description = "break the door",
79 .descriptionId = 1
80 };
81
82 PermissionStateFull g_infoManagerTestState1 = {
83 .permissionName = "ohos.permission.test1",
84 .isGeneral = true,
85 .resDeviceID = {"local"},
86 .grantStatus = {PermissionState::PERMISSION_GRANTED},
87 .grantFlags = {1}
88 };
89
90 PermissionStateFull g_infoManagerTestState2 = {
91 .permissionName = "ohos.permission.test2",
92 .isGeneral = false,
93 .resDeviceID = {"device 1", "device 2"},
94 .grantStatus = {PermissionState::PERMISSION_GRANTED, PermissionState::PERMISSION_GRANTED},
95 .grantFlags = {1, 2}
96 };
97
98 HapInfoParams g_infoManagerTestInfoParms = {
99 .userID = 1,
100 .bundleName = "accesstoken_test",
101 .instIndex = 0,
102 .appIDDesc = "testtesttesttest",
103 .apiVersion = DEFAULT_API_VERSION
104 };
105
106 HapPolicyParams g_infoManagerTestPolicyPrams = {
107 .apl = APL_NORMAL,
108 .domain = "test.domain",
109 .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2},
110 .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2}
111 };
112
113 HapInfoParams g_infoManagerTestInfoParmsBak = {
114 .userID = 1,
115 .bundleName = "accesstoken_test",
116 .instIndex = 0,
117 .appIDDesc = "testtesttesttest",
118 .apiVersion = DEFAULT_API_VERSION
119 };
120
121 HapPolicyParams g_infoManagerTestPolicyPramsBak = {
122 .apl = APL_NORMAL,
123 .domain = "test.domain",
124 .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2},
125 .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2}
126 };
127
128 HapInfoParams g_locationTestInfo = {
129 .userID = TEST_USER_ID,
130 .bundleName = "accesstoken_location_test",
131 .instIndex = 0,
132 .appIDDesc = "testtesttesttest"
133 };
134
135 PermissionDef g_locationTestDefVague = {
136 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
137 .bundleName = "accesstoken_location_test",
138 .grantMode = GrantMode::USER_GRANT,
139 .availableLevel = APL_NORMAL,
140 .provisionEnable = false,
141 .distributedSceneEnable = true
142 };
143
144 PermissionDef g_locationTestDefAccurate = {
145 .permissionName = "ohos.permission.LOCATION",
146 .bundleName = "accesstoken_location_test",
147 .grantMode = GrantMode::USER_GRANT,
148 .availableLevel = APL_NORMAL,
149 .provisionEnable = true,
150 .distributedSceneEnable = true
151 };
152
153 PermissionDef g_locationTestDefSystemGrant = {
154 .permissionName = "ohos.permission.locationtest1",
155 .bundleName = "accesstoken_location_test",
156 .grantMode = GrantMode::SYSTEM_GRANT,
157 .availableLevel = APL_NORMAL,
158 .provisionEnable = false,
159 .distributedSceneEnable = false
160 };
161
162 PermissionDef g_locationTestDefUserGrant = {
163 .permissionName = "ohos.permission.locationtest2",
164 .bundleName = "accesstoken_location_test",
165 .grantMode = GrantMode::USER_GRANT,
166 .availableLevel = APL_NORMAL,
167 .provisionEnable = false,
168 .distributedSceneEnable = false
169 };
170
171 PermissionStateFull g_locationTestStateSystemGrant = {
172 .permissionName = "ohos.permission.locationtest1",
173 .isGeneral = true,
174 .resDeviceID = {"device"},
175 .grantStatus = {PermissionState::PERMISSION_GRANTED},
176 .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
177 };
178
179 PermissionStateFull g_locationTestStateUserGrant = {
180 .permissionName = "ohos.permission.locationtest2",
181 .isGeneral = true,
182 .resDeviceID = {"device"},
183 .grantStatus = {PermissionState::PERMISSION_DENIED},
184 .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}
185 };
186
187 PermissionStateFull g_locationTestStateVague02 = {
188 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
189 .isGeneral = true,
190 .resDeviceID = {"device"},
191 .grantStatus = {PermissionState::PERMISSION_GRANTED},
192 .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED}
193 };
194
195 PermissionStateFull g_locationTestStateVague10 = {
196 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
197 .isGeneral = true,
198 .resDeviceID = {"device"},
199 .grantStatus = {PermissionState::PERMISSION_DENIED},
200 .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}
201 };
202
203 PermissionStateFull g_locationTestStateVague12 = {
204 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
205 .isGeneral = true,
206 .resDeviceID = {"device"},
207 .grantStatus = {PermissionState::PERMISSION_DENIED},
208 .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED}
209 };
210
211 PermissionStateFull g_locationTestStateAccurate02 = {
212 .permissionName = "ohos.permission.LOCATION",
213 .isGeneral = true,
214 .resDeviceID = {"device"},
215 .grantStatus = {PermissionState::PERMISSION_GRANTED},
216 .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED}
217 };
218
219 PermissionStateFull g_locationTestStateAccurate10 = {
220 .permissionName = "ohos.permission.LOCATION",
221 .isGeneral = true,
222 .resDeviceID = {"device"},
223 .grantStatus = {PermissionState::PERMISSION_DENIED},
224 .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}
225 };
226
227 PermissionStateFull g_locationTestStateAccurate12 = {
228 .permissionName = "ohos.permission.LOCATION",
229 .isGeneral = true,
230 .resDeviceID = {"device"},
231 .grantStatus = {PermissionState::PERMISSION_DENIED},
232 .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED}
233 };
234 }
235
NativeTokenGet()236 void NativeTokenGet()
237 {
238 uint64_t tokenId;
239 const char **perms = new const char *[4];
240 perms[0] = "ohos.permission.DISTRIBUTED_DATASYNC";
241 perms[1] = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS";
242 perms[2] = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS";
243 perms[3] = "ohos.permission.GET_SENSITIVE_PERMISSIONS";
244
245 NativeTokenInfoParams infoInstance = {
246 .dcapsNum = 0,
247 .permsNum = 4,
248 .aclsNum = 0,
249 .dcaps = nullptr,
250 .perms = perms,
251 .acls = nullptr,
252 .aplStr = "system_core",
253 };
254
255 infoInstance.processName = "TestCase";
256 tokenId = GetAccessTokenId(&infoInstance);
257 SetSelfTokenID(tokenId);
258 AccessTokenKit::ReloadNativeTokenInfo();
259 delete[] perms;
260 }
261
SetUpTestCase()262 void AccessTokenKitTest::SetUpTestCase()
263 {
264 // make test case clean
265 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
266 g_infoManagerTestInfoParms.bundleName,
267 g_infoManagerTestInfoParms.instIndex);
268 AccessTokenKit::DeleteToken(tokenID);
269
270 tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
271 AccessTokenKit::DeleteToken(tokenID);
272
273 NativeTokenGet();
274 }
275
TearDownTestCase()276 void AccessTokenKitTest::TearDownTestCase()
277 {
278 }
279
SetUp()280 void AccessTokenKitTest::SetUp()
281 {
282 selfTokenId_ = GetSelfTokenID();
283 g_infoManagerTestInfoParms = g_infoManagerTestInfoParmsBak;
284 g_infoManagerTestPolicyPrams = g_infoManagerTestPolicyPramsBak;
285 HapInfoParams info = {
286 .userID = TEST_USER_ID,
287 .bundleName = TEST_BUNDLE_NAME,
288 .instIndex = 0,
289 .appIDDesc = "appIDDesc",
290 .apiVersion = DEFAULT_API_VERSION
291 };
292
293 HapPolicyParams policy = {
294 .apl = APL_NORMAL,
295 .domain = "domain"
296 };
297
298 PermissionDef permissionDefAlpha = {
299 .permissionName = TEST_PERMISSION_NAME_ALPHA,
300 .bundleName = TEST_BUNDLE_NAME,
301 .grantMode = GrantMode::USER_GRANT,
302 .availableLevel = APL_NORMAL,
303 .provisionEnable = false,
304 .distributedSceneEnable = false
305 };
306
307 PermissionDef permissionDefBeta = {
308 .permissionName = TEST_PERMISSION_NAME_BETA,
309 .bundleName = TEST_BUNDLE_NAME,
310 .grantMode = GrantMode::SYSTEM_GRANT,
311 .availableLevel = APL_NORMAL,
312 .provisionEnable = false,
313 .distributedSceneEnable = false
314 };
315 PermissionDef testPermDef1 = {
316 .permissionName = "ohos.permission.testPermDef1",
317 .bundleName = TEST_BUNDLE_NAME,
318 .grantMode = GrantMode::USER_GRANT,
319 .availableLevel = APL_NORMAL,
320 .provisionEnable = false,
321 .distributedSceneEnable = false
322 };
323
324 PermissionDef testPermDef2 = {
325 .permissionName = "ohos.permission.testPermDef2",
326 .bundleName = TEST_BUNDLE_NAME,
327 .grantMode = GrantMode::USER_GRANT,
328 .availableLevel = APL_NORMAL,
329 .provisionEnable = false,
330 .distributedSceneEnable = false
331 };
332
333 PermissionDef testPermDef3 = {
334 .permissionName = "ohos.permission.testPermDef3",
335 .bundleName = TEST_BUNDLE_NAME,
336 .grantMode = GrantMode::USER_GRANT,
337 .availableLevel = APL_NORMAL,
338 .provisionEnable = false,
339 .distributedSceneEnable = false
340 };
341 PermissionDef testPermDef4 = {
342 .permissionName = "ohos.permission.testPermDef4",
343 .bundleName = TEST_BUNDLE_NAME,
344 .grantMode = GrantMode::USER_GRANT,
345 .availableLevel = APL_NORMAL,
346 .provisionEnable = false,
347 .distributedSceneEnable = false
348 };
349 policy.permList.emplace_back(permissionDefAlpha);
350 policy.permList.emplace_back(permissionDefBeta);
351 policy.permList.emplace_back(testPermDef1);
352 policy.permList.emplace_back(testPermDef2);
353 policy.permList.emplace_back(testPermDef3);
354 policy.permList.emplace_back(testPermDef4);
355
356 PermissionStateFull permStatAlpha = {
357 .permissionName = TEST_PERMISSION_NAME_ALPHA,
358 .isGeneral = true,
359 .resDeviceID = {"device"},
360 .grantStatus = {PermissionState::PERMISSION_DENIED},
361 .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
362 };
363 PermissionStateFull permStatBeta = {
364 .permissionName = TEST_PERMISSION_NAME_BETA,
365 .isGeneral = true,
366 .resDeviceID = {"device"},
367 .grantStatus = {PermissionState::PERMISSION_GRANTED},
368 .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
369 };
370 PermissionStateFull permTestState1 = {
371 .permissionName = "ohos.permission.testPermDef1",
372 .isGeneral = true,
373 .resDeviceID = {"local"},
374 .grantStatus = {PermissionState::PERMISSION_DENIED},
375 .grantFlags = {0},
376 };
377
378 PermissionStateFull permTestState2 = {
379 .permissionName = "ohos.permission.testPermDef2",
380 .isGeneral = true,
381 .resDeviceID = {"local"},
382 .grantStatus = {PermissionState::PERMISSION_DENIED},
383 .grantFlags = {1}
384 };
385
386 PermissionStateFull permTestState3 = {
387 .permissionName = "ohos.permission.testPermDef3",
388 .isGeneral = true,
389 .resDeviceID = {"local"},
390 .grantStatus = {PermissionState::PERMISSION_DENIED},
391 .grantFlags = {2}
392 };
393
394 PermissionStateFull permTestState4 = {
395 .permissionName = "ohos.permission.testPermDef4",
396 .isGeneral = true,
397 .resDeviceID = {"local"},
398 .grantStatus = {PermissionState::PERMISSION_GRANTED},
399 .grantFlags = {1}
400 };
401
402 policy.permStateList.emplace_back(permStatAlpha);
403 policy.permStateList.emplace_back(permStatBeta);
404 policy.permStateList.emplace_back(g_grantPermissionReq);
405 policy.permStateList.emplace_back(g_revokePermissionReq);
406 policy.permStateList.emplace_back(permTestState1);
407 policy.permStateList.emplace_back(permTestState1);
408 policy.permStateList.emplace_back(permTestState2);
409 policy.permStateList.emplace_back(permTestState3);
410 policy.permStateList.emplace_back(permTestState4);
411 AccessTokenKit::AllocHapToken(info, policy);
412 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
413 g_infoManagerTestInfoParms.bundleName,
414 g_infoManagerTestInfoParms.instIndex);
415 AccessTokenKit::DeleteToken(tokenID);
416 (void)remove("/data/token.json");
417
418 ACCESSTOKEN_LOG_INFO(LABEL, "SetUp ok.");
419 }
420
TearDown()421 void AccessTokenKitTest::TearDown()
422 {
423 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
424 AccessTokenKit::DeleteToken(tokenID);
425 SetSelfTokenID(selfTokenId_);
426 }
427
AllocHapToken(std::vector<PermissionDef> & permmissionDefs,std::vector<PermissionStateFull> & permissionStateFulls,int32_t apiVersion)428 void AccessTokenKitTest::AllocHapToken(std::vector<PermissionDef>& permmissionDefs,
429 std::vector<PermissionStateFull>& permissionStateFulls, int32_t apiVersion)
430 {
431 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
432 AccessTokenKit::DeleteToken(tokenID);
433
434 HapInfoParams info = g_locationTestInfo;
435 info.apiVersion = apiVersion;
436
437 HapPolicyParams policy = {
438 .apl = APL_NORMAL,
439 .domain = "domain"
440 };
441
442 for (auto& permmissionDef:permmissionDefs) {
443 policy.permList.emplace_back(permmissionDef);
444 }
445
446 for (auto& permissionStateFull:permissionStateFulls) {
447 policy.permStateList.emplace_back(permissionStateFull);
448 }
449
450 AccessTokenKit::AllocHapToken(info, policy);
451 }
452
GetAccessTokenID(int userID,std::string bundleName,int instIndex)453 unsigned int AccessTokenKitTest::GetAccessTokenID(int userID, std::string bundleName, int instIndex)
454 {
455 return AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex);
456 }
457
DeleteTestToken() const458 void AccessTokenKitTest::DeleteTestToken() const
459 {
460 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
461 g_infoManagerTestInfoParms.bundleName,
462 g_infoManagerTestInfoParms.instIndex);
463 int ret = AccessTokenKit::DeleteToken(tokenID);
464 if (tokenID != 0) {
465 ASSERT_EQ(RET_SUCCESS, ret);
466 }
467 }
468
AllocTestToken() const469 void AccessTokenKitTest::AllocTestToken() const
470 {
471 AccessTokenIDEx tokenIdEx = {0};
472 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
473 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIdExStruct.tokenID);
474 }
475
476 /**
477 * @tc.name: GetDefPermission001
478 * @tc.desc: Get permission definition info after AllocHapToken function has been invoked.
479 * @tc.type: FUNC
480 * @tc.require: Issue Number
481 */
482 HWTEST_F(AccessTokenKitTest, GetDefPermission001, TestSize.Level1)
483 {
484 PermissionDef permDefResultAlpha;
485 int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha);
486 ASSERT_EQ(RET_SUCCESS, ret);
487 ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName);
488
489 PermissionDef permDefResultBeta;
490 ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_BETA, permDefResultBeta);
491 ASSERT_EQ(RET_SUCCESS, ret);
492 ASSERT_EQ(TEST_PERMISSION_NAME_BETA, permDefResultBeta.permissionName);
493 }
494
495 /**
496 * @tc.name: GetDefPermission002
497 * @tc.desc: Get permission definition info that permission is invalid.
498 * @tc.type: FUNC
499 * @tc.require: Issue Number
500 */
501 HWTEST_F(AccessTokenKitTest, GetDefPermission002, TestSize.Level1)
502 {
503 PermissionDef permDefResult;
504 int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_GAMMA, permDefResult);
505 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIT, ret);
506
507 ret = AccessTokenKit::GetDefPermission("", permDefResult);
508 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
509
510 std::string invalidPerm(INVALID_PERMNAME_LEN, 'a');
511 ret = AccessTokenKit::GetDefPermission(invalidPerm, permDefResult);
512 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
513 }
514
515 /**
516 * @tc.name: GetDefPermission003
517 * @tc.desc: GetDefPermission is invoked multiple times.
518 * @tc.type: FUNC
519 * @tc.require: Issue Number
520 */
521 HWTEST_F(AccessTokenKitTest, GetDefPermission003, TestSize.Level0)
522 {
523 int ret = RET_FAILED;
524 for (int i = 0; i < CYCLE_TIMES; i++) {
525 PermissionDef permDefResultAlpha;
526 ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha);
527 ASSERT_EQ(RET_SUCCESS, ret);
528 ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName);
529 }
530 }
531
532 /**
533 * @tc.name: GetDefPermissions001
534 * @tc.desc: Get permission definition info list after AllocHapToken function has been invoked.
535 * @tc.type: FUNC
536 * @tc.require: Issue Number
537 */
538 HWTEST_F(AccessTokenKitTest, GetDefPermissions001, TestSize.Level1)
539 {
540 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
541 ASSERT_NE(INVALID_TOKENID, tokenID);
542 std::vector<PermissionDef> permDefList;
543 int ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList);
544 ASSERT_EQ(RET_SUCCESS, ret);
545 ASSERT_EQ(static_cast<uint32_t>(6), permDefList.size());
546 }
547
548 /**
549 * @tc.name: GetDefPermissions002
550 * @tc.desc: Get permission definition info list after clear permission definition list
551 * @tc.type: FUNC
552 * @tc.require: Issue Number
553 */
554 HWTEST_F(AccessTokenKitTest, GetDefPermissions002, TestSize.Level1)
555 {
556 HapPolicyParams testPolicyPrams = g_infoManagerTestPolicyPrams;
557 testPolicyPrams.permList.clear();
558 AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, testPolicyPrams);
559
560 AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
561 g_infoManagerTestInfoParms.bundleName,
562 g_infoManagerTestInfoParms.instIndex);
563 ASSERT_NE(INVALID_TOKENID, tokenID);
564
565 std::vector<PermissionDef> permDefList;
566 int ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList);
567 ASSERT_EQ(RET_SUCCESS, ret);
568 ASSERT_EQ(static_cast<uint32_t>(0), permDefList.size());
569
570 AccessTokenKit::DeleteToken(tokenID);
571 }
572
573 /**
574 * @tc.name: GetDefPermissions003
575 * @tc.desc: Get permission definition info list that tokenID is invalid.
576 * @tc.type: FUNC
577 * @tc.require: Issue Number
578 */
579 HWTEST_F(AccessTokenKitTest, GetDefPermissions003, TestSize.Level1)
580 {
581 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
582 ASSERT_NE(INVALID_TOKENID, tokenID);
583 AccessTokenKit::DeleteToken(tokenID);
584
585 std::vector<PermissionDef> permDefList;
586 int ret = AccessTokenKit::GetDefPermissions(TEST_TOKENID_INVALID, permDefList);
587 ASSERT_EQ(RET_FAILED, ret);
588
589 std::vector<PermissionDef> permDefListRes;
590 ret = AccessTokenKit::GetDefPermissions(tokenID, permDefListRes);
591 ASSERT_EQ(RET_FAILED, ret);
592 ASSERT_EQ(static_cast<uint32_t>(0), permDefListRes.size());
593 }
594
595 /**
596 * @tc.name: GetDefPermissions004
597 * @tc.desc: GetDefPermissions is invoked multiple times.
598 * @tc.type: FUNC
599 * @tc.require: Issue Number
600 */
601 HWTEST_F(AccessTokenKitTest, GetDefPermissions004, TestSize.Level0)
602 {
603 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
604 ASSERT_NE(INVALID_TOKENID, tokenID);
605 int ret = RET_FAILED;
606 for (int i = 0; i < CYCLE_TIMES; i++) {
607 std::vector<PermissionDef> permDefList;
608 ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList);
609 ASSERT_EQ(RET_SUCCESS, ret);
610 ASSERT_EQ(static_cast<uint32_t>(6), permDefList.size());
611 }
612 }
613
614 /**
615 * @tc.name: GetReqPermissions001
616 * @tc.desc: Get user granted permission state info.
617 * @tc.type: FUNC
618 * @tc.require: Issue Number
619 */
620 HWTEST_F(AccessTokenKitTest, GetReqPermissions001, TestSize.Level1)
621 {
622 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
623 ASSERT_NE(INVALID_TOKENID, tokenID);
624 std::vector<PermissionStateFull> permStatList;
625 int ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false);
626 ASSERT_EQ(RET_SUCCESS, ret);
627 ASSERT_EQ(static_cast<uint32_t>(5), permStatList.size());
628 ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permStatList[0].permissionName);
629
630 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
631 ASSERT_EQ(ret, permStatList[0].grantStatus[0]);
632 }
633
634 /**
635 * @tc.name: GetReqPermissions002
636 * @tc.desc: Get system granted permission state info.
637 * @tc.type: FUNC
638 * @tc.require: Issue Number
639 */
640 HWTEST_F(AccessTokenKitTest, GetReqPermissions002, TestSize.Level1)
641 {
642 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
643 ASSERT_NE(INVALID_TOKENID, tokenID);
644 std::vector<PermissionStateFull> permStatList;
645 int ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, true);
646 ASSERT_EQ(RET_SUCCESS, ret);
647 ASSERT_EQ(static_cast<uint32_t>(3), permStatList.size());
648 ASSERT_EQ(TEST_PERMISSION_NAME_BETA, permStatList[0].permissionName);
649
650 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA);
651 ASSERT_EQ(ret, permStatList[0].grantStatus[0]);
652 }
653
654 /**
655 * @tc.name: GetReqPermissions003
656 * @tc.desc: Get user granted permission state info after clear request permission list.
657 * @tc.type: FUNC
658 * @tc.require: Issue Number
659 */
660 HWTEST_F(AccessTokenKitTest, GetReqPermissions003, TestSize.Level1)
661 {
662 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
663 ASSERT_NE(INVALID_TOKENID, tokenID);
664
665 HapTokenInfo hapInfo;
666 int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapInfo);
667 ASSERT_EQ(RET_SUCCESS, ret);
668
669 HapPolicyParams policy = {
670 .apl = hapInfo.apl,
671 .domain = "domain"
672 };
673 policy.permStateList.clear();
674
675 ret = AccessTokenKit::UpdateHapToken(tokenID, hapInfo.appID, DEFAULT_API_VERSION, policy);
676 ASSERT_EQ(RET_SUCCESS, ret);
677
678 std::vector<PermissionStateFull> permStatUserList;
679 ret = AccessTokenKit::GetReqPermissions(tokenID, permStatUserList, false);
680 ASSERT_EQ(RET_SUCCESS, ret);
681 ASSERT_EQ(static_cast<uint32_t>(0), permStatUserList.size());
682
683 std::vector<PermissionStateFull> permStatSystemList;
684 ret = AccessTokenKit::GetReqPermissions(tokenID, permStatSystemList, true);
685 ASSERT_EQ(RET_SUCCESS, ret);
686 ASSERT_EQ(static_cast<uint32_t>(0), permStatSystemList.size());
687 }
688
689 /**
690 * @tc.name: GetReqPermissions004
691 * @tc.desc: Get permission state info list that tokenID is invalid.
692 * @tc.type: FUNC
693 * @tc.require: Issue Number
694 */
695 HWTEST_F(AccessTokenKitTest, GetReqPermissions004, TestSize.Level1)
696 {
697 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
698 ASSERT_NE(INVALID_TOKENID, tokenID);
699
700 std::vector<PermissionStateFull> permStatList;
701 int ret = AccessTokenKit::GetReqPermissions(TEST_TOKENID_INVALID, permStatList, false);
702 ASSERT_EQ(RET_FAILED, ret);
703
704 AccessTokenKit::DeleteToken(tokenID);
705
706 ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false);
707 ASSERT_EQ(RET_FAILED, ret);
708 ASSERT_EQ(static_cast<uint32_t>(0), permStatList.size());
709 }
710
711 /**
712 * @tc.name: GetReqPermissions005
713 * @tc.desc: GetReqPermissions is invoked multiple times.
714 * @tc.type: FUNC
715 * @tc.require: Issue Number
716 */
717 HWTEST_F(AccessTokenKitTest, GetReqPermissions005, TestSize.Level0)
718 {
719 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
720 ASSERT_NE(INVALID_TOKENID, tokenID);
721 int ret = RET_FAILED;
722 for (int i = 0; i < CYCLE_TIMES; i++) {
723 std::vector<PermissionStateFull> permStatList;
724 ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false);
725 ASSERT_EQ(RET_SUCCESS, ret);
726 ASSERT_EQ(static_cast<uint32_t>(5), permStatList.size());
727 ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permStatList[0].permissionName);
728 }
729 }
730
731 /**
732 * @tc.name: GetPermissionFlag001
733 * @tc.desc: Get permission flag after grant permission.
734 * @tc.type: FUNC
735 * @tc.require: Issue Number
736 */
737 HWTEST_F(AccessTokenKitTest, GetPermissionFlag001, TestSize.Level1)
738 {
739 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
740 ASSERT_NE(INVALID_TOKENID, tokenID);
741 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
742 ASSERT_EQ(RET_SUCCESS, ret);
743
744 int32_t flag;
745 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
746 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
747 ASSERT_EQ(RET_SUCCESS, ret);
748 }
749
750 /**
751 * @tc.name: GetPermissionFlag002
752 * @tc.desc: Get permission flag that tokenID or permission is invalid.
753 * @tc.type: FUNC
754 * @tc.require: Issue Number
755 */
756 HWTEST_F(AccessTokenKitTest, GetPermissionFlag002, TestSize.Level1)
757 {
758 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
759 ASSERT_NE(INVALID_TOKENID, tokenID);
760
761 int32_t flag;
762 int ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_GAMMA, flag);
763 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIT, ret);
764
765 ret = AccessTokenKit::GetPermissionFlag(tokenID, "", flag);
766 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
767
768 std::string invalidPerm(INVALID_PERMNAME_LEN, 'a');
769 ret = AccessTokenKit::GetPermissionFlag(tokenID, invalidPerm, flag);
770 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
771
772 ret = AccessTokenKit::GetPermissionFlag(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_ALPHA, flag);
773 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
774
775 AccessTokenKit::DeleteToken(tokenID);
776
777 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
778 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIT, ret);
779 }
780
781 /**
782 * @tc.name: GetPermissionFlag003
783 * @tc.desc: GetPermissionFlag is invoked multiple times.
784 * @tc.type: FUNC
785 * @tc.require: Issue Number
786 */
787 HWTEST_F(AccessTokenKitTest, GetPermissionFlag003, TestSize.Level0)
788 {
789 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
790 ASSERT_NE(INVALID_TOKENID, tokenID);
791 int ret = RET_FAILED;
792 int32_t flag;
793 for (int i = 0; i < CYCLE_TIMES; i++) {
794 ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
795 ASSERT_EQ(RET_SUCCESS, ret);
796
797 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
798 ASSERT_EQ(RET_SUCCESS, ret);
799 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
800 }
801 }
802
803 /**
804 * @tc.name: VerifyAccessToken001
805 * @tc.desc: Verify user granted permission.
806 * @tc.type: FUNC
807 * @tc.require: Issue Number
808 */
809 HWTEST_F(AccessTokenKitTest, VerifyAccessToken001, TestSize.Level0)
810 {
811 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
812 ASSERT_NE(INVALID_TOKENID, tokenID);
813 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
814 ASSERT_EQ(RET_SUCCESS, ret);
815
816 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
817 ASSERT_EQ(PERMISSION_GRANTED, ret);
818
819 ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
820 ASSERT_EQ(RET_SUCCESS, ret);
821
822 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
823 ASSERT_EQ(PERMISSION_DENIED, ret);
824 }
825
826 /**
827 * @tc.name: VerifyAccessToken002
828 * @tc.desc: Verify system granted permission.
829 * @tc.type: FUNC
830 * @tc.require: Issue Number
831 */
832 HWTEST_F(AccessTokenKitTest, VerifyAccessToken002, TestSize.Level0)
833 {
834 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
835 ASSERT_NE(INVALID_TOKENID, tokenID);
836 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
837 ASSERT_EQ(RET_SUCCESS, ret);
838
839 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA);
840 ASSERT_EQ(PERMISSION_GRANTED, ret);
841
842 ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
843 ASSERT_EQ(RET_SUCCESS, ret);
844
845 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA);
846 ASSERT_EQ(PERMISSION_DENIED, ret);
847 }
848
849 /**
850 * @tc.name: VerifyAccessToken003
851 * @tc.desc: Verify permission that tokenID or permission is invalid.
852 * @tc.type: FUNC
853 * @tc.require: Issue Number
854 */
855 HWTEST_F(AccessTokenKitTest, VerifyAccessToken003, TestSize.Level0)
856 {
857 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
858 ASSERT_NE(INVALID_TOKENID, tokenID);
859 int ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_GAMMA);
860 ASSERT_EQ(PERMISSION_DENIED, ret);
861
862 ret = AccessTokenKit::VerifyAccessToken(tokenID, "");
863 ASSERT_EQ(PERMISSION_DENIED, ret);
864
865 std::string invalidPerm(INVALID_PERMNAME_LEN, 'a');
866 ret = AccessTokenKit::VerifyAccessToken(tokenID, invalidPerm);
867 ASSERT_EQ(PERMISSION_DENIED, ret);
868
869 AccessTokenKit::VerifyAccessToken(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_BETA);
870 ASSERT_EQ(PERMISSION_DENIED, ret);
871
872 AccessTokenKit::DeleteToken(tokenID);
873
874 AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA);
875 ASSERT_EQ(PERMISSION_DENIED, ret);
876 }
877
878 /**
879 * @tc.name: VerifyAccessToken004
880 * @tc.desc: Verify permission after update.
881 * @tc.type: FUNC
882 * @tc.require: Issue Number
883 */
884 HWTEST_F(AccessTokenKitTest, VerifyAccessToken004, TestSize.Level0)
885 {
886 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
887 ASSERT_NE(INVALID_TOKENID, tokenID);
888
889 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
890 ASSERT_EQ(RET_SUCCESS, ret);
891
892 HapTokenInfo hapInfo;
893 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapInfo);
894 ASSERT_EQ(RET_SUCCESS, ret);
895
896 std::vector<PermissionDef> permDefList;
897 ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList);
898 ASSERT_EQ(RET_SUCCESS, ret);
899
900 std::vector<PermissionStateFull> permStatList;
901 ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false);
902 ASSERT_EQ(RET_SUCCESS, ret);
903
904 HapPolicyParams policy = {
905 .apl = hapInfo.apl,
906 .domain = "domain",
907 .permList = permDefList,
908 .permStateList = permStatList
909 };
910
911 ret = AccessTokenKit::UpdateHapToken(tokenID, hapInfo.appID, DEFAULT_API_VERSION, policy);
912 ASSERT_EQ(RET_SUCCESS, ret);
913
914 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
915 ASSERT_EQ(PERMISSION_GRANTED, ret);
916 }
917
918 /**
919 * @tc.name: GrantPermission001
920 * @tc.desc: Grant permission that has ohos.permission.GRANT_SENSITIVE_PERMISSIONS
921 * @tc.type: FUNC
922 * @tc.require: Issue Number
923 */
924 HWTEST_F(AccessTokenKitTest, GrantPermission001, TestSize.Level0)
925 {
926 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
927 ASSERT_NE(INVALID_TOKENID, tokenID);
928 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
929 ASSERT_EQ(RET_SUCCESS, ret);
930
931 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
932 ASSERT_EQ(PERMISSION_GRANTED, ret);
933
934 ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
935 ASSERT_EQ(RET_SUCCESS, ret);
936
937 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
938 ASSERT_EQ(PERMISSION_GRANTED, ret);
939 }
940
941 /**
942 * @tc.name: GrantPermission002
943 * @tc.desc: Grant permission that tokenID or permission is invalid.
944 * @tc.type: FUNC
945 * @tc.require: Issue Number
946 */
947 HWTEST_F(AccessTokenKitTest, GrantPermission002, TestSize.Level0)
948 {
949 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
950 ASSERT_NE(INVALID_TOKENID, tokenID);
951
952 int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_GAMMA, PERMISSION_USER_FIXED);
953 ASSERT_EQ(RET_SUCCESS, ret);
954
955 ret = AccessTokenKit::GrantPermission(tokenID, "", PERMISSION_USER_FIXED);
956 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
957
958 std::string invalidPerm(INVALID_PERMNAME_LEN, 'a');
959 ret = AccessTokenKit::GrantPermission(tokenID, invalidPerm, PERMISSION_USER_FIXED);
960 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
961
962 ret = AccessTokenKit::GrantPermission(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
963 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
964
965 AccessTokenKit::DeleteToken(tokenID);
966
967 ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
968 ASSERT_EQ(RET_SUCCESS, ret);
969 }
970
971 /**
972 * @tc.name: GrantPermission003
973 * @tc.desc: GrantPermission is invoked multiple times.
974 * @tc.type: FUNC
975 * @tc.require: Issue Number
976 */
977 HWTEST_F(AccessTokenKitTest, GrantPermission003, TestSize.Level0)
978 {
979 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
980 ASSERT_NE(INVALID_TOKENID, tokenID);
981 int ret = RET_FAILED;
982 int32_t flag;
983 for (int i = 0; i < CYCLE_TIMES; i++) {
984 ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
985 ASSERT_EQ(RET_SUCCESS, ret);
986
987 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
988 ASSERT_EQ(PERMISSION_GRANTED, ret);
989
990 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
991 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
992 ASSERT_EQ(RET_SUCCESS, ret);
993 }
994 }
995
996 /**
997 * @tc.name: GrantPermission004
998 * @tc.desc: GrantPermission function abnormal branch
999 * @tc.type: FUNC
1000 * @tc.require:Issue I5RJBB
1001 */
1002 HWTEST_F(AccessTokenKitTest, GrantPermission004, TestSize.Level0)
1003 {
1004 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1005 ASSERT_NE(INVALID_TOKENID, tokenID);
1006 int32_t invalidFlag = -1;
1007 int32_t ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, invalidFlag);
1008 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1009 }
1010
1011 /**
1012 * @tc.name: RevokePermission001
1013 * @tc.desc: Revoke permission that has ohos.permission.GRANT_SENSITIVE_PERMISSIONS
1014 * @tc.type: FUNC
1015 * @tc.require: Issue Number
1016 */
1017 HWTEST_F(AccessTokenKitTest, RevokePermission001, TestSize.Level0)
1018 {
1019 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1020 ASSERT_NE(INVALID_TOKENID, tokenID);
1021 int ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1022 ASSERT_EQ(RET_SUCCESS, ret);
1023
1024 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
1025 ASSERT_EQ(PERMISSION_DENIED, ret);
1026
1027 ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1028 ASSERT_EQ(RET_SUCCESS, ret);
1029
1030 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
1031 ASSERT_EQ(PERMISSION_DENIED, ret);
1032 }
1033
1034 /**
1035 * @tc.name: RevokePermission002
1036 * @tc.desc: Revoke permission that tokenID or permission is invalid.
1037 * @tc.type: FUNC
1038 * @tc.require: Issue Number
1039 */
1040 HWTEST_F(AccessTokenKitTest, RevokePermission002, TestSize.Level0)
1041 {
1042 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1043 ASSERT_NE(INVALID_TOKENID, tokenID);
1044
1045 int ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_GAMMA, PERMISSION_USER_FIXED);
1046 ASSERT_EQ(RET_SUCCESS, ret);
1047
1048 ret = AccessTokenKit::RevokePermission(tokenID, "", PERMISSION_USER_FIXED);
1049 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1050
1051 std::string invalidPerm(INVALID_PERMNAME_LEN, 'a');
1052 ret = AccessTokenKit::RevokePermission(tokenID, invalidPerm, PERMISSION_USER_FIXED);
1053 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1054
1055 ret = AccessTokenKit::RevokePermission(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1056 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1057
1058 AccessTokenKit::DeleteToken(tokenID);
1059
1060 ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED);
1061 ASSERT_EQ(RET_SUCCESS, ret);
1062 }
1063
1064 /**
1065 * @tc.name: RevokePermission003
1066 * @tc.desc: RevokePermission is invoked multiple times.
1067 * @tc.type: FUNC
1068 * @tc.require: Issue Number
1069 */
1070 HWTEST_F(AccessTokenKitTest, RevokePermission003, TestSize.Level0)
1071 {
1072 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1073 ASSERT_NE(INVALID_TOKENID, tokenID);
1074 int ret = RET_FAILED;
1075 int32_t flag;
1076 for (int i = 0; i < CYCLE_TIMES; i++) {
1077 ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
1078 ASSERT_EQ(RET_SUCCESS, ret);
1079
1080 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
1081 ASSERT_EQ(PERMISSION_DENIED, ret);
1082
1083 ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
1084 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
1085 ASSERT_EQ(RET_SUCCESS, ret);
1086 }
1087 }
1088
1089 /**
1090 * @tc.name: RevokePermission004
1091 * @tc.desc: Revoke permission abnormal branch.
1092 * @tc.type: FUNC
1093 * @tc.require:Issue I5RJBB
1094 */
1095 HWTEST_F(AccessTokenKitTest, RevokePermission004, TestSize.Level0)
1096 {
1097 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1098 ASSERT_NE(INVALID_TOKENID, tokenID);
1099 int invalidFlag = -1;
1100 int32_t ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, invalidFlag);
1101 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1102 }
1103
1104 /**
1105 * @tc.name: ClearUserGrantedPermissionState001
1106 * @tc.desc: Clear user/system granted permission after ClearUserGrantedPermissionState has been invoked.
1107 * @tc.type: FUNC
1108 * @tc.require: Issue Number
1109 */
1110 HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState001, TestSize.Level0)
1111 {
1112 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1113 ASSERT_NE(INVALID_TOKENID, tokenID);
1114 int ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID);
1115 ASSERT_EQ(RET_SUCCESS, ret);
1116
1117 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
1118 ASSERT_EQ(PERMISSION_DENIED, ret);
1119
1120 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA);
1121 ASSERT_EQ(PERMISSION_GRANTED, ret);
1122 }
1123
1124 /**
1125 * @tc.name: ClearUserGrantedPermissionState002
1126 * @tc.desc: Clear user/system granted permission that tokenID or permission is invalid.
1127 * @tc.type: FUNC
1128 * @tc.require: Issue Number
1129 */
1130 HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState002, TestSize.Level0)
1131 {
1132 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1133 ASSERT_NE(INVALID_TOKENID, tokenID);
1134
1135 int ret = AccessTokenKit::ClearUserGrantedPermissionState(TEST_TOKENID_INVALID);
1136 ASSERT_EQ(RET_FAILED, ret);
1137
1138 AccessTokenKit::DeleteToken(tokenID);
1139
1140 ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID);
1141 ASSERT_EQ(RET_SUCCESS, ret);
1142 }
1143
1144 /**
1145 * @tc.name: ClearUserGrantedPermissionState003
1146 * @tc.desc: ClearUserGrantedPermissionState is invoked multiple times.
1147 * @tc.type: FUNC
1148 * @tc.require: Issue Number
1149 */
1150 HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState003, TestSize.Level0)
1151 {
1152 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1153 ASSERT_NE(INVALID_TOKENID, tokenID);
1154 int ret = RET_FAILED;
1155 for (int i = 0; i < CYCLE_TIMES; i++) {
1156 ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID);
1157 ASSERT_EQ(RET_SUCCESS, ret);
1158
1159 ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
1160 ASSERT_EQ(PERMISSION_DENIED, ret);
1161 }
1162 }
1163
1164 /**
1165 * @tc.name: ClearUserGrantedPermissionState004
1166 * @tc.desc: Clear user/system granted permission after ClearUserGrantedPermissionState has been invoked.
1167 * @tc.type: FUNC
1168 * @tc.require: Issue Number
1169 */
1170 HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState004, TestSize.Level0)
1171 {
1172 AccessTokenIDEx tokenIdEx = {0};
1173 OHOS::Security::AccessToken::PermissionStateFull infoManagerTestState1 = {
1174 .permissionName = "ohos.permission.CAMERA",
1175 .isGeneral = true,
1176 .resDeviceID = {"local"},
1177 .grantStatus = {OHOS::Security::AccessToken::PermissionState::PERMISSION_GRANTED},
1178 .grantFlags = {PERMISSION_GRANTED_BY_POLICY | PERMISSION_DEFAULT_FLAG}
1179 };
1180 OHOS::Security::AccessToken::PermissionStateFull infoManagerTestState2 = {
1181 .permissionName = "ohos.permission.SEND_MESSAGES",
1182 .isGeneral = true,
1183 .resDeviceID = {"local"},
1184 .grantStatus = {OHOS::Security::AccessToken::PermissionState::PERMISSION_DENIED},
1185 .grantFlags = {PERMISSION_GRANTED_BY_POLICY | PERMISSION_USER_FIXED}
1186 };
1187 OHOS::Security::AccessToken::PermissionStateFull infoManagerTestState3 = {
1188 .permissionName = "ohos.permission.RECEIVE_SMS",
1189 .isGeneral = true,
1190 .resDeviceID = {"local"},
1191 .grantStatus = {OHOS::Security::AccessToken::PermissionState::PERMISSION_GRANTED},
1192 .grantFlags = {PERMISSION_USER_FIXED}
1193 };
1194 OHOS::Security::AccessToken::HapPolicyParams infoManagerTestPolicyPrams = {
1195 .apl = OHOS::Security::AccessToken::ATokenAplEnum::APL_NORMAL,
1196 .domain = "test.domain",
1197 .permList = {g_infoManagerTestPermDef1},
1198 .permStateList = {infoManagerTestState1, infoManagerTestState2, infoManagerTestState3}
1199 };
1200 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
1201 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
1202 ASSERT_NE(INVALID_TOKENID, tokenID);
1203 int ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID);
1204 ASSERT_EQ(RET_SUCCESS, ret);
1205
1206 ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
1207 ASSERT_EQ(PERMISSION_GRANTED, ret);
1208
1209 ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.SEND_MESSAGES");
1210 ASSERT_EQ(PERMISSION_GRANTED, ret);
1211
1212 ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.RECEIVE_SMS");
1213 ASSERT_EQ(PERMISSION_DENIED, ret);
1214
1215 ret = AccessTokenKit::DeleteToken(tokenID);
1216 ASSERT_EQ(RET_SUCCESS, ret);
1217 }
1218
1219 /**
1220 * @tc.name: GetTokenType001
1221 * @tc.desc: get the token type.
1222 * @tc.type: FUNC
1223 * @tc.require: Issue Number
1224 */
1225 HWTEST_F(AccessTokenKitTest, GetTokenType001, TestSize.Level0)
1226 {
1227 AllocTestToken();
1228 AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
1229 g_infoManagerTestInfoParms.bundleName,
1230 g_infoManagerTestInfoParms.instIndex);
1231 int ret = AccessTokenKit::GetTokenType(tokenID);
1232 ASSERT_EQ(TOKEN_HAP, ret);
1233 DeleteTestToken();
1234 }
1235
1236 /**
1237 * @tc.name: GetTokenType002
1238 * @tc.desc: get the token type abnormal branch.
1239 * @tc.type: FUNC
1240 * @tc.require Issue I5RJBB
1241 */
1242 HWTEST_F(AccessTokenKitTest, GetTokenType002, TestSize.Level0)
1243 {
1244 AccessTokenID tokenID = 0;
1245 int32_t ret = AccessTokenKit::GetTokenType(tokenID);
1246 ASSERT_EQ(TOKEN_INVALID, ret);
1247 }
1248
1249 /**
1250 * @tc.name: GetHapDlpFlag001
1251 * @tc.desc: GetHapDlpFlag function abnormal branch.
1252 * @tc.type: FUNC
1253 * @tc.require Issue Number:I5RJBB
1254 */
1255 HWTEST_F(AccessTokenKitTest, GetHapDlpFlag001, TestSize.Level0)
1256 {
1257 AccessTokenID tokenID = 0;
1258 int32_t ret = AccessTokenKit::GetHapDlpFlag(tokenID);
1259 ASSERT_EQ(INVALID_DLP_TOKEN_FLAG, ret);
1260 }
1261
1262 /**
1263 * @tc.name: GetHapTokenInfo001
1264 * @tc.desc: get the token info and verify.
1265 * @tc.type: FUNC
1266 * @tc.require: Issue Number
1267 */
1268 HWTEST_F(AccessTokenKitTest, GetHapTokenInfo001, TestSize.Level0)
1269 {
1270 HapTokenInfo hapTokenInfoRes;
1271 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1272 int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
1273 ASSERT_EQ(RET_SUCCESS, ret);
1274
1275 ASSERT_EQ(hapTokenInfoRes.apl, APL_NORMAL);
1276 ASSERT_EQ(hapTokenInfoRes.userID, TEST_USER_ID);
1277 ASSERT_EQ(hapTokenInfoRes.tokenID, tokenID);
1278 ASSERT_EQ(hapTokenInfoRes.tokenAttr, static_cast<AccessTokenAttr>(0));
1279 ASSERT_EQ(hapTokenInfoRes.instIndex, 0);
1280
1281 ASSERT_EQ(hapTokenInfoRes.appID, "appIDDesc");
1282
1283 ASSERT_EQ(hapTokenInfoRes.bundleName, TEST_BUNDLE_NAME);
1284 }
1285
1286 /**
1287 * @tc.name: GetHapTokenInfo002
1288 * @tc.desc: try to get the token info with invalid tokenId.
1289 * @tc.type: FUNC
1290 * @tc.require: Issue Number
1291 */
1292 HWTEST_F(AccessTokenKitTest, GetHapTokenInfo002, TestSize.Level0)
1293 {
1294 HapTokenInfo hapTokenInfoRes;
1295 int ret = AccessTokenKit::GetHapTokenInfo(TEST_TOKENID_INVALID, hapTokenInfoRes);
1296 ASSERT_EQ(RET_FAILED, ret);
1297 }
1298
1299 /**
1300 * @tc.name: DeleteToken001
1301 * @tc.desc: Cannot get permission definition info after DeleteToken function has been invoked.
1302 * @tc.type: FUNC
1303 * @tc.require: Issue Number
1304 */
1305 HWTEST_F(AccessTokenKitTest, DeleteToken001, TestSize.Level1)
1306 {
1307 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1308 PermissionDef permDefResultAlpha;
1309 int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha);
1310 ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName);
1311 ASSERT_EQ(RET_SUCCESS, ret);
1312
1313 ret = AccessTokenKit::DeleteToken(tokenID);
1314 ASSERT_EQ(RET_SUCCESS, ret);
1315
1316 PermissionDef defResult;
1317 ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, defResult);
1318 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIT, ret);
1319 }
1320
1321 /**
1322 * @tc.name: DeleteToken002
1323 * @tc.desc: Delete invalid tokenID.
1324 * @tc.type: FUNC
1325 * @tc.require: Issue Number
1326 */
1327 HWTEST_F(AccessTokenKitTest, DeleteToken002, TestSize.Level1)
1328 {
1329 int ret = AccessTokenKit::DeleteToken(TEST_USER_ID_INVALID);
1330 ASSERT_EQ(RET_FAILED, ret);
1331 }
1332
1333 /**
1334 * @tc.name: DeleteToken002
1335 * @tc.desc: Delete invalid tokenID.
1336 * @tc.type: FUNC
1337 * @tc.require: Issue Number
1338 */
1339 HWTEST_F(AccessTokenKitTest, DeleteToken003, TestSize.Level1)
1340 {
1341 HapTokenInfo hapTokenInfoRes;
1342 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1343
1344 int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
1345 ASSERT_EQ(RET_SUCCESS, ret);
1346
1347 ret = AccessTokenKit::DeleteToken(tokenID);
1348 ASSERT_EQ(RET_SUCCESS, ret);
1349
1350 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
1351 ASSERT_EQ(RET_FAILED, ret);
1352 }
1353
1354 /**
1355 * @tc.name: DeleteToken004
1356 * @tc.desc: alloc a tokenId successfully, delete it successfully the first time and fail to delte it again.
1357 * @tc.type: FUNC
1358 * @tc.require: Issue Number
1359 */
1360 HWTEST_F(AccessTokenKitTest, DeleteToken004, TestSize.Level1)
1361 {
1362 AccessTokenIDEx tokenIdEx = {0};
1363 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1364 GTEST_LOG_(INFO) << "tokenIdEx.tokenIdExStruct.tokenID :" << tokenIdEx.tokenIdExStruct.tokenID;
1365 AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
1366 g_infoManagerTestInfoParms.bundleName,
1367 g_infoManagerTestInfoParms.instIndex);
1368
1369 int ret = AccessTokenKit::DeleteToken(tokenID);
1370 GTEST_LOG_(INFO) << "g_infoManagerTestInfoParms.userID :" << g_infoManagerTestInfoParms.userID;
1371 GTEST_LOG_(INFO) << "g_infoManagerTestInfoParms.bundleName :" << g_infoManagerTestInfoParms.bundleName.c_str();
1372 GTEST_LOG_(INFO) << "g_infoManagerTestInfoParms.instIndex :" << g_infoManagerTestInfoParms.instIndex;
1373 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
1374 ASSERT_EQ(RET_SUCCESS, ret);
1375 ret = AccessTokenKit::DeleteToken(tokenID);
1376 ASSERT_EQ(RET_FAILED, ret);
1377 }
1378
1379 /**
1380 * @tc.name: GetHapTokenID001
1381 * @tc.desc: get hap tokenid.
1382 * @tc.type: FUNC
1383 * @tc.require: Issue Number
1384 */
1385 HWTEST_F(AccessTokenKitTest, GetHapTokenID001, TestSize.Level1)
1386 {
1387 HapTokenInfo hapTokenInfoRes;
1388 AccessTokenID tokenID;
1389 tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1390
1391 int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
1392 ASSERT_EQ(RET_SUCCESS, ret);
1393 ASSERT_EQ(hapTokenInfoRes.bundleName, TEST_BUNDLE_NAME);
1394 }
1395
1396 /**
1397 * @tc.name: GetHapTokenID002
1398 * @tc.desc: cannot get hap tokenid with invalid userId.
1399 * @tc.type: FUNC
1400 * @tc.require: Issue Number
1401 */
1402 HWTEST_F(AccessTokenKitTest, GetHapTokenID002, TestSize.Level1)
1403 {
1404 AccessTokenID tokenID;
1405 tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID_INVALID, TEST_BUNDLE_NAME, 0);
1406 ASSERT_EQ(INVALID_TOKENID, tokenID);
1407 }
1408
1409 /**
1410 * @tc.name: GetHapTokenID003
1411 * @tc.desc: cannot get hap tokenid with invalid bundlename.
1412 * @tc.type: FUNC
1413 * @tc.require: Issue Number
1414 */
1415 HWTEST_F(AccessTokenKitTest, GetHapTokenID003, TestSize.Level1)
1416 {
1417 AccessTokenID tokenID;
1418 tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, "invalid bundlename", 0);
1419 ASSERT_EQ(0, tokenID);
1420 }
1421
1422 /**
1423 * @tc.name: GetHapTokenID003
1424 * @tc.desc: cannot get hap tokenid with invalid bundlename.
1425 * @tc.type: FUNC
1426 * @tc.require: Issue Number
1427 */
1428 HWTEST_F(AccessTokenKitTest, GetHapTokenID004, TestSize.Level1)
1429 {
1430 AccessTokenID tokenID;
1431 tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0xffff);
1432 ASSERT_EQ(0, tokenID);
1433 }
1434
1435 /**
1436 * @tc.name: ReloadNativeTokenInfo001
1437 * @tc.desc: cannot get hap tokenid with invalid bundlename.
1438 * @tc.type: FUNC
1439 * @tc.require: Issue Number
1440 */
1441 HWTEST_F(AccessTokenKitTest, ReloadNativeTokenInfo001, TestSize.Level1)
1442 {
1443 int32_t ret = AccessTokenKit::ReloadNativeTokenInfo();
1444 ASSERT_EQ(RET_SUCCESS, ret);
1445 }
1446
1447 /**
1448 * @tc.name: GetNativeTokenId001
1449 * @tc.desc: cannot get native tokenid with invalid processName.
1450 * @tc.type: FUNC
1451 * @tc.require: Issue Number
1452 */
1453 HWTEST_F(AccessTokenKitTest, GetNativeTokenId001, TestSize.Level1)
1454 {
1455 std::string processName = "";
1456 ASSERT_EQ(0, AccessTokenKit::GetNativeTokenId(processName));
1457
1458 processName = "invalid processName";
1459 ASSERT_EQ(0, AccessTokenKit::GetNativeTokenId(processName));
1460 }
1461
1462 /**
1463 * @tc.name: GetNativeTokenId002
1464 * @tc.desc: get native tokenid with processName.
1465 * @tc.type: FUNC
1466 * @tc.require: Issue Number
1467 */
1468 HWTEST_F(AccessTokenKitTest, GetNativeTokenId002, TestSize.Level1)
1469 {
1470 std::string processName = "hdcd";
1471 AccessTokenID tokenID = AccessTokenKit::GetNativeTokenId(processName);
1472 ASSERT_NE(INVALID_TOKENID, tokenID);
1473
1474 NativeTokenInfo tokenInfo;
1475 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetNativeTokenInfo(tokenID, tokenInfo));
1476 ASSERT_EQ(true, tokenInfo.processName == processName);
1477 }
1478
1479 /**
1480 * @tc.name: GetNativeTokenId003
1481 * @tc.desc: get native tokenid with hap.
1482 * @tc.type: FUNC
1483 * @tc.require: Issue Number
1484 */
1485 HWTEST_F(AccessTokenKitTest, GetNativeTokenId003, TestSize.Level1)
1486 {
1487 std::string processName = "hdcd";
1488 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1489 ASSERT_NE(INVALID_TOKENID, tokenID);
1490 ASSERT_EQ(0, SetSelfTokenID(tokenID));
1491 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::ReloadNativeTokenInfo());
1492
1493 tokenID = AccessTokenKit::GetNativeTokenId(processName);
1494 ASSERT_NE(INVALID_TOKENID, tokenID);
1495
1496 NativeTokenInfo tokenInfo;
1497 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetNativeTokenInfo(tokenID, tokenInfo));
1498 ASSERT_EQ(true, tokenInfo.processName == processName);
1499
1500 ASSERT_EQ(0, SetSelfTokenID(selfTokenId_));
1501 }
1502
1503 /**
1504 * @tc.name: GetNativeTokenId004
1505 * @tc.desc: get native tokenid with hap.
1506 * @tc.type: FUNC
1507 * @tc.require: Issue Number
1508 */
1509 HWTEST_F(AccessTokenKitTest, GetNativeTokenId004, TestSize.Level1)
1510 {
1511 std::string processName = "hdcd";
1512 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
1513 ASSERT_NE(INVALID_TOKENID, tokenID);
1514 ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(tokenID));
1515 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::ReloadNativeTokenInfo());
1516
1517 int32_t selfUid = getuid();
1518 setuid(10001); // 10001: UID
1519
1520 ASSERT_EQ(0, AccessTokenKit::GetNativeTokenId(processName));
1521
1522 // restore environment
1523 setuid(selfUid);
1524 ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(selfTokenId_));
1525 }
1526
1527 /**
1528 * @tc.name: AllocHapToken001
1529 * @tc.desc: alloc a tokenId successfully, delete it successfully the first time and fail to delete it again.
1530 * @tc.type: FUNC
1531 * @tc.require: Issue Number
1532 */
1533 HWTEST_F(AccessTokenKitTest, AllocHapToken001, TestSize.Level1)
1534 {
1535 AccessTokenIDEx tokenIdEx = {0};
1536 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1537 GTEST_LOG_(INFO) << "tokenIdEx.tokenIdExStruct.tokenID :" << tokenIdEx.tokenIdExStruct.tokenID;
1538 AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
1539 g_infoManagerTestInfoParms.bundleName,
1540 g_infoManagerTestInfoParms.instIndex);
1541 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
1542 int ret = AccessTokenKit::DeleteToken(tokenID);
1543 ASSERT_EQ(RET_SUCCESS, ret);
1544 ret = AccessTokenKit::DeleteToken(tokenID);
1545 ASSERT_EQ(RET_FAILED, ret);
1546 }
1547
1548 /**
1549 * @tc.name: AllocHapToken002
1550 * @tc.desc: alloc a tokenId successfully,
1551 * and fail to alloc it with the same info and policy again.
1552 * @tc.type: FUNC
1553 * @tc.require: Issue Number
1554 */
1555 HWTEST_F(AccessTokenKitTest, AllocHapToken002, TestSize.Level1)
1556 {
1557 AccessTokenIDEx tokenIdEx = {0};
1558 AccessTokenID tokenID;
1559 int ret;
1560
1561 tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
1562 g_infoManagerTestInfoParms.bundleName,
1563 g_infoManagerTestInfoParms.instIndex);
1564
1565 ret = AccessTokenKit::DeleteToken(tokenID);
1566 GTEST_LOG_(INFO) << "DeleteToken ret:" << ret;
1567 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
1568
1569 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1570 GTEST_LOG_(INFO) << "tokenIdEx.tokenIdExStruct.tokenID :" << tokenIdEx.tokenIdExStruct.tokenID;
1571
1572 tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
1573 g_infoManagerTestInfoParms.bundleName,
1574 g_infoManagerTestInfoParms.instIndex);
1575 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
1576 ASSERT_NE(INVALID_TOKENID, tokenID);
1577
1578 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1579 ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
1580 ASSERT_NE(tokenID, tokenIdEx.tokenIdExStruct.tokenID);
1581 ASSERT_EQ(RET_FAILED, AccessTokenKit::DeleteToken(tokenID));
1582 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID));
1583 }
1584
1585 /**
1586 * @tc.name: AllocHapToken003
1587 * @tc.desc: cannot alloc a tokenId with invalid bundlename.
1588 * @tc.type: FUNC
1589 * @tc.require: Issue Number
1590 */
1591 HWTEST_F(AccessTokenKitTest, AllocHapToken003, TestSize.Level1)
1592 {
1593 std::string invalidBundleName (INVALID_BUNDLENAME_LEN, 'x');
1594 AccessTokenIDEx tokenIdEx = {0};
1595 int ret;
1596 AccessTokenID tokenID;
1597
1598 DeleteTestToken();
1599 GTEST_LOG_(INFO) << "get hap token info:" << invalidBundleName.length();
1600 g_infoManagerTestInfoParms.bundleName = invalidBundleName;
1601 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1602
1603 ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID);
1604
1605 tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
1606 g_infoManagerTestInfoParms.bundleName,
1607 g_infoManagerTestInfoParms.instIndex);
1608 ASSERT_EQ(0, tokenID);
1609 ret = AccessTokenKit::DeleteToken(tokenID);
1610 ASSERT_EQ(RET_FAILED, ret);
1611
1612 g_infoManagerTestInfoParms.bundleName = "accesstoken_test";
1613 }
1614
1615 /**
1616 * @tc.name: AllocHapToken004
1617 * @tc.desc: cannot alloc a tokenId with invalid apl.
1618 * @tc.type: FUNC
1619 * @tc.require: Issue Number
1620 */
1621 HWTEST_F(AccessTokenKitTest, AllocHapToken004, TestSize.Level1)
1622 {
1623 AccessTokenIDEx tokenIdEx = {0};
1624 AccessTokenID tokenID;
1625 ATokenAplEnum typeBackUp = g_infoManagerTestPolicyPrams.apl;
1626 DeleteTestToken();
1627
1628 g_infoManagerTestPolicyPrams.apl = (ATokenAplEnum)5;
1629 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1630
1631 ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID);
1632
1633 tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
1634 g_infoManagerTestInfoParms.bundleName,
1635 g_infoManagerTestInfoParms.instIndex);
1636 ASSERT_EQ(0, tokenID);
1637 int ret = AccessTokenKit::DeleteToken(tokenID);
1638 ASSERT_EQ(RET_FAILED, ret);
1639 g_infoManagerTestPolicyPrams.apl = typeBackUp;
1640 }
1641
1642 /**
1643 * @tc.name: AllocHapToken005
1644 * @tc.desc: can alloc a tokenId when bundlename in permdef is different with bundlename in info.
1645 * @tc.type: FUNC
1646 * @tc.require: Issue Number
1647 */
1648 HWTEST_F(AccessTokenKitTest, AllocHapToken005, TestSize.Level1)
1649 {
1650 AccessTokenIDEx tokenIdEx = {0};
1651 std::string backUp;
1652 std::string backUpPermission;
1653 std::string bundleNameBackUp = g_infoManagerTestPermDef1.bundleName;
1654 DeleteTestToken();
1655
1656 backUp = g_infoManagerTestPolicyPrams.permList[0].bundleName;
1657 backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName;
1658
1659 g_infoManagerTestPolicyPrams.permList[0].bundleName = "invalid_bundleName";
1660 g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp01";
1661 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1662 ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
1663
1664 PermissionDef permDefResultBeta;
1665 int ret = AccessTokenKit::GetDefPermission(
1666 g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResultBeta);
1667 ASSERT_EQ(RET_SUCCESS, ret);
1668 ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta);
1669 ASSERT_EQ(RET_SUCCESS, ret);
1670 g_infoManagerTestPolicyPrams.permList[0].bundleName = backUp;
1671 g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission;
1672 }
1673
1674 /**
1675 * @tc.name: AllocHapToken006
1676 * @tc.desc: can alloc a tokenId with a invalid permList permissionName.
1677 * @tc.type: FUNC
1678 * @tc.require: Issue Number
1679 */
1680 HWTEST_F(AccessTokenKitTest, AllocHapToken006, TestSize.Level1)
1681 {
1682 AccessTokenIDEx tokenIdEx = {0};
1683 std::string backUp;
1684 DeleteTestToken();
1685
1686 const std::string invalidPermissionName (INVALID_PERMNAME_LEN, 'x');
1687 backUp = g_infoManagerTestPolicyPrams.permList[0].permissionName;
1688 g_infoManagerTestPolicyPrams.permList[0].permissionName = invalidPermissionName;
1689 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1690 ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
1691
1692 PermissionDef permDefResultBeta;
1693 int ret = AccessTokenKit::GetDefPermission(invalidPermissionName, permDefResultBeta);
1694 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1695 ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta);
1696 ASSERT_EQ(RET_SUCCESS, ret);
1697 g_infoManagerTestPolicyPrams.permList[0].permissionName = backUp;
1698 }
1699
1700 /**
1701 * @tc.name: AllocHapToken007
1702 * @tc.desc: can alloc a tokenId with invalid permdef.
1703 * @tc.type: FUNC
1704 * @tc.require: Issue Number
1705 */
1706 HWTEST_F(AccessTokenKitTest, AllocHapToken007, TestSize.Level1)
1707 {
1708 AccessTokenIDEx tokenIdEx = {0};
1709 std::string backUp;
1710 std::string backUpPermission;
1711 DeleteTestToken();
1712
1713 const std::string invalidBundleName (INVALID_BUNDLENAME_LEN, 'x');
1714 backUp = g_infoManagerTestPolicyPrams.permList[0].bundleName;
1715 backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName;
1716
1717 g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp02";
1718 g_infoManagerTestPolicyPrams.permList[0].bundleName = invalidBundleName;
1719 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1720 ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
1721
1722 PermissionDef permDefResultBeta;
1723 int ret = AccessTokenKit::GetDefPermission(
1724 g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResultBeta);
1725 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIT, ret);
1726 ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta);
1727 ASSERT_EQ(RET_SUCCESS, ret);
1728 g_infoManagerTestPolicyPrams.permList[0].bundleName = backUp;
1729 g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission;
1730 }
1731
1732 /**
1733 * @tc.name: AllocHapToken008
1734 * @tc.desc: can alloc a tokenId with invalid permdef.
1735 * @tc.type: FUNC
1736 * @tc.require: Issue Number
1737 */
1738 HWTEST_F(AccessTokenKitTest, AllocHapToken008, TestSize.Level1)
1739 {
1740 AccessTokenIDEx tokenIdEx = {0};
1741 std::string backUp;
1742 std::string backUpPermission;
1743 DeleteTestToken();
1744
1745 const std::string invalidLabel (INVALID_LABEL_LEN, 'x');
1746 backUp = g_infoManagerTestPolicyPrams.permList[0].label;
1747 backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName;
1748 g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp03";
1749 g_infoManagerTestPolicyPrams.permList[0].label = invalidLabel;
1750 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1751 ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
1752
1753 PermissionDef permDefResultBeta;
1754 int ret = AccessTokenKit::GetDefPermission(
1755 g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResultBeta);
1756 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIT, ret);
1757 ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta);
1758 ASSERT_EQ(RET_SUCCESS, ret);
1759 g_infoManagerTestPolicyPrams.permList[0].label = backUp;
1760 g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission;
1761 }
1762
1763 /**
1764 * @tc.name: AllocHapToken009
1765 * @tc.desc: can alloc a tokenId with invalid permdef.
1766 * @tc.type: FUNC
1767 * @tc.require: Issue Number
1768 */
1769 HWTEST_F(AccessTokenKitTest, AllocHapToken009, TestSize.Level1)
1770 {
1771 AccessTokenIDEx tokenIdEx = {0};
1772 std::string backUp;
1773 std::string backUpPermission;
1774 DeleteTestToken();
1775
1776 const std::string invalidDescription (INVALID_DESCRIPTION_LEN, 'x');
1777 backUp = g_infoManagerTestPolicyPrams.permList[0].description;
1778 backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName;
1779
1780 g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp04";
1781 g_infoManagerTestPolicyPrams.permList[0].description = invalidDescription;
1782 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1783 ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
1784
1785 PermissionDef permDefResultBeta;
1786 int ret = AccessTokenKit::GetDefPermission(
1787 g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResultBeta);
1788 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIT, ret);
1789 ret = AccessTokenKit::GetDefPermission(
1790 g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta);
1791 ASSERT_EQ(RET_SUCCESS, ret);
1792
1793 g_infoManagerTestPolicyPrams.permList[0].description = backUp;
1794 g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission;
1795 }
1796
ExistInVector(vector<unsigned int> array,unsigned int value)1797 static bool ExistInVector(vector<unsigned int> array, unsigned int value)
1798 {
1799 vector<unsigned int>::iterator it;
1800 it = find(array.begin(), array.end(), value);
1801 if (it != array.end()) {
1802 return true;
1803 } else {
1804 return false;
1805 }
1806 }
1807
1808 /**
1809 * @tc.name: AllocHapToken010
1810 * @tc.desc: alloc and delete in a loop.
1811 * @tc.type: FUNC
1812 * @tc.require: Issue Number
1813 */
1814 HWTEST_F(AccessTokenKitTest, AllocHapToken010, TestSize.Level1)
1815 {
1816 AccessTokenIDEx tokenIdEx = {0};
1817 AccessTokenID tokenID;
1818 int ret;
1819 bool exist = false;
1820 int allocFlag = 0;
1821 int deleteFlag = 0;
1822
1823 DeleteTestToken();
1824 vector<unsigned int> obj;
1825 for (int i = 0; i < CYCLE_TIMES; i++) {
1826 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1827 tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID,
1828 g_infoManagerTestInfoParms.bundleName,
1829 g_infoManagerTestInfoParms.instIndex);
1830
1831 exist = ExistInVector(obj, tokenID);
1832 if (exist) {
1833 allocFlag = 1;
1834 }
1835 obj.push_back(tokenID);
1836
1837 ret = AccessTokenKit::DeleteToken(tokenID);
1838 if (RET_SUCCESS != ret) {
1839 deleteFlag = 1;
1840 }
1841 }
1842 ASSERT_EQ(allocFlag, 0);
1843 ASSERT_EQ(deleteFlag, 0);
1844 }
1845
1846 /**
1847 * @tc.name: AllocHapToken011
1848 * @tc.desc: cannot alloc a tokenId with invalid appIDDesc.
1849 * @tc.type: FUNC
1850 * @tc.require: Issue Number
1851 */
1852 HWTEST_F(AccessTokenKitTest, AllocHapToken011, TestSize.Level1)
1853 {
1854 std::string invalidAppIDDesc (INVALID_APPIDDESC_LEN, 'x');
1855 std::string backup;
1856 AccessTokenIDEx tokenIdEx = {0};
1857
1858 DeleteTestToken();
1859 backup = g_infoManagerTestInfoParms.appIDDesc;
1860 g_infoManagerTestInfoParms.appIDDesc = invalidAppIDDesc;
1861 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1862 ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID);
1863 g_infoManagerTestInfoParms.appIDDesc = backup;
1864 }
1865
1866 /**
1867 * @tc.name: AllocHapToken012
1868 * @tc.desc: cannot alloc a tokenId with invalid bundleName.
1869 * @tc.type: FUNC
1870 * @tc.require: Issue Number
1871 */
1872 HWTEST_F(AccessTokenKitTest, AllocHapToken012, TestSize.Level1)
1873 {
1874 std::string backup;
1875 AccessTokenIDEx tokenIdEx = {0};
1876
1877 backup = g_infoManagerTestInfoParms.bundleName;
1878 g_infoManagerTestInfoParms.bundleName = "";
1879 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1880 ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID);
1881 g_infoManagerTestInfoParms.bundleName = backup;
1882 }
1883
1884 /**
1885 * @tc.name: AllocHapToken013
1886 * @tc.desc: cannot alloc a tokenId with invalid appIDDesc.
1887 * @tc.type: FUNC
1888 * @tc.require: Issue Number
1889 */
1890 HWTEST_F(AccessTokenKitTest, AllocHapToken013, TestSize.Level1)
1891 {
1892 std::string backup;
1893 AccessTokenIDEx tokenIdEx = {0};
1894
1895 backup = g_infoManagerTestInfoParms.appIDDesc;
1896 g_infoManagerTestInfoParms.appIDDesc = "";
1897 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1898 ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID);
1899 g_infoManagerTestInfoParms.appIDDesc = backup;
1900 }
1901
1902 /**
1903 * @tc.name: AllocHapToken014
1904 * @tc.desc: can alloc a tokenId with permList permissionName as "".
1905 * @tc.type: FUNC
1906 * @tc.require: Issue Number
1907 */
1908 HWTEST_F(AccessTokenKitTest, AllocHapToken014, TestSize.Level1)
1909 {
1910 std::string backup;
1911 AccessTokenIDEx tokenIdEx = {0};
1912
1913 backup = g_infoManagerTestPolicyPrams.permList[0].permissionName;
1914 g_infoManagerTestPolicyPrams.permList[0].permissionName = "";
1915 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1916 PermissionDef permDefResultBeta;
1917 int ret = AccessTokenKit::GetDefPermission("", permDefResultBeta);
1918 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
1919 g_infoManagerTestPolicyPrams.permList[0].permissionName = backup;
1920 }
1921
1922 /**
1923 * @tc.name: AllocHapToken015
1924 * @tc.desc: can alloc a tokenId with permList bundleName as "".
1925 * @tc.type: FUNC
1926 * @tc.require: Issue Number
1927 */
1928 HWTEST_F(AccessTokenKitTest, AllocHapToken015, TestSize.Level1)
1929 {
1930 std::string backup;
1931 std::string backUpPermission;
1932 AccessTokenIDEx tokenIdEx = {0};
1933
1934 backup = g_infoManagerTestPolicyPrams.permList[0].bundleName;
1935 backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName;
1936 g_infoManagerTestPolicyPrams.permList[0].bundleName = "";
1937 g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp05";
1938 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1939
1940 PermissionDef permDefResultBeta;
1941 int ret = AccessTokenKit::GetDefPermission(
1942 g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResultBeta);
1943 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIT, ret);
1944 ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta);
1945 ASSERT_EQ(RET_SUCCESS, ret);
1946 g_infoManagerTestPolicyPrams.permList[0].bundleName = backup;
1947 g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission;
1948 }
1949
1950 /**
1951 * @tc.name: AllocHapToken016
1952 * @tc.desc: can alloc a tokenId with label as "".
1953 * @tc.type: FUNC
1954 * @tc.require: Issue Number
1955 */
1956 HWTEST_F(AccessTokenKitTest, AllocHapToken016, TestSize.Level1)
1957 {
1958 std::string backup;
1959 std::string backUpPermission;
1960 AccessTokenIDEx tokenIdEx = {0};
1961
1962 backup = g_infoManagerTestPolicyPrams.permList[0].label;
1963 g_infoManagerTestPolicyPrams.permList[0].label = "";
1964 backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName;
1965 g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp06";
1966 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1967
1968 PermissionDef permDefResult;
1969 int ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult);
1970 ASSERT_EQ(ret, RET_SUCCESS);
1971 g_infoManagerTestPolicyPrams.permList[0].label = backup;
1972 g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission;
1973 }
1974
1975 /**
1976 * @tc.name: AllocHapToken017
1977 * @tc.desc: cannot alloc a tokenId with invalid permdef.
1978 * @tc.type: FUNC
1979 * @tc.require: Issue Number
1980 */
1981 HWTEST_F(AccessTokenKitTest, AllocHapToken017, TestSize.Level1)
1982 {
1983 std::string backUpPermission;
1984 std::string backup;
1985 AccessTokenIDEx tokenIdEx = {0};
1986
1987 backup = g_infoManagerTestPolicyPrams.permList[0].description;
1988 g_infoManagerTestPolicyPrams.permList[0].description = "";
1989 backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName;
1990 g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp07";
1991 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
1992
1993 PermissionDef permDefResult;
1994 int ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult);
1995 ASSERT_EQ(ret, RET_SUCCESS);
1996 g_infoManagerTestPolicyPrams.permList[0].description = backup;
1997 g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission;
1998 }
1999
2000 /**
2001 * @tc.name: AllocHapToken018
2002 * @tc.desc: alloc a tokenId with vaild dlptype.
2003 * @tc.type: FUNC
2004 * @tc.require: Issue Number
2005 */
2006 HWTEST_F(AccessTokenKitTest, AllocHapToken018, TestSize.Level1)
2007 {
2008 AccessTokenIDEx tokenIdEx = {0};
2009 HapPolicyParams infoManagerTestPolicyPrams = {
2010 .apl = APL_NORMAL,
2011 .domain = "test.domain",
2012 .permList = {},
2013 .permStateList = {}
2014 };
2015 HapInfoParams infoManagerTestInfoParms1 = {
2016 .userID = 1,
2017 .bundleName = "dlp_test1",
2018 .instIndex = 0,
2019 .dlpType = DLP_COMMON,
2020 .appIDDesc = "testtesttesttest",
2021 .apiVersion = DEFAULT_API_VERSION
2022 };
2023 HapInfoParams infoManagerTestInfoParms2 = {
2024 .userID = 1,
2025 .bundleName = "dlp_test2",
2026 .instIndex = 1,
2027 .dlpType = DLP_READ,
2028 .appIDDesc = "testtesttesttest",
2029 .apiVersion = DEFAULT_API_VERSION
2030 };
2031 HapInfoParams infoManagerTestInfoParms3 = {
2032 .userID = 1,
2033 .bundleName = "dlp_test3",
2034 .instIndex = 2,
2035 .dlpType = DLP_FULL_CONTROL,
2036 .appIDDesc = "testtesttesttest",
2037 .apiVersion = DEFAULT_API_VERSION
2038 };
2039 HapTokenInfo hapTokenInfoRes;
2040 AccessTokenID tokenID;
2041 int32_t ret;
2042
2043 tokenID = GetAccessTokenID(infoManagerTestInfoParms1.userID, infoManagerTestInfoParms1.bundleName, 0);
2044 if (tokenID != 0) {
2045 ret = AccessTokenKit::DeleteToken(tokenID);
2046 }
2047 tokenIdEx= AccessTokenKit::AllocHapToken(infoManagerTestInfoParms1, infoManagerTestPolicyPrams);
2048 ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
2049 ret = AccessTokenKit::GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapTokenInfoRes);
2050 ASSERT_EQ(ret, RET_SUCCESS);
2051 ASSERT_EQ(AccessTokenKit::GetHapDlpFlag(tokenIdEx.tokenIdExStruct.tokenID), 0);
2052 ASSERT_EQ(hapTokenInfoRes.dlpType, DLP_COMMON);
2053 ret = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
2054 ASSERT_EQ(RET_SUCCESS, ret);
2055 ret = AccessTokenKit::GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapTokenInfoRes);
2056 ASSERT_EQ(ret, RET_FAILED);
2057
2058 tokenID = GetAccessTokenID(infoManagerTestInfoParms2.userID, infoManagerTestInfoParms2.bundleName, 1);
2059 if (tokenID != 0) {
2060 ret = AccessTokenKit::DeleteToken(tokenID);
2061 }
2062 tokenIdEx = AccessTokenKit::AllocHapToken(infoManagerTestInfoParms2, infoManagerTestPolicyPrams);
2063 ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
2064 ret = AccessTokenKit::GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapTokenInfoRes);
2065 ASSERT_EQ(ret, RET_SUCCESS);
2066 ASSERT_EQ(hapTokenInfoRes.dlpType, DLP_READ);
2067 ASSERT_EQ(AccessTokenKit::GetHapDlpFlag(tokenIdEx.tokenIdExStruct.tokenID), 1);
2068 ret = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
2069 ASSERT_EQ(RET_SUCCESS, ret);
2070 ret = AccessTokenKit::GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapTokenInfoRes);
2071 ASSERT_EQ(ret, RET_FAILED);
2072
2073 tokenID = GetAccessTokenID(infoManagerTestInfoParms3.userID, infoManagerTestInfoParms3.bundleName, 2);
2074 if (tokenID != 0) {
2075 ret = AccessTokenKit::DeleteToken(tokenID);
2076 }
2077 tokenIdEx = AccessTokenKit::AllocHapToken(infoManagerTestInfoParms3, infoManagerTestPolicyPrams);
2078 ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
2079 ret = AccessTokenKit::GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapTokenInfoRes);
2080 ASSERT_EQ(ret, RET_SUCCESS);
2081 ASSERT_EQ(hapTokenInfoRes.dlpType, DLP_FULL_CONTROL);
2082 ASSERT_EQ(AccessTokenKit::GetHapDlpFlag(tokenIdEx.tokenIdExStruct.tokenID), 1);
2083 ret = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
2084 ASSERT_EQ(RET_SUCCESS, ret);
2085 ret = AccessTokenKit::GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapTokenInfoRes);
2086 ASSERT_EQ(ret, RET_FAILED);
2087 }
2088
2089 /**
2090 * @tc.name: AllocHapToken019
2091 * @tc.desc: cannot alloc a tokenId with invaild dlptype.
2092 * @tc.type: FUNC
2093 * @tc.require: Issue Number
2094 */
2095 HWTEST_F(AccessTokenKitTest, AllocHapToken019, TestSize.Level1)
2096 {
2097 AccessTokenIDEx tokenIdEx = {0};
2098 HapPolicyParams infoManagerTestPolicyPrams = {
2099 .apl = APL_NORMAL,
2100 .domain = "test.domain",
2101 .permList = {},
2102 .permStateList = {}
2103 };
2104 HapInfoParams infoManagerTestInfoParms1 = {
2105 .userID = 1,
2106 .bundleName = "accesstoken_test",
2107 .instIndex = 4,
2108 .dlpType = INVALID_DLP_TYPE,
2109 .appIDDesc = "testtesttesttest",
2110 .apiVersion = DEFAULT_API_VERSION
2111 };
2112
2113 tokenIdEx = AccessTokenKit::AllocHapToken(infoManagerTestInfoParms1, infoManagerTestPolicyPrams);
2114 ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID);
2115 }
2116
2117 /**
2118 * @tc.name: UpdateHapToken001
2119 * @tc.desc: alloc a tokenId successfully, update it successfully and verify it.
2120 * @tc.type: FUNC
2121 * @tc.require: Issue Number
2122 */
2123 HWTEST_F(AccessTokenKitTest, UpdateHapToken001, TestSize.Level1)
2124 {
2125 int userID = g_infoManagerTestInfoParms.userID;
2126 const std::string bundleName = g_infoManagerTestInfoParms.bundleName;
2127 int instIndex = g_infoManagerTestInfoParms.instIndex;
2128
2129 const std::string appIDDesc = "housework app";
2130
2131 DeleteTestToken();
2132 AccessTokenIDEx tokenIdEx = {0};
2133 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2134 GTEST_LOG_(INFO) << "tokenID :" << tokenIdEx.tokenIdExStruct.tokenID;
2135 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex);
2136 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
2137 g_infoManagerTestPolicyPrams.apl = APL_SYSTEM_BASIC;
2138
2139 int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams);
2140 ASSERT_EQ(0, ret);
2141
2142 HapTokenInfo hapTokenInfoRes;
2143 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
2144 ASSERT_EQ(RET_SUCCESS, ret);
2145
2146 ASSERT_EQ(hapTokenInfoRes.appID, "housework app");
2147 ASSERT_EQ(hapTokenInfoRes.apl, APL_SYSTEM_BASIC);
2148
2149 ret = AccessTokenKit::DeleteToken(tokenID);
2150 ASSERT_EQ(RET_SUCCESS, ret);
2151 }
2152
2153 /**
2154 * @tc.name: UpdateHapToken002
2155 * @tc.desc: cannot update hap token info with invalid userId.
2156 * @tc.type: FUNC
2157 * @tc.require: Issue Number
2158 */
2159 HWTEST_F(AccessTokenKitTest, UpdateHapToken002, TestSize.Level1)
2160 {
2161 int ret = AccessTokenKit::UpdateHapToken(
2162 TEST_USER_ID_INVALID, "appIDDesc", DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams);
2163 ASSERT_EQ(RET_FAILED, ret);
2164 }
2165
2166 /**
2167 * @tc.name: UpdateHapToken003
2168 * @tc.desc: cannot update hap token info with invalid appIDDesc.
2169 * @tc.type: FUNC
2170 * @tc.require: Issue Number
2171 */
2172 HWTEST_F(AccessTokenKitTest, UpdateHapToken003, TestSize.Level1)
2173 {
2174 int userID = g_infoManagerTestInfoParms.userID;
2175 const std::string bundleName = g_infoManagerTestInfoParms.bundleName;
2176 int instIndex = g_infoManagerTestInfoParms.instIndex;
2177
2178 const std::string appIDDesc (INVALID_APPIDDESC_LEN, 'x');
2179
2180 AccessTokenIDEx tokenIdEx = {0};
2181 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2182
2183 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex);
2184
2185 int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams);
2186 ASSERT_EQ(RET_FAILED, ret);
2187
2188 HapTokenInfo hapTokenInfoRes;
2189 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
2190 ASSERT_EQ(RET_SUCCESS, ret);
2191
2192 ASSERT_EQ(hapTokenInfoRes.appID, "testtesttesttest");
2193
2194 ret = AccessTokenKit::DeleteToken(tokenID);
2195 ASSERT_EQ(RET_SUCCESS, ret);
2196 }
2197
2198 /**
2199 * @tc.name: UpdateHapToken004
2200 * @tc.desc: cannot update a tokenId with invalid apl.
2201 * @tc.type: FUNC
2202 * @tc.require: Issue Number
2203 */
2204 HWTEST_F(AccessTokenKitTest, UpdateHapToken004, TestSize.Level1)
2205 {
2206 int userID = g_infoManagerTestInfoParms.userID;
2207 const std::string bundleName = g_infoManagerTestInfoParms.bundleName;
2208 int instIndex = g_infoManagerTestInfoParms.instIndex;
2209
2210 const std::string appIDDesc = "housework app";
2211
2212 AccessTokenIDEx tokenIdEx = {0};
2213 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2214
2215 AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex);
2216
2217 g_infoManagerTestPolicyPrams.apl = (ATokenAplEnum)5;
2218
2219 int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams);
2220 ASSERT_EQ(RET_FAILED, ret);
2221
2222 HapTokenInfo hapTokenInfoRes;
2223 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
2224 ASSERT_EQ(RET_SUCCESS, ret);
2225
2226 ASSERT_EQ(hapTokenInfoRes.apl, APL_NORMAL);
2227
2228 ret = AccessTokenKit::DeleteToken(tokenID);
2229 ASSERT_EQ(RET_SUCCESS, ret);
2230 }
2231
2232 /**
2233 * @tc.name: UpdateHapToken005
2234 * @tc.desc: cannot update a tokenId with invalid string value.
2235 * @tc.type: FUNC
2236 * @tc.require: Issue Number
2237 */
2238 HWTEST_F(AccessTokenKitTest, UpdateHapToken005, TestSize.Level1)
2239 {
2240 std::string backUpPermission;
2241 const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2242 PermissionDef permDefResult;
2243
2244 DeleteTestToken();
2245 AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2246 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2247 ASSERT_NE(INVALID_TOKENID, tokenID);
2248
2249 std::string backup = g_infoManagerTestPolicyPrams.permList[0].permissionName;
2250 g_infoManagerTestPolicyPrams.permList[0].permissionName = "";
2251 int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams);
2252 ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult);
2253 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
2254 g_infoManagerTestPolicyPrams.permList[0].permissionName = backup;
2255
2256 backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName;
2257 g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp11";
2258 backup = g_infoManagerTestPolicyPrams.permList[0].bundleName;
2259 g_infoManagerTestPolicyPrams.permList[0].bundleName = "";
2260 ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams);
2261 ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult);
2262 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIT, ret);
2263 g_infoManagerTestPolicyPrams.permList[0].bundleName = backup;
2264 g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission;
2265
2266 backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName;
2267 g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp12";
2268 backup = g_infoManagerTestPolicyPrams.permList[0].label;
2269 g_infoManagerTestPolicyPrams.permList[0].label = "";
2270 ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams);
2271 ASSERT_EQ(RET_SUCCESS, ret);
2272 ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult);
2273 ASSERT_EQ(RET_SUCCESS, ret);
2274 g_infoManagerTestPolicyPrams.permList[0].label = backup;
2275 g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission;
2276
2277 backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName;
2278 g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp13";
2279 backup = g_infoManagerTestPolicyPrams.permList[0].description;
2280 g_infoManagerTestPolicyPrams.permList[0].description = "";
2281 ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams);
2282 ASSERT_EQ(RET_SUCCESS, ret);
2283 ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult);
2284 ASSERT_EQ(RET_SUCCESS, ret);
2285 g_infoManagerTestPolicyPrams.permList[0].description = backup;
2286 g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission;
2287
2288 ret = AccessTokenKit::DeleteToken(tokenID);
2289 ASSERT_EQ(RET_SUCCESS, ret);
2290 }
2291
2292 /**
2293 * @tc.name: UpdateHapToken006
2294 * @tc.desc: update a batch of tokenId.
2295 * @tc.type: FUNC
2296 * @tc.require: Issue Number
2297 */
2298 HWTEST_F(AccessTokenKitTest, UpdateHapToken006, TestSize.Level1)
2299 {
2300 int allocFlag = 0;
2301 int updateFlag = 0;
2302 int deleteFlag = 0;
2303 AccessTokenIDEx tokenIdEx = {0};
2304 AccessTokenID tokenID;
2305 int ret;
2306 vector<AccessTokenID> obj;
2307 bool exist;
2308 const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2309 HapInfoParams infoManagerTestInfo = g_infoManagerTestInfoParms;
2310 DeleteTestToken();
2311
2312 for (int i = 0; i < CYCLE_TIMES; i++) {
2313 tokenIdEx = AccessTokenKit::AllocHapToken(infoManagerTestInfo, g_infoManagerTestPolicyPrams);
2314 tokenID = GetAccessTokenID(infoManagerTestInfo.userID,
2315 infoManagerTestInfo.bundleName,
2316 infoManagerTestInfo.instIndex);
2317
2318 exist = ExistInVector(obj, tokenID);
2319 if (exist) {
2320 allocFlag = 1;
2321 break;
2322 }
2323 obj.push_back(tokenID);
2324 infoManagerTestInfo.userID++;
2325 }
2326
2327 infoManagerTestInfo.instIndex = 1;
2328 g_infoManagerTestPolicyPrams.apl = APL_SYSTEM_BASIC;
2329 for (size_t i = 0; i < obj.size(); i++) {
2330 ret = AccessTokenKit::UpdateHapToken(obj[i], appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams);
2331 if (RET_SUCCESS != ret) {
2332 updateFlag = 1;
2333 break;
2334 }
2335 }
2336 g_infoManagerTestPolicyPrams.apl = APL_NORMAL;
2337
2338 for (size_t i = 0; i < obj.size(); i++) {
2339 ret = AccessTokenKit::DeleteToken(obj[i]);
2340 if (RET_SUCCESS != ret) {
2341 deleteFlag = 1;
2342 }
2343 }
2344 ASSERT_EQ(allocFlag, 0);
2345 ASSERT_EQ(updateFlag, 0);
2346 ASSERT_EQ(deleteFlag, 0);
2347 }
2348
2349 /**
2350 * @tc.name: UpdateHapToken007
2351 * @tc.desc: add new permissdef.
2352 * @tc.type: FUNC
2353 * @tc.require: Issue Number
2354 */
2355 HWTEST_F(AccessTokenKitTest, UpdateHapToken007, TestSize.Level1)
2356 {
2357 int ret;
2358 std::string backup;
2359 const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2360 DeleteTestToken();
2361
2362 AccessTokenIDEx tokenIdEx = {0};
2363 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2364 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2365 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
2366
2367 PermissionDef permDefResult;
2368 /* check permission define before update */
2369 ret = AccessTokenKit::GetDefPermission("ohos.permission.test3", permDefResult);
2370 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIT, ret);
2371
2372 backup = g_infoManagerTestPolicyPrams.permList[0].permissionName;
2373 g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.test3";
2374 ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams);
2375 ASSERT_EQ(RET_SUCCESS, ret);
2376 g_infoManagerTestPolicyPrams.permList[0].permissionName = backup;
2377
2378 GTEST_LOG_(INFO) << "permissionName :" << g_infoManagerTestPolicyPrams.permList[0].permissionName;
2379
2380 ret = AccessTokenKit::GetDefPermission("ohos.permission.test3", permDefResult);
2381 if (ret != RET_SUCCESS) {
2382 ret = AccessTokenKit::DeleteToken(tokenID);
2383 ASSERT_EQ(RET_SUCCESS, ret);
2384 }
2385 ASSERT_EQ(RET_SUCCESS, ret);
2386 ASSERT_EQ("ohos.permission.test3", permDefResult.permissionName);
2387
2388 ret = AccessTokenKit::DeleteToken(tokenID);
2389 ASSERT_EQ(RET_SUCCESS, ret);
2390 }
2391 /**
2392 * @tc.name: UpdateHapToken008
2393 * @tc.desc: modify permissdef's grantMode.
2394 * @tc.type: FUNC
2395 * @tc.require: Issue Number
2396 */
2397 HWTEST_F(AccessTokenKitTest, UpdateHapToken008, TestSize.Level1)
2398 {
2399 int ret;
2400 std::string backup;
2401 const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2402 DeleteTestToken();
2403
2404 AccessTokenIDEx tokenIdEx = {0};
2405 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2406 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2407 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
2408
2409 PermissionDef permDefResult;
2410 /* check permission define before update */
2411 ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult);
2412 ASSERT_EQ(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult.permissionName);
2413 ASSERT_EQ("label", permDefResult.label);
2414 ASSERT_EQ(1, permDefResult.grantMode);
2415 ASSERT_EQ(RET_SUCCESS, ret);
2416
2417 backup = g_infoManagerTestPolicyPrams.permList[0].label;
2418 g_infoManagerTestPolicyPrams.permList[0].grantMode = 0;
2419 g_infoManagerTestPolicyPrams.permList[0].label = "updated label";
2420 ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams);
2421 ASSERT_EQ(RET_SUCCESS, ret);
2422 g_infoManagerTestPolicyPrams.permList[0].label = backup;
2423 g_infoManagerTestPolicyPrams.permList[0].grantMode = 1;
2424
2425 /* check permission define after update */
2426 ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult);
2427 ASSERT_EQ(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult.permissionName);
2428 ASSERT_EQ("updated label", permDefResult.label);
2429 ASSERT_EQ(0, permDefResult.grantMode);
2430 ASSERT_EQ(RET_SUCCESS, ret);
2431
2432 ret = AccessTokenKit::DeleteToken(tokenID);
2433 ASSERT_EQ(RET_SUCCESS, ret);
2434 }
2435
2436 /**
2437 * @tc.name: UpdateHapToken009
2438 * @tc.desc: old permission define will not update its grantStatus.
2439 * @tc.type: FUNC
2440 * @tc.require: Issue Number
2441 */
2442 HWTEST_F(AccessTokenKitTest, UpdateHapToken009, TestSize.Level1)
2443 {
2444 int ret;
2445 std::vector<PermissionDef> permDefList;
2446 const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2447 PermissionDef infoManagerTestPermDef = g_infoManagerTestPermDef1;
2448 PermissionStateFull infoManagerTestState = {
2449 .permissionName = "ohos.permission.test1",
2450 .isGeneral = true,
2451 .resDeviceID = {"local"},
2452 .grantStatus = {3},
2453 .grantFlags = {PermissionState::PERMISSION_DENIED}
2454 };
2455
2456 HapPolicyParams infoManagerTestPolicyPrams = {
2457 .apl = APL_NORMAL,
2458 .domain = "test.domain",
2459 .permList = {infoManagerTestPermDef},
2460 .permStateList = {infoManagerTestState}
2461 };
2462
2463 DeleteTestToken();
2464 AccessTokenIDEx tokenIdEx = {0};
2465 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2466 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2467 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
2468
2469 ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.test1");
2470 ASSERT_EQ(ret, g_infoManagerTestState1.grantStatus[0]);
2471
2472 ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, infoManagerTestPolicyPrams);
2473
2474 ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.test1");
2475 ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
2476
2477 ret = AccessTokenKit::DeleteToken(tokenID);
2478 ASSERT_EQ(RET_SUCCESS, ret);
2479 }
2480
2481 /**
2482 * @tc.name: UpdateHapToken010
2483 * @tc.desc: update api version.
2484 * @tc.type: FUNC
2485 * @tc.require:Issue Number
2486 */
2487 HWTEST_F(AccessTokenKitTest, UpdateHapToken010, TestSize.Level1)
2488 {
2489 AccessTokenIDEx tokenIdEx = {0};
2490 const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc;
2491 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2492 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
2493 GTEST_LOG_(INFO) << "tokenID :" << tokenID;
2494
2495 int32_t apiVersion = DEFAULT_API_VERSION - 1;
2496 int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, apiVersion, g_infoManagerTestPolicyPrams);
2497
2498 HapTokenInfo hapTokenInfoRes;
2499 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
2500 ASSERT_EQ(apiVersion, hapTokenInfoRes.apiVersion);
2501
2502 apiVersion = DEFAULT_API_VERSION + 1;
2503 ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, apiVersion, g_infoManagerTestPolicyPrams);
2504
2505 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
2506 ASSERT_EQ(apiVersion, hapTokenInfoRes.apiVersion);
2507 }
2508
ThreadTestFunc01(void * args)2509 static void *ThreadTestFunc01(void *args)
2510 {
2511 ATokenTypeEnum type;
2512 AccessTokenID tokenID;
2513
2514 for (int i = 0; i < CYCLE_TIMES; i++) {
2515 tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
2516 g_infoManagerTestInfoParms.bundleName,
2517 g_infoManagerTestInfoParms.instIndex);
2518 type = AccessTokenKit::GetTokenType(tokenID);
2519 if (type != TOKEN_HAP) {
2520 GTEST_LOG_(INFO) << "ThreadTestFunc01 failed" << tokenID;
2521 }
2522 }
2523 return nullptr;
2524 }
2525
ThreadTestFunc02(void * args)2526 static void *ThreadTestFunc02(void *args)
2527 {
2528 int ret;
2529 AccessTokenID tokenID;
2530 HapTokenInfo hapTokenInfoRes;
2531
2532 for (int i = 0; i < CYCLE_TIMES; i++) {
2533 tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
2534 g_infoManagerTestInfoParms.bundleName,
2535 g_infoManagerTestInfoParms.instIndex);
2536 ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes);
2537 if (ret != RET_SUCCESS) {
2538 GTEST_LOG_(INFO) << "ThreadTestFunc02 failed" << tokenID;
2539 }
2540 }
2541 return nullptr;
2542 }
2543
2544 /**
2545 * @tc.name: AllocHapToken011
2546 * @tc.desc: Mulitpulthread test.
2547 * @tc.type: FUNC
2548 * @tc.require: Issue Number
2549 */
2550 HWTEST_F(AccessTokenKitTest, Mulitpulthread001, TestSize.Level1)
2551 {
2552 int ret;
2553 AccessTokenIDEx tokenIdEx = {0};
2554 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
2555 ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
2556 pthread_t tid[2];
2557 (void)pthread_create(&tid[0], 0, &ThreadTestFunc01, nullptr);
2558 (void)pthread_create(&tid[1], 0, &ThreadTestFunc01, nullptr);
2559 (void)pthread_join(tid[0], nullptr);
2560 (void)pthread_join(tid[1], nullptr);
2561
2562 (void)pthread_create(&tid[0], 0, &ThreadTestFunc02, nullptr);
2563 (void)pthread_create(&tid[1], 0, &ThreadTestFunc02, nullptr);
2564 (void)pthread_join(tid[0], nullptr);
2565 (void)pthread_join(tid[1], nullptr);
2566
2567 ret = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
2568 ASSERT_EQ(RET_SUCCESS, ret);
2569 }
2570
ConcurrencyTask(unsigned int tokenID)2571 void ConcurrencyTask(unsigned int tokenID)
2572 {
2573 int32_t flag;
2574 for (int i = 0; i < CYCLE_TIMES; i++) {
2575 AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED);
2576 AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
2577 AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
2578
2579 AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_SET);
2580 AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA, flag);
2581 AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA);
2582 }
2583 }
2584
2585 /**
2586 * @tc.name: ConcurrencyTest001
2587 * @tc.desc: Concurrency testing
2588 * @tc.type: FUNC
2589 * @tc.require: Issue Number
2590 */
2591 HWTEST_F(AccessTokenKitTest, ConcurrencyTest001, TestSize.Level1)
2592 {
2593 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
2594 ASSERT_NE(INVALID_TOKENID, tokenID);
2595 std::vector<std::thread> threadVec;
2596 for (int i = 0; i < THREAD_NUM; i++) {
2597 threadVec.emplace_back(std::thread(ConcurrencyTask, tokenID));
2598 }
2599 for (auto it = threadVec.begin(); it != threadVec.end(); it++) {
2600 it->join();
2601 }
2602 }
2603
2604 /**
2605 * @tc.name: CheckNativeDCap001
2606 * @tc.desc: cannot Check native dcap with invalid tokenID.
2607 * @tc.type: FUNC
2608 * @tc.require: Issue Number
2609 */
2610 HWTEST_F(AccessTokenKitTest, CheckNativeDCap001, TestSize.Level1)
2611 {
2612 AccessTokenID tokenID = 0;
2613 const std::string dcap = "AT_CAP";
2614 int ret = AccessTokenKit::CheckNativeDCap(tokenID, dcap);
2615 ASSERT_EQ(RET_FAILED, ret);
2616
2617 tokenID = 1;
2618 ret = AccessTokenKit::CheckNativeDCap(tokenID, dcap);
2619 ASSERT_EQ(RET_FAILED, ret);
2620 }
2621
2622 /**
2623 * @tc.name: CheckNativeDCap002
2624 * @tc.desc: cannot Check native dcap with invalid dcap.
2625 * @tc.type: FUNC
2626 * @tc.require: Issue Number
2627 */
2628 HWTEST_F(AccessTokenKitTest, CheckNativeDCap002, TestSize.Level1)
2629 {
2630 AccessTokenID tokenID = 0Xff;
2631 const std::string invalidDcap (INVALID_DCAP_LEN, 'x');
2632 int ret = AccessTokenKit::CheckNativeDCap(tokenID, invalidDcap);
2633 ASSERT_EQ(RET_FAILED, ret);
2634 }
2635
2636 /**
2637 * @tc.name: GetNativeTokenInfo001
2638 * @tc.desc: cannot get native token with invalid tokenID.
2639 * @tc.type: FUNC
2640 * @tc.require: Issue Number
2641 */
2642 HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo001, TestSize.Level1)
2643 {
2644 AccessTokenID tokenID = 0;
2645 NativeTokenInfo findInfo;
2646 int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo);
2647 ASSERT_EQ(ret, RET_FAILED);
2648
2649 tokenID = 0xff;
2650 ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo);
2651 ASSERT_EQ(ret, RET_FAILED);
2652 }
2653
2654 /**
2655 * @tc.name: GetTokenTypeFlag001
2656 * @tc.desc: cannot get token type with tokenID.
2657 * @tc.type: FUNC
2658 * @tc.require: Issue Number
2659 */
2660 HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag001, TestSize.Level1)
2661 {
2662 AccessTokenID tokenID = 0;
2663 ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenID);
2664 ASSERT_EQ(ret, TOKEN_INVALID);
2665 }
2666
2667 /**
2668 * @tc.name: GetTokenTypeFlag002
2669 * @tc.desc: Get token type with native tokenID.
2670 * @tc.type: FUNC
2671 * @tc.require: Issue Number
2672 */
2673 HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag002, TestSize.Level1)
2674 {
2675 NativeTokenInfoParams infoInstance = {
2676 .dcapsNum = 0,
2677 .permsNum = 0,
2678 .aclsNum = 0,
2679 .dcaps = nullptr,
2680 .perms = nullptr,
2681 .acls = nullptr,
2682 .processName = "GetTokenTypeFlag002",
2683 .aplStr = "system_core",
2684 };
2685 uint64_t tokenId01 = GetAccessTokenId(&infoInstance);
2686
2687 AccessTokenID tokenID = tokenId01 & 0xffffffff;
2688 ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenID);
2689 ASSERT_EQ(ret, TOKEN_NATIVE);
2690 }
2691
2692 /**
2693 * @tc.name: GetSelfPermissionsState001
2694 * @tc.desc: get permission list state
2695 * @tc.type: FUNC
2696 * @tc.require: Issue Number
2697 */
2698 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState001, TestSize.Level1)
2699 {
2700 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
2701 ASSERT_NE(INVALID_TOKENID, tokenID);
2702 ASSERT_EQ(0, SetSelfTokenID(tokenID));
2703
2704 PermissionListState perm1 = {
2705 .permissionName = "ohos.permission.testPermDef1",
2706 .state = -1,
2707 };
2708 PermissionListState perm2 = {
2709 .permissionName = "ohos.permission.testPermDef2",
2710 .state = -1,
2711 };
2712 PermissionListState perm3 = {
2713 .permissionName = "ohos.permission.testPermDef3",
2714 .state = -1,
2715 };
2716 PermissionListState perm4 = {
2717 .permissionName = "ohos.permission.testPermDef4",
2718 .state = -1,
2719 };
2720
2721 std::vector<PermissionListState> permsList1;
2722 permsList1.emplace_back(perm1);
2723 permsList1.emplace_back(perm2);
2724 permsList1.emplace_back(perm3);
2725 permsList1.emplace_back(perm4);
2726
2727 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList1);
2728 ASSERT_EQ(DYNAMIC_OPER, ret);
2729 ASSERT_EQ(static_cast<uint32_t>(4), permsList1.size());
2730 ASSERT_EQ(DYNAMIC_OPER, permsList1[0].state);
2731 ASSERT_EQ(DYNAMIC_OPER, permsList1[1].state);
2732 ASSERT_EQ(SETTING_OPER, permsList1[2].state);
2733 ASSERT_EQ(PASS_OPER, permsList1[3].state);
2734 ASSERT_EQ("ohos.permission.testPermDef1", permsList1[0].permissionName);
2735 ASSERT_EQ("ohos.permission.testPermDef2", permsList1[1].permissionName);
2736 ASSERT_EQ("ohos.permission.testPermDef3", permsList1[2].permissionName);
2737 ASSERT_EQ("ohos.permission.testPermDef4", permsList1[3].permissionName);
2738
2739 PermissionListState perm5 = {
2740 .permissionName = "ohos.permission.testPermDef5",
2741 .state = -1,
2742 };
2743 permsList1.emplace_back(perm5);
2744 ret = AccessTokenKit::GetSelfPermissionsState(permsList1);
2745 ASSERT_EQ(INVALID_OPER, permsList1[4].state);
2746 ASSERT_EQ(DYNAMIC_OPER, ret);
2747
2748 std::vector<PermissionListState> permsList2;
2749 permsList2.emplace_back(perm3);
2750 permsList2.emplace_back(perm4);
2751 ret = AccessTokenKit::GetSelfPermissionsState(permsList2);
2752 ASSERT_EQ(SETTING_OPER, permsList2[0].state);
2753 ASSERT_EQ(PASS_OPER, permsList2[1].state);
2754 ASSERT_EQ(PASS_OPER, ret);
2755
2756 permsList2.emplace_back(perm5);
2757 ret = AccessTokenKit::GetSelfPermissionsState(permsList2);
2758 ASSERT_EQ(SETTING_OPER, permsList2[0].state);
2759 ASSERT_EQ(PASS_OPER, permsList2[1].state);
2760 ASSERT_EQ(INVALID_OPER, permsList2[2].state);
2761 ASSERT_EQ(PASS_OPER, ret);
2762
2763 std::vector<PermissionListState> permsList3;
2764 permsList3.emplace_back(perm5);
2765 ret = AccessTokenKit::GetSelfPermissionsState(permsList3);
2766 ASSERT_EQ(INVALID_OPER, permsList3[0].state);
2767 ASSERT_EQ(PASS_OPER, ret);
2768 }
2769
2770 /**
2771 * @tc.name: GetSelfPermissionsState002
2772 * @tc.desc: only vague location permission
2773 * @tc.type: FUNC
2774 * @tc.require: issueI5NOQI
2775 */
2776 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState002, TestSize.Level1)
2777 {
2778 std::vector<PermissionDef> permmissionDefs;
2779 permmissionDefs.emplace_back(g_locationTestDefVague);
2780
2781 std::vector<PermissionStateFull> permissionStateFulls;
2782 permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
2783
2784 AllocHapToken(permmissionDefs, permissionStateFulls, VAGUE_LOCATION_API_VERSION);
2785
2786 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
2787 ASSERT_NE(INVALID_TOKENID, tokenID);
2788 ASSERT_EQ(0, SetSelfTokenID(tokenID));
2789
2790 PermissionListState permVague = {
2791 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
2792 .state = -1,
2793 };
2794
2795 std::vector<PermissionListState> permsList;
2796 permsList.emplace_back(permVague);
2797
2798 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList);
2799 ASSERT_EQ(DYNAMIC_OPER, ret);
2800 ASSERT_EQ(static_cast<uint32_t>(1), permsList.size());
2801 ASSERT_EQ(DYNAMIC_OPER, permsList[0].state);
2802
2803 AccessTokenKit::DeleteToken(tokenID);
2804 SetSelfTokenID(selfTokenId_);
2805 }
2806
2807 /**
2808 * @tc.name: GetSelfPermissionsState003
2809 * @tc.desc: only vague location permission after refuse
2810 * @tc.type: FUNC
2811 * @tc.require: issueI5NOQI
2812 */
2813 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState003, TestSize.Level1)
2814 {
2815 std::vector<PermissionDef> permmissionDefs;
2816 permmissionDefs.emplace_back(g_locationTestDefVague);
2817
2818 std::vector<PermissionStateFull> permissionStateFulls;
2819 permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
2820
2821 AllocHapToken(permmissionDefs, permissionStateFulls, VAGUE_LOCATION_API_VERSION);
2822
2823 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
2824 ASSERT_NE(INVALID_TOKENID, tokenID);
2825 ASSERT_EQ(0, SetSelfTokenID(tokenID));
2826
2827 PermissionListState permVague = {
2828 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
2829 .state = -1,
2830 };
2831
2832 std::vector<PermissionListState> permsList;
2833 permsList.emplace_back(permVague);
2834
2835 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList);
2836 ASSERT_EQ(PASS_OPER, ret);
2837 ASSERT_EQ(static_cast<uint32_t>(1), permsList.size());
2838 ASSERT_EQ(SETTING_OPER, permsList[0].state);
2839
2840 AccessTokenKit::DeleteToken(tokenID);
2841 SetSelfTokenID(selfTokenId_);
2842 }
2843
2844 /**
2845 * @tc.name: GetSelfPermissionsState004
2846 * @tc.desc: only vague location permission after accept
2847 * @tc.type: FUNC
2848 * @tc.require: issueI5NOQI
2849 */
2850 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState004, TestSize.Level1)
2851 {
2852 std::vector<PermissionDef> permmissionDefs;
2853 permmissionDefs.emplace_back(g_locationTestDefVague);
2854
2855 std::vector<PermissionStateFull> permissionStateFulls;
2856 permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
2857
2858 AllocHapToken(permmissionDefs, permissionStateFulls, VAGUE_LOCATION_API_VERSION);
2859
2860 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
2861 ASSERT_NE(INVALID_TOKENID, tokenID);
2862 ASSERT_EQ(0, SetSelfTokenID(tokenID));
2863
2864 PermissionListState permVague = {
2865 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
2866 .state = -1,
2867 };
2868
2869 std::vector<PermissionListState> permsList;
2870 permsList.emplace_back(permVague);
2871
2872 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList);
2873 ASSERT_EQ(PASS_OPER, ret);
2874 ASSERT_EQ(static_cast<uint32_t>(1), permsList.size());
2875 ASSERT_EQ(PASS_OPER, permsList[0].state);
2876
2877 AccessTokenKit::DeleteToken(tokenID);
2878 SetSelfTokenID(selfTokenId_);
2879 }
2880
2881 /**
2882 * @tc.name: GetSelfPermissionsState005
2883 * @tc.desc: only accurate location permission
2884 * @tc.type: FUNC
2885 * @tc.require: issueI5NOQI
2886 */
2887 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState005, TestSize.Level1)
2888 {
2889 std::vector<PermissionDef> permmissionDefs;
2890 permmissionDefs.emplace_back(g_locationTestDefAccurate);
2891
2892 std::vector<PermissionStateFull> permissionStateFulls;
2893 permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
2894
2895 AllocHapToken(permmissionDefs, permissionStateFulls, VAGUE_LOCATION_API_VERSION);
2896
2897 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
2898 ASSERT_NE(INVALID_TOKENID, tokenID);
2899 ASSERT_EQ(0, SetSelfTokenID(tokenID));
2900
2901 PermissionListState permAccurate = {
2902 .permissionName = "ohos.permission.LOCATION",
2903 .state = -1,
2904 };
2905
2906 std::vector<PermissionListState> permsList;
2907 permsList.emplace_back(permAccurate);
2908
2909 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList);
2910 ASSERT_EQ(INVALID_OPER, ret);
2911 ASSERT_EQ(static_cast<uint32_t>(1), permsList.size());
2912 ASSERT_EQ(INVALID_OPER, permsList[0].state);
2913
2914 AccessTokenKit::DeleteToken(tokenID);
2915 SetSelfTokenID(selfTokenId_);
2916 }
2917
2918 /**
2919 * @tc.name: GetSelfPermissionsState006
2920 * @tc.desc: all location permissions
2921 * @tc.type: FUNC
2922 * @tc.require: issueI5NOQI
2923 */
2924 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState006, TestSize.Level1)
2925 {
2926 std::vector<PermissionDef> permmissionDefs;
2927 permmissionDefs.emplace_back(g_locationTestDefVague);
2928 permmissionDefs.emplace_back(g_locationTestDefAccurate);
2929
2930 std::vector<PermissionStateFull> permissionStateFulls;
2931 permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
2932 permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
2933
2934 AllocHapToken(permmissionDefs, permissionStateFulls, VAGUE_LOCATION_API_VERSION);
2935
2936 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
2937 ASSERT_NE(INVALID_TOKENID, tokenID);
2938 ASSERT_EQ(0, SetSelfTokenID(tokenID));
2939
2940 PermissionListState permVague = {
2941 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
2942 .state = -1,
2943 };
2944 PermissionListState permAccurate = {
2945 .permissionName = "ohos.permission.LOCATION",
2946 .state = -1,
2947 };
2948
2949 std::vector<PermissionListState> permsList;
2950 permsList.emplace_back(permVague);
2951 permsList.emplace_back(permAccurate);
2952
2953 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList);
2954 ASSERT_EQ(DYNAMIC_OPER, ret);
2955 ASSERT_EQ(static_cast<uint32_t>(2), permsList.size());
2956 ASSERT_EQ(DYNAMIC_OPER, permsList[0].state);
2957 ASSERT_EQ(DYNAMIC_OPER, permsList[1].state);
2958
2959 AccessTokenKit::DeleteToken(tokenID);
2960 SetSelfTokenID(selfTokenId_);
2961 }
2962
2963 /**
2964 * @tc.name: GetSelfPermissionsState007
2965 * @tc.desc: all location permissions after accept vague location permission
2966 * @tc.type: FUNC
2967 * @tc.require: issueI5NOQI
2968 */
2969 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState007, TestSize.Level1)
2970 {
2971 std::vector<PermissionDef> permmissionDefs;
2972 permmissionDefs.emplace_back(g_locationTestDefVague);
2973 permmissionDefs.emplace_back(g_locationTestDefAccurate);
2974
2975 std::vector<PermissionStateFull> permissionStateFulls;
2976 permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
2977 permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
2978
2979 AllocHapToken(permmissionDefs, permissionStateFulls, VAGUE_LOCATION_API_VERSION);
2980
2981 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
2982 ASSERT_NE(INVALID_TOKENID, tokenID);
2983 ASSERT_EQ(0, SetSelfTokenID(tokenID));
2984
2985 PermissionListState permVague = {
2986 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
2987 .state = -1,
2988 };
2989 PermissionListState permAccurate = {
2990 .permissionName = "ohos.permission.LOCATION",
2991 .state = -1,
2992 };
2993
2994 std::vector<PermissionListState> permsList;
2995 permsList.emplace_back(permVague);
2996 permsList.emplace_back(permAccurate);
2997
2998 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList);
2999 ASSERT_EQ(DYNAMIC_OPER, ret);
3000 ASSERT_EQ(static_cast<uint32_t>(2), permsList.size());
3001 ASSERT_EQ(PASS_OPER, permsList[0].state);
3002 ASSERT_EQ(DYNAMIC_OPER, permsList[1].state);
3003
3004 AccessTokenKit::DeleteToken(tokenID);
3005 SetSelfTokenID(selfTokenId_);
3006 }
3007
3008 /**
3009 * @tc.name: GetSelfPermissionsState008
3010 * @tc.desc: all location permissions after refuse vague location permission
3011 * @tc.type: FUNC
3012 * @tc.require: issueI5NOQI
3013 */
3014 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState008, TestSize.Level1)
3015 {
3016 std::vector<PermissionDef> permmissionDefs;
3017 permmissionDefs.emplace_back(g_locationTestDefVague);
3018 permmissionDefs.emplace_back(g_locationTestDefAccurate);
3019
3020 std::vector<PermissionStateFull> permissionStateFulls;
3021 permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2}
3022 permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
3023
3024 AllocHapToken(permmissionDefs, permissionStateFulls, VAGUE_LOCATION_API_VERSION);
3025
3026 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
3027 ASSERT_NE(INVALID_TOKENID, tokenID);
3028 ASSERT_EQ(0, SetSelfTokenID(tokenID));
3029
3030 PermissionListState permVague = {
3031 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
3032 .state = -1,
3033 };
3034 PermissionListState permAccurate = {
3035 .permissionName = "ohos.permission.LOCATION",
3036 .state = -1,
3037 };
3038
3039 std::vector<PermissionListState> permsList;
3040 permsList.emplace_back(permVague);
3041 permsList.emplace_back(permAccurate);
3042
3043 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList);
3044 ASSERT_EQ(PASS_OPER, ret);
3045 ASSERT_EQ(static_cast<uint32_t>(2), permsList.size());
3046 ASSERT_EQ(SETTING_OPER, permsList[0].state);
3047 ASSERT_EQ(SETTING_OPER, permsList[1].state);
3048
3049 AccessTokenKit::DeleteToken(tokenID);
3050 SetSelfTokenID(selfTokenId_);
3051 }
3052
3053 /**
3054 * @tc.name: GetSelfPermissionsState009
3055 * @tc.desc: all location permissions after accept all location permissions
3056 * @tc.type: FUNC
3057 * @tc.require: issueI5NOQI
3058 */
3059 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState009, TestSize.Level1)
3060 {
3061 std::vector<PermissionDef> permmissionDefs;
3062 permmissionDefs.emplace_back(g_locationTestDefVague);
3063 permmissionDefs.emplace_back(g_locationTestDefAccurate);
3064
3065 std::vector<PermissionStateFull> permissionStateFulls;
3066 permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2}
3067 permissionStateFulls.emplace_back(g_locationTestStateAccurate02); // {0,2}
3068
3069 AllocHapToken(permmissionDefs, permissionStateFulls, VAGUE_LOCATION_API_VERSION);
3070
3071 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
3072 ASSERT_NE(INVALID_TOKENID, tokenID);
3073 ASSERT_EQ(0, SetSelfTokenID(tokenID));
3074
3075 PermissionListState permVague = {
3076 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
3077 .state = -1,
3078 };
3079 PermissionListState permAccurate = {
3080 .permissionName = "ohos.permission.LOCATION",
3081 .state = -1,
3082 };
3083
3084 std::vector<PermissionListState> permsList;
3085 permsList.emplace_back(permVague);
3086 permsList.emplace_back(permAccurate);
3087
3088 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList);
3089 ASSERT_EQ(PASS_OPER, ret);
3090 ASSERT_EQ(static_cast<uint32_t>(2), permsList.size());
3091 ASSERT_EQ(PASS_OPER, permsList[0].state);
3092 ASSERT_EQ(PASS_OPER, permsList[1].state);
3093
3094 AccessTokenKit::DeleteToken(tokenID);
3095 SetSelfTokenID(selfTokenId_);
3096 }
3097
3098 /**
3099 * @tc.name: GetSelfPermissionsState010
3100 * @tc.desc: all location permissions whith other permissions
3101 * @tc.type: FUNC
3102 * @tc.require: issueI5NOQI
3103 */
3104 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState010, TestSize.Level1)
3105 {
3106 std::vector<PermissionDef> permmissionDefs;
3107 permmissionDefs.emplace_back(g_locationTestDefVague);
3108 permmissionDefs.emplace_back(g_locationTestDefAccurate);
3109 permmissionDefs.emplace_back(g_locationTestDefSystemGrant);
3110 permmissionDefs.emplace_back(g_locationTestDefUserGrant);
3111
3112 std::vector<PermissionStateFull> permissionStateFulls;
3113 permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
3114 permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
3115 permissionStateFulls.emplace_back(g_locationTestStateSystemGrant); // {0,4}
3116 permissionStateFulls.emplace_back(g_locationTestStateUserGrant); // {-1,0}
3117
3118 AllocHapToken(permmissionDefs, permissionStateFulls, VAGUE_LOCATION_API_VERSION);
3119
3120 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
3121 ASSERT_NE(INVALID_TOKENID, tokenID);
3122 ASSERT_EQ(0, SetSelfTokenID(tokenID));
3123
3124 PermissionListState permVague = {
3125 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
3126 .state = -1,
3127 };
3128 PermissionListState permAccurate = {
3129 .permissionName = "ohos.permission.LOCATION",
3130 .state = -1,
3131 };
3132 PermissionListState permSystem = {
3133 .permissionName = "ohos.permission.locationtest1",
3134 .state = -1,
3135 };
3136 PermissionListState permUser = {
3137 .permissionName = "ohos.permission.locationtest2",
3138 .state = -1,
3139 };
3140
3141 std::vector<PermissionListState> permsList;
3142 permsList.emplace_back(permVague);
3143 permsList.emplace_back(permAccurate);
3144 permsList.emplace_back(permSystem);
3145 permsList.emplace_back(permUser);
3146
3147 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList);
3148 ASSERT_EQ(DYNAMIC_OPER, ret);
3149 ASSERT_EQ(static_cast<uint32_t>(4), permsList.size());
3150 ASSERT_EQ(DYNAMIC_OPER, permsList[0].state);
3151 ASSERT_EQ(DYNAMIC_OPER, permsList[1].state);
3152 ASSERT_EQ(PASS_OPER, permsList[2].state);
3153 ASSERT_EQ(DYNAMIC_OPER, permsList[3].state);
3154
3155 AccessTokenKit::DeleteToken(tokenID);
3156 SetSelfTokenID(selfTokenId_);
3157 }
3158
3159 /**
3160 * @tc.name: GetSelfPermissionsState011
3161 * @tc.desc: only accurate location permission whith api8
3162 * @tc.type: FUNC
3163 * @tc.require: issueI5NOQI
3164 */
3165 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState011, TestSize.Level1)
3166 {
3167 std::vector<PermissionDef> permmissionDefs;
3168 permmissionDefs.emplace_back(g_locationTestDefAccurate);
3169
3170 std::vector<PermissionStateFull> permissionStateFulls;
3171 permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
3172
3173 AllocHapToken(permmissionDefs, permissionStateFulls, DEFAULT_API_VERSION);
3174
3175 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
3176 ASSERT_NE(INVALID_TOKENID, tokenID);
3177 ASSERT_EQ(0, SetSelfTokenID(tokenID));
3178
3179 PermissionListState permAccurate = {
3180 .permissionName = "ohos.permission.LOCATION",
3181 .state = -1,
3182 };
3183
3184 std::vector<PermissionListState> permsList;
3185 permsList.emplace_back(permAccurate);
3186
3187 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList);
3188 ASSERT_EQ(DYNAMIC_OPER, ret);
3189 ASSERT_EQ(static_cast<uint32_t>(1), permsList.size());
3190 ASSERT_EQ(DYNAMIC_OPER, permsList[0].state);
3191
3192 AccessTokenKit::DeleteToken(tokenID);
3193 SetSelfTokenID(selfTokenId_);
3194 }
3195
3196 /**
3197 * @tc.name: GetSelfPermissionsState012
3198 * @tc.desc: all location permissions with api8
3199 * @tc.type: FUNC
3200 * @tc.require: issueI5NOQI
3201 */
3202 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState012, TestSize.Level1)
3203 {
3204 std::vector<PermissionDef> permmissionDefs;
3205 permmissionDefs.emplace_back(g_locationTestDefVague);
3206 permmissionDefs.emplace_back(g_locationTestDefAccurate);
3207
3208 std::vector<PermissionStateFull> permissionStateFulls;
3209 permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0}
3210 permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0}
3211
3212 AllocHapToken(permmissionDefs, permissionStateFulls, DEFAULT_API_VERSION);
3213
3214 AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, "accesstoken_location_test", 0);
3215 ASSERT_NE(INVALID_TOKENID, tokenID);
3216 ASSERT_EQ(0, SetSelfTokenID(tokenID));
3217
3218 PermissionListState permVague = {
3219 .permissionName = "ohos.permission.APPROXIMATELY_LOCATION",
3220 .state = -1,
3221 };
3222 PermissionListState permAccurate = {
3223 .permissionName = "ohos.permission.LOCATION",
3224 .state = -1,
3225 };
3226
3227 std::vector<PermissionListState> permsList;
3228 permsList.emplace_back(permVague);
3229 permsList.emplace_back(permAccurate);
3230
3231 PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList);
3232 ASSERT_EQ(DYNAMIC_OPER, ret);
3233 ASSERT_EQ(static_cast<uint32_t>(2), permsList.size());
3234 ASSERT_EQ(INVALID_OPER, permsList[0].state);
3235 ASSERT_EQ(DYNAMIC_OPER, permsList[1].state);
3236
3237 AccessTokenKit::DeleteToken(tokenID);
3238 SetSelfTokenID(selfTokenId_);
3239 }
3240
3241 /**
3242 * @tc.name: GetSelfPermissionsState013
3243 * @tc.desc: permission list is empty or oversize
3244 * @tc.type: FUNC
3245 * @tc.require:
3246 */
3247 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState013, TestSize.Level1)
3248 {
3249 std::vector<PermissionListState> permsList;
3250 ASSERT_EQ(PASS_OPER, AccessTokenKit::GetSelfPermissionsState(permsList));
3251
3252 for (uint32_t i = 0; i < MAX_PERMISSION_SIZE + 1; i++) {
3253 PermissionListState tmp = {
3254 .permissionName = "ohos.permission.CAMERA",
3255 .state = 0
3256 };
3257 permsList.emplace_back(tmp);
3258 }
3259 ASSERT_EQ(INVALID_OPER, AccessTokenKit::GetSelfPermissionsState(permsList));
3260 }
3261
3262 /**
3263 * @tc.name: GetSelfPermissionsState014
3264 * @tc.desc: test token id is native
3265 * @tc.type: FUNC
3266 * @tc.require:
3267 */
3268 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState014, TestSize.Level1)
3269 {
3270 AccessTokenID tokenId = AccessTokenKit::GetNativeTokenId("hdcd");
3271 SetSelfTokenID(tokenId);
3272 std::vector<PermissionListState> permsList;
3273 PermissionListState tmp = {
3274 .permissionName = "ohos.permission.CAMERA",
3275 .state = 0
3276 };
3277 permsList.emplace_back(tmp);
3278 ASSERT_EQ(INVALID_OPER, AccessTokenKit::GetSelfPermissionsState(permsList));
3279 }
3280
3281 /**
3282 * @tc.name: GetSelfPermissionsState015
3283 * @tc.desc: test noexist token id
3284 * @tc.type: FUNC
3285 * @tc.require:
3286 */
3287 HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState015, TestSize.Level1)
3288 {
3289 AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
3290 SetSelfTokenID(tokenId);
3291 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenId));
3292 std::vector<PermissionListState> permsList;
3293 PermissionListState tmp = {
3294 .permissionName = "ohos.permission.CAMERA",
3295 .state = 0
3296 };
3297 permsList.emplace_back(tmp);
3298 ASSERT_EQ(INVALID_OPER, AccessTokenKit::GetSelfPermissionsState(permsList));
3299 }
3300
3301 /**
3302 * @tc.name: GetTokenTypeFlag003
3303 * @tc.desc: Get token type with hap tokenID.
3304 * @tc.type: FUNC
3305 * @tc.require: Issue Number
3306 */
3307 HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag003, TestSize.Level1)
3308 {
3309 AccessTokenIDEx tokenIdEx = {0};
3310 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
3311 ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
3312
3313 ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenIdEx.tokenIdExStruct.tokenID);
3314 ASSERT_EQ(ret, TOKEN_HAP);
3315
3316 int res = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
3317 ASSERT_EQ(RET_SUCCESS, res);
3318 }
3319
3320 /**
3321 * @tc.name: DumpTokenInfo001
3322 * @tc.desc: Get dump token information with invalid tokenID
3323 * @tc.type: FUNC
3324 * @tc.require:Issue Number
3325 */
3326 HWTEST_F(AccessTokenKitTest, DumpTokenInfo001, TestSize.Level1)
3327 {
3328 std::string info;
3329 AccessTokenKit::DumpTokenInfo(123, info);
3330 ASSERT_EQ("invalid tokenId", info);
3331 }
3332
3333 class CbCustomizeTest : public PermStateChangeCallbackCustomize {
3334 public:
CbCustomizeTest(const PermStateChangeScope & scopeInfo)3335 explicit CbCustomizeTest(const PermStateChangeScope &scopeInfo)
3336 : PermStateChangeCallbackCustomize(scopeInfo)
3337 {
3338 }
3339
~CbCustomizeTest()3340 ~CbCustomizeTest()
3341 {}
3342
PermStateChangeCallback(PermStateChangeInfo & result)3343 virtual void PermStateChangeCallback(PermStateChangeInfo& result)
3344 {
3345 ready_ = true;
3346 }
3347
3348 bool ready_;
3349 };
3350
3351 /**
3352 * @tc.name: RegisterPermStateChangeCallback001
3353 * @tc.desc: RegisterPermStateChangeCallback permList
3354 * @tc.type: FUNC
3355 * @tc.require: issueI5NT1X
3356 */
3357 HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback001, TestSize.Level1)
3358 {
3359 PermStateChangeScope scopeInfo;
3360 scopeInfo.permList = {"ohos.permission.CAMERA"};
3361 scopeInfo.tokenIDs = {};
3362 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3363 callbackPtr->ready_ = false;
3364
3365 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3366 ASSERT_EQ(RET_SUCCESS, res);
3367
3368 static PermissionStateFull infoManagerTestStateA = {
3369 .permissionName = "ohos.permission.CAMERA",
3370 .isGeneral = true,
3371 .resDeviceID = {"local"},
3372 .grantStatus = {PERMISSION_DENIED},
3373 .grantFlags = {1}
3374 };
3375 static HapPolicyParams infoManagerTestPolicyPrams = {
3376 .apl = APL_NORMAL,
3377 .domain = "test.domain",
3378 .permList = {},
3379 .permStateList = {infoManagerTestStateA}
3380 };
3381
3382 AccessTokenIDEx tokenIdEx = {0};
3383 AccessTokenID tokenID;
3384 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
3385
3386 tokenID = tokenIdEx.tokenIdExStruct.tokenID;
3387 ASSERT_NE(INVALID_TOKENID, tokenID);
3388
3389 ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenID);
3390 ASSERT_EQ(ret, TOKEN_HAP);
3391
3392 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
3393 ASSERT_EQ(PERMISSION_DENIED, res);
3394
3395 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
3396 ASSERT_EQ(RET_SUCCESS, res);
3397
3398 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
3399 ASSERT_EQ(PERMISSION_GRANTED, res);
3400
3401 EXPECT_EQ(true, callbackPtr->ready_);
3402
3403 callbackPtr->ready_ = false;
3404
3405 res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.CAMERA", 2);
3406 ASSERT_EQ(RET_SUCCESS, res);
3407
3408 EXPECT_EQ(true, callbackPtr->ready_);
3409
3410 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
3411 ASSERT_EQ(RET_SUCCESS, res);
3412
3413 callbackPtr->ready_ = false;
3414
3415 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
3416 ASSERT_EQ(RET_SUCCESS, res);
3417
3418 ASSERT_EQ(false, callbackPtr->ready_);
3419
3420 callbackPtr->ready_ = false;
3421
3422 res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.CAMERA", 2);
3423 ASSERT_EQ(RET_SUCCESS, res);
3424
3425 ASSERT_EQ(false, callbackPtr->ready_);
3426
3427 res = AccessTokenKit::DeleteToken(tokenID);
3428 ASSERT_EQ(RET_SUCCESS, res);
3429 }
3430
3431 /**
3432 * @tc.name: RegisterPermStateChangeCallback002
3433 * @tc.desc: RegisterPermStateChangeCallback permList
3434 * @tc.type: FUNC
3435 * @tc.require: issueI5NT1X
3436 */
3437 HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback002, TestSize.Level1)
3438 {
3439 PermStateChangeScope scopeInfo;
3440 scopeInfo.permList = {"ohos.permission.GET_BUNDLE_INFO"};
3441 scopeInfo.tokenIDs = {};
3442 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3443 callbackPtr->ready_ = false;
3444
3445 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3446
3447 static PermissionStateFull infoManagerTestStateA = {
3448 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
3449 .isGeneral = true,
3450 .resDeviceID = {"local"},
3451 .grantStatus = {PERMISSION_GRANTED},
3452 .grantFlags = {1}
3453 };
3454 static PermissionStateFull infoManagerTestStateB = {
3455 .permissionName = "ohos.permission.CAMERA",
3456 .isGeneral = true,
3457 .resDeviceID = {"local"},
3458 .grantStatus = {PERMISSION_GRANTED},
3459 .grantFlags = {1}
3460 };
3461 static HapPolicyParams infoManagerTestPolicyPrams = {
3462 .apl = APL_SYSTEM_BASIC,
3463 .domain = "test.domain",
3464 .permList = {},
3465 .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
3466 };
3467
3468 AccessTokenIDEx tokenIdEx = {0};
3469 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
3470
3471 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
3472
3473 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
3474 ASSERT_EQ(PERMISSION_GRANTED, res);
3475
3476 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
3477 ASSERT_EQ(RET_SUCCESS, res);
3478
3479 EXPECT_EQ(false, callbackPtr->ready_);
3480
3481 res = AccessTokenKit::DeleteToken(tokenID);
3482 ASSERT_EQ(RET_SUCCESS, res);
3483
3484 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
3485 ASSERT_EQ(RET_SUCCESS, res);
3486 }
3487
3488 /**
3489 * @tc.name: RegisterPermStateChangeCallback003
3490 * @tc.desc: RegisterPermStateChangeCallback permList
3491 * @tc.type: FUNC
3492 * @tc.require: issueI5NT1X
3493 */
3494 HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback003, TestSize.Level1)
3495 {
3496 PermStateChangeScope scopeInfo;
3497 scopeInfo.permList = {};
3498 scopeInfo.tokenIDs = {};
3499 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3500 callbackPtr->ready_ = false;
3501
3502 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3503
3504 static PermissionStateFull infoManagerTestStateA = {
3505 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
3506 .isGeneral = true,
3507 .resDeviceID = {"local"},
3508 .grantStatus = {PERMISSION_DENIED},
3509 .grantFlags = {1}
3510 };
3511 static PermissionStateFull infoManagerTestStateB = {
3512 .permissionName = "ohos.permission.CAMERA",
3513 .isGeneral = true,
3514 .resDeviceID = {"local"},
3515 .grantStatus = {PERMISSION_DENIED},
3516 .grantFlags = {1}
3517 };
3518 static HapPolicyParams infoManagerTestPolicyPrams = {
3519 .apl = APL_SYSTEM_CORE,
3520 .domain = "test.domain",
3521 .permList = {},
3522 .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
3523 };
3524
3525 AccessTokenIDEx tokenIdEx = {0};
3526 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
3527
3528 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
3529
3530 callbackPtr->ready_ = false;
3531 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
3532 ASSERT_EQ(PERMISSION_DENIED, res);
3533 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
3534 ASSERT_EQ(RET_SUCCESS, res);
3535 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
3536 ASSERT_EQ(PERMISSION_GRANTED, res);
3537 EXPECT_EQ(true, callbackPtr->ready_);
3538
3539 callbackPtr->ready_ = false;
3540 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.GET_BUNDLE_INFO");
3541 ASSERT_EQ(PERMISSION_DENIED, res);
3542 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.GET_BUNDLE_INFO", 2);
3543 ASSERT_EQ(RET_SUCCESS, res);
3544
3545 EXPECT_EQ(true, callbackPtr->ready_);
3546
3547 res = AccessTokenKit::DeleteToken(tokenID);
3548 ASSERT_EQ(RET_SUCCESS, res);
3549
3550 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
3551 ASSERT_EQ(RET_SUCCESS, res);
3552 }
3553
3554 /**
3555 * @tc.name: RegisterPermStateChangeCallback004
3556 * @tc.desc: RegisterPermStateChangeCallback with invalid tokenId
3557 * @tc.type: FUNC
3558 * @tc.require: issueI5NT1X
3559 */
3560 HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback004, TestSize.Level1)
3561 {
3562 PermStateChangeScope scopeInfo;
3563 scopeInfo.permList = {"ohos.permission.GET_BUNDLE_INFO", "ohos.permission.CAMERA"};
3564 scopeInfo.tokenIDs = {555555}; // 555555为模拟的tokenid
3565 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3566 callbackPtr->ready_ = false;
3567
3568 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3569 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
3570
3571 static PermissionStateFull infoManagerTestStateA = {
3572 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
3573 .isGeneral = true,
3574 .resDeviceID = {"local"},
3575 .grantStatus = {PERMISSION_GRANTED},
3576 .grantFlags = {1},
3577 };
3578 static PermissionStateFull infoManagerTestStateB = {
3579 .permissionName = "ohos.permission.CAMERA",
3580 .isGeneral = true,
3581 .resDeviceID = {"local"},
3582 .grantStatus = {PERMISSION_GRANTED},
3583 .grantFlags = {1}
3584 };
3585 static HapPolicyParams infoManagerTestPolicyPrams = {
3586 .apl = APL_NORMAL,
3587 .domain = "test.domain",
3588 .permList = {},
3589 .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
3590 };
3591
3592 AccessTokenIDEx tokenIdEx = {0};
3593 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
3594
3595 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
3596
3597 callbackPtr->ready_ = false;
3598 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
3599 ASSERT_EQ(PERMISSION_GRANTED, res);
3600 res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.CAMERA", 2);
3601 ASSERT_EQ(RET_SUCCESS, res);
3602 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
3603 ASSERT_EQ(PERMISSION_DENIED, res);
3604 EXPECT_EQ(false, callbackPtr->ready_);
3605
3606 callbackPtr->ready_ = false;
3607 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.GET_BUNDLE_INFO");
3608 ASSERT_EQ(PERMISSION_GRANTED, res);
3609 res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.GET_BUNDLE_INFO", 2);
3610 ASSERT_EQ(RET_SUCCESS, res);
3611
3612 EXPECT_EQ(false, callbackPtr->ready_);
3613
3614 res = AccessTokenKit::DeleteToken(tokenID);
3615 ASSERT_EQ(RET_SUCCESS, res);
3616 }
3617
3618 /**
3619 * @tc.name: RegisterPermStateChangeCallback005
3620 * @tc.desc: RegisterPermStateChangeCallback permList
3621 * @tc.type: FUNC
3622 * @tc.require: issueI5NT1X
3623 */
3624 HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback005, TestSize.Level1)
3625 {
3626 static PermissionStateFull infoManagerTestStateA = {
3627 .permissionName = "ohos.permission.CAMERA",
3628 .isGeneral = true,
3629 .resDeviceID = {"local"},
3630 .grantStatus = {PERMISSION_DENIED},
3631 .grantFlags = {1}
3632 };
3633 static PermissionStateFull infoManagerTestStateB = {
3634 .permissionName = "ohos.permission.GET_BUNDLE_INFO",
3635 .isGeneral = true,
3636 .resDeviceID = {"local"},
3637 .grantStatus = {PERMISSION_GRANTED},
3638 .grantFlags = {1}
3639 };
3640 static HapPolicyParams infoManagerTestPolicyPrams = {
3641 .apl = APL_NORMAL,
3642 .domain = "test.domain",
3643 .permList = {},
3644 .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
3645 };
3646
3647 AccessTokenIDEx tokenIdEx = {0};
3648 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
3649
3650 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
3651
3652 PermStateChangeScope scopeInfo;
3653 scopeInfo.permList = {"ohos.permission.GET_BUNDLE_INFO", "ohos.permission.CAMERA"};
3654 scopeInfo.tokenIDs = {tokenID, 0};
3655 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3656 callbackPtr->ready_ = false;
3657
3658 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3659
3660 callbackPtr->ready_ = false;
3661 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
3662 ASSERT_EQ(PERMISSION_DENIED, res);
3663 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
3664 ASSERT_EQ(RET_SUCCESS, res);
3665 EXPECT_EQ(true, callbackPtr->ready_);
3666
3667 callbackPtr->ready_ = false;
3668 res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.GET_BUNDLE_INFO");
3669 ASSERT_EQ(PERMISSION_GRANTED, res);
3670 res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.GET_BUNDLE_INFO", 2);
3671 ASSERT_EQ(RET_SUCCESS, res);
3672
3673 EXPECT_EQ(false, callbackPtr->ready_);
3674
3675 res = AccessTokenKit::DeleteToken(tokenID);
3676 ASSERT_EQ(RET_SUCCESS, res);
3677
3678 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
3679 ASSERT_EQ(RET_SUCCESS, res);
3680 }
3681
3682 /**
3683 * @tc.name: RegisterPermStateChangeCallback006
3684 * @tc.desc: RegisterPermStateChangeCallback with invaild permission
3685 * @tc.type: FUNC
3686 * @tc.require: issueI5NT1X
3687 */
3688 HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback006, TestSize.Level1)
3689 {
3690 PermStateChangeScope scopeInfo;
3691 scopeInfo.permList = {"ohos.permission.INVALID"};
3692 scopeInfo.tokenIDs = {};
3693 auto callbackPtr1 = std::make_shared<CbCustomizeTest>(scopeInfo);
3694 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr1);
3695 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
3696
3697 static PermissionStateFull infoManagerTestStateA = {
3698 .permissionName = "ohos.permission.CAMERA",
3699 .isGeneral = true,
3700 .resDeviceID = {"local"},
3701 .grantStatus = {PERMISSION_DENIED},
3702 .grantFlags = {1}
3703 };
3704 static HapPolicyParams infoManagerTestPolicyPrams = {
3705 .apl = APL_SYSTEM_BASIC,
3706 .domain = "test.domain",
3707 .permList = {},
3708 .permStateList = {infoManagerTestStateA}
3709 };
3710
3711 AccessTokenIDEx tokenIdEx = {0};
3712 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
3713
3714 scopeInfo.tokenIDs = {tokenIdEx.tokenIdExStruct.tokenID};
3715 scopeInfo.permList = {"ohos.permission.INVALID", "ohos.permission.CAMERA"};
3716 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3717 res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3718 ASSERT_EQ(RET_SUCCESS, res);
3719
3720 res = AccessTokenKit::GrantPermission(tokenIdEx.tokenIdExStruct.tokenID, "ohos.permission.CAMERA", 2);
3721 ASSERT_EQ(RET_SUCCESS, res);
3722 EXPECT_EQ(true, callbackPtr->ready_);
3723
3724 res = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
3725 ASSERT_EQ(RET_SUCCESS, res);
3726
3727 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
3728 ASSERT_EQ(RET_SUCCESS, res);
3729 }
3730
3731 /**
3732 * @tc.name: RegisterPermStateChangeCallback007
3733 * @tc.desc: RegisterPermStateChangeCallback with permList, whose size is 1024/1025
3734 * @tc.type: FUNC
3735 * @tc.require: issueI5NT1X
3736 */
3737 HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback007, TestSize.Level1)
3738 {
3739 PermStateChangeScope scopeInfo;
3740 scopeInfo.permList = {};
3741 scopeInfo.tokenIDs = {};
3742 for (int32_t i = 1; i <= 1025; i++) { // 1025 is a invalid size
3743 scopeInfo.permList.emplace_back("ohos.permission.GET_BUNDLE_INFO");
3744 if (i == 1025) { // 1025 is a invalid size
3745 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3746 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3747 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
3748 break;
3749 }
3750 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3751 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3752 ASSERT_EQ(RET_SUCCESS, res);
3753 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
3754 ASSERT_EQ(RET_SUCCESS, res);
3755 }
3756 }
3757
3758 /**
3759 * @tc.name: RegisterPermStateChangeCallback008
3760 * @tc.desc: RegisterPermStateChangeCallback with tokenList, whose size is 1024/1025
3761 * @tc.type: FUNC
3762 * @tc.require: issueI5NT1X
3763 */
3764 HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback008, TestSize.Level1)
3765 {
3766 PermStateChangeScope scopeInfo;
3767 scopeInfo.permList = {};
3768 scopeInfo.tokenIDs = {};
3769 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3770 callbackPtr->ready_ = false;
3771
3772 static HapPolicyParams infoManagerTestPolicyPrams = {
3773 .apl = APL_NORMAL,
3774 .domain = "test.domain",
3775 .permList = {},
3776 .permStateList = {}
3777 };
3778
3779 AccessTokenIDEx tokenIdEx = {0};
3780 tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
3781
3782 for (int32_t i = 1; i <= 1025; i++) { // 1025 is a invalid size
3783 scopeInfo.tokenIDs.emplace_back(tokenIdEx.tokenIdExStruct.tokenID);
3784 if (i == 1025) { // 1025 is a invalid size
3785 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3786 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3787 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
3788 break;
3789 }
3790 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3791 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3792 ASSERT_EQ(RET_SUCCESS, res);
3793 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
3794 ASSERT_EQ(RET_SUCCESS, res);
3795 }
3796
3797 int32_t res = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
3798 ASSERT_EQ(RET_SUCCESS, res);
3799 }
3800
3801 /**
3802 * @tc.name: RegisterPermStateChangeCallback009
3803 * @tc.desc: RegisterPermStateChangeCallback
3804 * @tc.type: FUNC
3805 * @tc.require: issueI5NT1X
3806 */
3807 HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback009, TestSize.Level1)
3808 {
3809 PermStateChangeScope scopeInfo;
3810 scopeInfo.permList = {};
3811 scopeInfo.tokenIDs = {};
3812 std::vector<std::shared_ptr<CbCustomizeTest>> callbackList;
3813
3814 for (int32_t i = 0; i < 200; i++) { // 200 is the max size
3815 if (i == 200) { // 200 is the max size
3816 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3817 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3818 ASSERT_EQ(AccessTokenError::ERR_EXCEEDED_MAXNUM_REGISTRATION_LIMIT, res);
3819 break;
3820 }
3821 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3822 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3823 ASSERT_EQ(RET_SUCCESS, res);
3824 callbackList.emplace_back(callbackPtr);
3825 }
3826 for (int32_t i = 0; i < 200; i++) { // release 200 callback
3827 auto callbackPtr = callbackList[i];
3828 int32_t res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
3829 ASSERT_EQ(RET_SUCCESS, res);
3830 }
3831 callbackList.clear();
3832 }
3833
3834 /**
3835 * @tc.name: RegisterPermStateChangeCallback010
3836 * @tc.desc: RegisterPermStateChangeCallback with nullptr
3837 * @tc.type: FUNC
3838 * @tc.require: issueI5NT1X
3839 */
3840 HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback010, TestSize.Level1)
3841 {
3842 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(nullptr);
3843 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
3844 }
3845
3846 /**
3847 * @tc.name: UnRegisterPermStateChangeCallback001
3848 * @tc.desc: UnRegisterPermStateChangeCallback with invalid input.
3849 * @tc.type: FUNC
3850 * @tc.require: issueI5NT1X
3851 */
3852 HWTEST_F(AccessTokenKitTest, UnRegisterPermStateChangeCallback001, TestSize.Level1)
3853 {
3854 PermStateChangeScope scopeInfo;
3855 scopeInfo.permList = {};
3856 scopeInfo.tokenIDs = {};
3857 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3858 callbackPtr->ready_ = false;
3859
3860 int32_t res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
3861 ASSERT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res);
3862 }
3863
3864 /**
3865 * @tc.name: UnRegisterPermStateChangeCallback002
3866 * @tc.desc: UnRegisterPermStateChangeCallback repeatedly.
3867 * @tc.type: FUNC
3868 * @tc.require: issueI5NT1X
3869 */
3870 HWTEST_F(AccessTokenKitTest, UnRegisterPermStateChangeCallback002, TestSize.Level1)
3871 {
3872 PermStateChangeScope scopeInfo;
3873 scopeInfo.permList = {};
3874 scopeInfo.tokenIDs = {};
3875 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3876 callbackPtr->ready_ = false;
3877
3878 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3879 ASSERT_EQ(RET_SUCCESS, res);
3880 res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3881 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res);
3882 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
3883 ASSERT_EQ(RET_SUCCESS, res);
3884 res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
3885 ASSERT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res);
3886 }
3887
3888 /**
3889 * @tc.name: GetVersion001
3890 * @tc.desc: GetVersion001 test.
3891 * @tc.type: FUNC
3892 * @tc.require: issueI5NT1X
3893 */
3894 HWTEST_F(AccessTokenKitTest, GetVersion001, TestSize.Level1)
3895 {
3896 int32_t res = AccessTokenKit::GetVersion();
3897 ASSERT_EQ(DEFAULT_TOKEN_VERSION, res);
3898 }
3899
3900 /**
3901 * @tc.name: PermStateChangeCallback001
3902 * @tc.desc: PermissionStateChangeCallback::PermStateChangeCallback function test.
3903 * @tc.type: FUNC
3904 * @tc.require: issueI61NS6
3905 */
3906 HWTEST_F(AccessTokenKitTest, PermStateChangeCallback001, TestSize.Level1)
3907 {
3908 PermStateChangeInfo result = {
3909 .PermStateChangeType = 0,
3910 .tokenID = 123,
3911 .permissionName = "ohos.permission.CAMERA"
3912 };
3913
3914 std::shared_ptr<CbCustomizeTest> callbackPtr = nullptr;
3915 std::shared_ptr<PermissionStateChangeCallback> callback = std::make_shared<PermissionStateChangeCallback>(
3916 callbackPtr);
3917 callback->PermStateChangeCallback(result);
3918 }
3919
3920 class TestCallBack : public PermissionStateChangeCallbackStub {
3921 public:
3922 TestCallBack() = default;
3923 virtual ~TestCallBack() = default;
3924
PermStateChangeCallback(PermStateChangeInfo & result)3925 void PermStateChangeCallback(PermStateChangeInfo& result)
3926 {
3927 GTEST_LOG_(INFO) << "PermStateChangeCallback, tokenID is " << result.tokenID;
3928 }
3929 };
3930
3931 /**
3932 * @tc.name: OnRemoteRequest001
3933 * @tc.desc: StateChangeCallbackStub::OnRemoteRequest function test
3934 * @tc.type: FUNC
3935 * @tc.require: issueI61A6M
3936 */
3937 HWTEST_F(AccessTokenKitTest, OnRemoteRequest001, TestSize.Level1)
3938 {
3939 PermStateChangeInfo info = {
3940 .PermStateChangeType = 0,
3941 .tokenID = 123,
3942 .permissionName = "ohos.permission.CAMERA"
3943 };
3944
3945 TestCallBack callback;
3946 PermissionStateChangeInfoParcel infoParcel;
3947 infoParcel.changeInfo = info;
3948
3949 OHOS::MessageParcel data;
3950 std::string descriptor = "I don't know";
3951 data.WriteInterfaceToken(OHOS::Str8ToStr16(descriptor));
3952 ASSERT_EQ(true, data.WriteParcelable(&infoParcel));
3953
3954 OHOS::MessageParcel reply;
3955 OHOS::MessageOption option(OHOS::MessageOption::TF_SYNC);
3956 ASSERT_NE(0, callback.OnRemoteRequest(static_cast<uint32_t>(IPermissionStateCallback::PERMISSION_STATE_CHANGE),
3957 data, reply, option)); // descriptor false
3958
3959 ASSERT_EQ(true, data.WriteInterfaceToken(IPermissionStateCallback::GetDescriptor()));
3960 ASSERT_EQ(true, data.WriteParcelable(&infoParcel));
3961 uint32_t code = 10;
3962 ASSERT_NE(0, callback.OnRemoteRequest(code, data, reply, option)); // descriptor true + msgCode false
3963 }
3964
3965 /**
3966 * @tc.name: CreatePermStateChangeCallback001
3967 * @tc.desc: AccessTokenManagerClient::CreatePermStateChangeCallback function test
3968 * @tc.type: FUNC
3969 * @tc.require: issueI61A6M
3970 */
3971 HWTEST_F(AccessTokenKitTest, CreatePermStateChangeCallback001, TestSize.Level1)
3972 {
3973 std::vector<std::shared_ptr<CbCustomizeTest>> callbackList;
3974
3975 uint32_t times = 201;
3976 for (uint32_t i = 0; i < times; i++) {
3977 PermStateChangeScope scopeInfo;
3978 scopeInfo.permList = {};
3979 scopeInfo.tokenIDs = {};
3980 auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
3981 callbackList.emplace_back(callbackPtr);
3982 int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
3983
3984 if (i == 200) {
3985 EXPECT_EQ(AccessTokenError::ERR_EXCEEDED_MAXNUM_REGISTRATION_LIMIT, res);
3986 break;
3987 }
3988 }
3989
3990 for (uint32_t i = 0; i < 200; i++) {
3991 ASSERT_EQ(0, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackList[i]));
3992 }
3993
3994 std::shared_ptr<PermStateChangeCallbackCustomize> customizedCb = nullptr;
3995 AccessTokenKit::RegisterPermStateChangeCallback(customizedCb); // customizedCb is null
3996 }
3997
3998 /**
3999 * @tc.name: InitProxy001
4000 * @tc.desc: AccessTokenManagerClient::InitProxy function test
4001 * @tc.type: FUNC
4002 * @tc.require: issueI61A6M
4003 */
4004 HWTEST_F(AccessTokenKitTest, InitProxy001, TestSize.Level1)
4005 {
4006 ASSERT_NE(nullptr, AccessTokenManagerClient::GetInstance().proxy_);
4007 OHOS::sptr<IAccessTokenManager> proxy = AccessTokenManagerClient::GetInstance().proxy_; // backup
4008 AccessTokenManagerClient::GetInstance().proxy_ = nullptr;
4009 ASSERT_EQ(nullptr, AccessTokenManagerClient::GetInstance().proxy_);
4010 AccessTokenManagerClient::GetInstance().InitProxy(); // proxy_ is null
4011 AccessTokenManagerClient::GetInstance().proxy_ = proxy; // recovery
4012 }
4013
4014 /**
4015 * @tc.name: AllocHapToken020
4016 * @tc.desc: AccessTokenKit::AllocHapToken function test
4017 * @tc.type: FUNC
4018 * @tc.require: issueI61A6M
4019 */
4020 HWTEST_F(AccessTokenKitTest, AllocHapToken020, TestSize.Level1)
4021 {
4022 HapInfoParams info;
4023 HapPolicyParams policy;
4024 info.userID = -1;
4025 AccessTokenKit::AllocHapToken(info, policy);
4026 ASSERT_EQ(-1, info.userID);
4027 }
4028
4029 /**
4030 * @tc.name: UpdateHapToken011
4031 * @tc.desc: AccessTokenKit::UpdateHapToken function test
4032 * @tc.type: FUNC
4033 * @tc.require: issueI61A6M
4034 */
4035 HWTEST_F(AccessTokenKitTest, UpdateHapToken011, TestSize.Level1)
4036 {
4037 AccessTokenID tokenID = 0;
4038 std::string appIDDesc;
4039 int32_t apiVersion = 0;
4040 HapPolicyParams policy;
4041 ASSERT_EQ(RET_FAILED, AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, apiVersion, policy));
4042 }
4043
4044 /**
4045 * @tc.name: VerifyAccessToken005
4046 * @tc.desc: AccessTokenKit::VerifyAccessToken function test
4047 * @tc.type: FUNC
4048 * @tc.require: issueI61A6M
4049 */
4050 HWTEST_F(AccessTokenKitTest, VerifyAccessToken005, TestSize.Level1)
4051 {
4052 AccessTokenID callerTokenID = AccessTokenKit::GetHapTokenID(100, "com.ohos.photos", 0); // tokenId for photo app
4053 ASSERT_NE(INVALID_TOKENID, callerTokenID);
4054 AccessTokenID firstTokenID;
4055 std::string permissionName;
4056
4057 // ret = PERMISSION_GRANTED + firstTokenID = 0
4058 permissionName = "ohos.permission.READ_MEDIA";
4059 firstTokenID = 0;
4060 ASSERT_EQ(PermissionState::PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(
4061 callerTokenID, firstTokenID, permissionName));
4062
4063 firstTokenID = 1;
4064 // ret = PERMISSION_GRANTED + firstTokenID != 0
4065 ASSERT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(
4066 callerTokenID, firstTokenID, permissionName));
4067
4068 callerTokenID = 0;
4069 // ret = PERMISSION_GRANTED
4070 ASSERT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(
4071 callerTokenID, firstTokenID, permissionName));
4072 }
4073 } // namespace AccessToken
4074 } // namespace Security
4075 } // namespace OHOS
4076