1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "nativetoken_kit_test.h"
17 #include <fcntl.h>
18 #include <poll.h>
19 #include <pthread.h>
20 #include "securec.h"
21 #include "nativetoken.h"
22 #include "nativetoken_json_oper.h"
23 #include "nativetoken_kit.h"
24
25 using namespace testing::ext;
26 using namespace OHOS::Security;
27
28 extern NativeTokenList *g_tokenListHead;
29 extern int32_t g_isNativeTokenInited;
30 extern int32_t GetFileBuff(const char *cfg, char **retBuff);
31
SetUpTestCase()32 void TokenLibKitTest::SetUpTestCase()
33 {}
34
TearDownTestCase()35 void TokenLibKitTest::TearDownTestCase()
36 {}
37
SetUp()38 void TokenLibKitTest::SetUp()
39 {
40 g_isNativeTokenInited = 0;
41 }
42
TearDown()43 void TokenLibKitTest::TearDown()
44 {
45 while (g_tokenListHead->next != nullptr) {
46 NativeTokenList *tmp = g_tokenListHead->next;
47 g_tokenListHead->next = tmp->next;
48 free(tmp);
49 tmp = nullptr;
50 }
51 }
52
WriteContentToFile(const cJSON * root)53 static void WriteContentToFile(const cJSON *root)
54 {
55 char *jsonString = nullptr;
56 jsonString = cJSON_PrintUnformatted(root);
57 if (jsonString == nullptr) {
58 return;
59 }
60
61 do {
62 int32_t fd = open(TOKEN_ID_CFG_FILE_PATH, O_RDWR | O_CREAT | O_TRUNC,
63 S_IRUSR | S_IWUSR | S_IRGRP);
64 if (fd < 0) {
65 break;
66 }
67 size_t strLen = strlen(jsonString);
68 ssize_t writtenLen = write(fd, static_cast<void *>(jsonString), strLen);
69 close(fd);
70 if (writtenLen < 0 || static_cast<size_t>(writtenLen) != strLen) {
71 break;
72 }
73 } while (0);
74
75 cJSON_free(jsonString);
76 return;
77 }
78
DeleteGoalItemFromRecord(const char * processName,cJSON * record)79 static void DeleteGoalItemFromRecord(const char *processName, cJSON *record)
80 {
81 cJSON *rec = nullptr;
82 int32_t index = -1;
83 bool isFound = false;
84 cJSON_ArrayForEach(rec, record) {
85 index++;
86 cJSON *innerProcessName = cJSON_GetObjectItemCaseSensitive(rec, PROCESS_KEY_NAME);
87 if ((cJSON_IsString(innerProcessName)) && (innerProcessName->valuestring != nullptr)) {
88 if (strcmp(innerProcessName->valuestring, processName) == 0) {
89 isFound = true;
90 break;
91 }
92 }
93 }
94 if (isFound) {
95 cJSON_DeleteItemFromArray(record, index);
96 }
97 }
98
DeleteNodeInFile(const char * processName)99 static int32_t DeleteNodeInFile(const char *processName)
100 {
101 cJSON *record = nullptr;
102 char *fileBuff = nullptr;
103
104 if (GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff) != ATRET_SUCCESS) {
105 return ATRET_FAILED;
106 }
107
108 if (fileBuff == nullptr) {
109 record = cJSON_CreateArray();
110 } else {
111 record = cJSON_Parse(fileBuff);
112 free(fileBuff);
113 fileBuff = nullptr;
114 }
115
116 if (record == nullptr) {
117 return ATRET_FAILED;
118 }
119
120 DeleteGoalItemFromRecord(processName, record);
121 WriteContentToFile(record);
122 cJSON_Delete(record);
123
124 return ATRET_SUCCESS;
125 }
126
DeleteAccessTokenId(const char * processName)127 static int32_t DeleteAccessTokenId(const char *processName)
128 {
129 int32_t result = 0;
130
131 if ((g_isNativeTokenInited == 0) && (AtlibInit() != ATRET_SUCCESS)) {
132 return INVALID_TOKEN_ID;
133 }
134 NativeTokenList *tokenNode = g_tokenListHead;
135 while (tokenNode->next != nullptr) {
136 if (strcmp(tokenNode->next->processName, processName) == 0) {
137 result = DeleteNodeInFile(processName);
138 NativeTokenList *tokenNodeA = tokenNode->next;
139 tokenNode->next = tokenNode->next->next;
140 free(tokenNodeA);
141 break;
142 }
143 tokenNode = tokenNode->next;
144 }
145 return result;
146 }
147
Start(const char * processName)148 int32_t Start(const char *processName)
149 {
150 const char **dcaps = new (std::nothrow) const char *[2];
151 if (dcaps == nullptr) {
152 return 0;
153 }
154 dcaps[0] = "AT_CAP";
155 dcaps[1] = "ST_CAP";
156 uint64_t tokenId;
157 const char **perms = new (std::nothrow) const char *[2];
158 if (perms == nullptr) {
159 return 0;
160 }
161 perms[0] = "ohos.permission.test1";
162 perms[1] = "ohos.permission.test2";
163 const char **acls = new (std::nothrow) const char *[1];
164 if (acls == nullptr) {
165 return 0;
166 }
167 acls[0] = "ohos.permission.test1";
168 NativeTokenInfoParams infoInstance = {
169 .dcapsNum = 2,
170 .permsNum = 2,
171 .aclsNum = 1,
172 .dcaps = dcaps,
173 .perms = perms,
174 .acls = acls,
175 .processName = processName,
176 .aplStr = "system_core",
177 };
178 tokenId = GetAccessTokenId(&infoInstance);
179 delete[] dcaps;
180 delete[] perms;
181 delete[] acls;
182 return tokenId;
183 }
184
185 /**
186 * @tc.name: GetAccessTokenId001
187 * @tc.desc: cannot getAccessTokenId with invalid processName.
188 * @tc.type: FUNC
189 * @tc.require:AR000GK6TD
190 */
191 HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1)
192 {
193 const char **dcaps = new (std::nothrow) const char *[2];
194 ASSERT_NE(dcaps, nullptr);
195 dcaps[0] = "AT_CAP";
196 dcaps[1] = "ST_CAP";
197 int32_t dcapNum = 2;
198 uint64_t tokenId;
199 const char **perms = new (std::nothrow) const char *[2];
200 ASSERT_NE(perms, nullptr);
201 perms[0] = "ohos.permission.test1";
202 perms[1] = "ohos.permission.test2";
203 NativeTokenInfoParams infoInstance = {
204 .dcapsNum = dcapNum,
205 .permsNum = 2,
206 .aclsNum = 0,
207 .dcaps = dcaps,
208 .perms = perms,
209 .acls = nullptr,
210 .aplStr = "system_core",
211 };
212 infoInstance.processName = "";
213 tokenId = GetAccessTokenId(&infoInstance);
214 ASSERT_EQ(tokenId, 0);
215 infoInstance.processName = nullptr;
216 tokenId = GetAccessTokenId(&infoInstance);
217 ASSERT_EQ(tokenId, 0);
218
219 /* 257 is invalid processName length */
220 const std::string invalidProcName (257, 'x');
221 infoInstance.processName = invalidProcName.c_str();
222 tokenId = GetAccessTokenId(&infoInstance);
223 ASSERT_EQ(tokenId, 0);
224
225 /* 255 is valid processName length */
226 const std::string validProcName01 (255, 'x');
227 infoInstance.processName = validProcName01.c_str();
228 tokenId = GetAccessTokenId(&infoInstance);
229 ASSERT_NE(tokenId, 0);
230 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
231
232 /* 256 is valid processName length */
233 const std::string validProcName02 (256, 'x');
234 infoInstance.processName = validProcName02.c_str();
235 tokenId = GetAccessTokenId(&infoInstance);
236 ASSERT_NE(tokenId, 0);
237 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
238 delete[] dcaps;
239 delete[] perms;
240 }
241
242 /**
243 * @tc.name: GetAccessTokenId002
244 * @tc.desc: cannot getAccessTokenId with invalid dcapNum.
245 * @tc.type: FUNC
246 * @tc.require:AR000GK6TD
247 */
248 HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1)
249 {
250 const char **dcaps = new (std::nothrow) const char *[32];
251 ASSERT_NE(dcaps, nullptr);
252 dcaps[0] = "AT_CAP";
253 dcaps[1] = "ST_CAP";
254 int32_t dcapNum = -1;
255 uint64_t tokenId;
256 NativeTokenInfoParams infoInstance = {
257 .permsNum = 0,
258 .aclsNum = 0,
259 .dcaps = dcaps,
260 .perms = nullptr,
261 .aplStr = "system_core",
262 };
263 infoInstance.dcapsNum = dcapNum;
264 infoInstance.processName = "GetAccessTokenId002";
265 tokenId = GetAccessTokenId(&infoInstance);
266 ASSERT_EQ(tokenId, 0);
267
268 /* 33 is invalid dcapNum */
269 dcapNum = 33;
270 infoInstance.dcapsNum = dcapNum;
271 infoInstance.processName = "GetAccessTokenId002_00";
272 tokenId = GetAccessTokenId(&infoInstance);
273 ASSERT_EQ(tokenId, 0);
274
275 for (int32_t i = 0; i < 32; i++) {
276 dcaps[i] = "AT_CAP";
277 }
278 /* 32 is valid dcapNum */
279 dcapNum = 32;
280 infoInstance.dcapsNum = dcapNum;
281 infoInstance.processName = "GetAccessTokenId002_01";
282 tokenId = GetAccessTokenId(&infoInstance);
283 ASSERT_NE(tokenId, 0);
284 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
285
286 /* 31 is valid dcapNum */
287 dcapNum = 31;
288 infoInstance.dcapsNum = dcapNum;
289 infoInstance.processName = "GetAccessTokenId002_02";
290 tokenId = GetAccessTokenId(&infoInstance);
291 ASSERT_NE(tokenId, 0);
292 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
293
294 delete[] dcaps;
295 }
296
297 /**
298 * @tc.name: GetAccessTokenId003
299 * @tc.desc: cannot getAccessTokenId with invalid dcaps.
300 * @tc.type: FUNC
301 * @tc.require:AR000GK6TD
302 */
303 HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1)
304 {
305 const char **dcaps = new (std::nothrow) const char *[2];
306 ASSERT_NE(dcaps, nullptr);
307 dcaps[0] = "AT_CAP";
308 dcaps[1] = "ST_CAP";
309 int32_t dcapNum = 2;
310 uint64_t tokenId;
311 NativeTokenInfoParams infoInstance = {
312 .permsNum = 0,
313 .aclsNum = 0,
314 .dcaps = dcaps,
315 .perms = nullptr,
316 .aplStr = "system_core",
317 };
318 infoInstance.dcapsNum = dcapNum;
319 infoInstance.dcaps = nullptr;
320 infoInstance.processName = "GetAccessTokenId003";
321 tokenId = GetAccessTokenId(&infoInstance);
322 ASSERT_EQ(tokenId, 0);
323
324 dcapNum = 0;
325 infoInstance.dcapsNum = dcapNum;
326 infoInstance.dcaps = nullptr;
327 infoInstance.processName = "GetAccessTokenId003_01";
328 tokenId = GetAccessTokenId(&infoInstance);
329 ASSERT_NE(tokenId, 0);
330 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
331
332 dcapNum = 2;
333 /* 1025 is invalid dcap length */
334 const std::string invalidDcap (1025, 'x');
335 dcaps[0] = invalidDcap.c_str();
336 infoInstance.dcapsNum = dcapNum;
337 infoInstance.dcaps = dcaps;
338 infoInstance.processName = "GetAccessTokenId003_02";
339 tokenId = GetAccessTokenId(&infoInstance);
340 ASSERT_EQ(tokenId, 0);
341
342 /* 1024 is valid dcap length */
343 const std::string validDcap01 (1024, 'x');
344 dcaps[0] = validDcap01.c_str();
345 infoInstance.dcapsNum = dcapNum;
346 infoInstance.dcaps = dcaps;
347 infoInstance.processName = "GetAccessTokenId003_03";
348 tokenId = GetAccessTokenId(&infoInstance);
349 ASSERT_NE(tokenId, 0);
350 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
351
352 /* 1023 is valid dcap length */
353 const std::string validDcap02 (1023, 'x');
354 dcaps[0] = validDcap02.c_str();
355 infoInstance.dcapsNum = dcapNum;
356 infoInstance.dcaps = dcaps;
357 infoInstance.processName = "GetAccessTokenId003_04";
358 tokenId = GetAccessTokenId(&infoInstance);
359 ASSERT_NE(tokenId, 0);
360 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
361
362 delete[] dcaps;
363 }
364
365 /**
366 * @tc.name: GetAccessTokenId004
367 * @tc.desc: cannot getAccessTokenId with invalid APL.
368 * @tc.type: FUNC
369 * @tc.require:AR000GK6TD
370 */
371 HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1)
372 {
373 const char **dcaps = new (std::nothrow) const char *[2];
374 ASSERT_NE(dcaps, nullptr);
375 dcaps[0] = "AT_CAP";
376 dcaps[1] = "ST_CAP";
377 int32_t dcapNum = 2;
378 uint64_t tokenId;
379 NativeTokenInfoParams infoInstance = {
380 .dcapsNum = dcapNum,
381 .permsNum = 0,
382 .aclsNum = 0,
383 .dcaps = dcaps,
384 .perms = nullptr,
385 .processName = "GetAccessTokenId003",
386 };
387
388 infoInstance.aplStr = nullptr,
389 tokenId = GetAccessTokenId(&infoInstance);
390 ASSERT_EQ(tokenId, 0);
391
392 infoInstance.aplStr = "system_invalid",
393 tokenId = GetAccessTokenId(&infoInstance);
394 ASSERT_EQ(tokenId, 0);
395
396 delete[] dcaps;
397 }
398
399 /**
400 * @tc.name: GetAccessTokenId005
401 * @tc.desc: Get AccessTokenId successfully.
402 * @tc.type: FUNC
403 * @tc.require:AR000GK6TD
404 */
405 HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1)
406 {
407 uint64_t tokenId01 = Start("GetAccessTokenId005");
408 ASSERT_NE(tokenId01, 0);
409 uint64_t tokenId02 = Start("GetAccessTokenId005");
410 ASSERT_NE(tokenId02, 0);
411
412 ASSERT_EQ(tokenId01, tokenId02);
413 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId005"), 0);
414 }
415
416 /**
417 * @tc.name: GetAccessTokenId006
418 * @tc.desc: Get AccessTokenId with new processName and check g_tokenListHead.
419 * @tc.type: FUNC
420 * @tc.require:AR000GK6TD
421 */
422 HWTEST_F(TokenLibKitTest, GetAccessTokenId006, TestSize.Level1)
423 {
424 uint64_t tokenID;
425 tokenID = Start("GetAccessTokenId006");
426 ASSERT_NE(tokenID, 0);
427
428 char *fileBuff = nullptr;
429 int32_t ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff);
430 ASSERT_EQ(ret, ATRET_SUCCESS);
431 string s = "GetAccessTokenId006";
432 char *pos = strstr(fileBuff, s.c_str());
433 ASSERT_NE(pos, nullptr);
434 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId006"), 0);
435 }
436
437 /**
438 * @tc.name: GetAccessTokenId007
439 * @tc.desc: cannot getAccessTokenId with invalid dcapNum.
440 * @tc.type: FUNC
441 * @tc.require:AR000GK6TD
442 */
443 HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1)
444 {
445 const char **perms = new (std::nothrow) const char *[MAX_PERM_NUM];
446 ASSERT_NE(perms, nullptr);
447 perms[0] = "ohos.permission.test1";
448 perms[1] = "ohos.permission.test2";
449 int32_t permsNum = -1;
450 uint64_t tokenId;
451 NativeTokenInfoParams infoInstance = {
452 .dcapsNum = 0,
453 .aclsNum = 0,
454 .dcaps = nullptr,
455 .perms = perms,
456 .aplStr = "system_core",
457 };
458
459 infoInstance.permsNum = permsNum;
460 infoInstance.processName = "GetAccessTokenId007";
461 tokenId = GetAccessTokenId(&infoInstance);
462 ASSERT_EQ(tokenId, 0);
463
464 permsNum = MAX_PERM_NUM + 1;
465 infoInstance.permsNum = permsNum;
466 infoInstance.processName = "GetAccessTokenId007_00";
467 tokenId = GetAccessTokenId(&infoInstance);
468 ASSERT_EQ(tokenId, 0);
469
470 for (int32_t i = 0; i < MAX_PERM_NUM; i++) {
471 perms[i] = "ohos.permission.test";
472 }
473
474 permsNum = MAX_PERM_NUM;
475 infoInstance.permsNum = permsNum;
476 infoInstance.processName = "GetAccessTokenId007_01";
477 tokenId = GetAccessTokenId(&infoInstance);
478 ASSERT_NE(tokenId, 0);
479 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId007_01"), 0);
480
481 permsNum = MAX_PERM_NUM - 1;
482 infoInstance.permsNum = permsNum;
483 infoInstance.processName = "GetAccessTokenId007_02";
484 tokenId = GetAccessTokenId(&infoInstance);
485 ASSERT_NE(tokenId, 0);
486 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId007_02"), 0);
487
488 delete[] perms;
489 }
490
491 /**
492 * @tc.name: GetAccessTokenId008
493 * @tc.desc: Get AccessTokenId with new processName.
494 * @tc.type: FUNC
495 * @tc.require:AR000GK6TD
496 */
497 HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1)
498 {
499 const char **dcaps = new (std::nothrow) const char *[2];
500 ASSERT_NE(dcaps, nullptr);
501 dcaps[0] = "AT_CAP";
502 dcaps[1] = "ST_CAP";
503 uint64_t tokenId;
504 const char **acls = new (std::nothrow) const char *[2];
505 ASSERT_NE(acls, nullptr);
506 acls[0] = "ohos.permission.test1";
507 acls[1] = "ohos.permission.test2";
508 const char **perms = new (std::nothrow) const char *[2];
509 ASSERT_NE(perms, nullptr);
510 perms[0] = "ohos.permission.test1";
511 perms[1] = "ohos.permission.test2";
512 NativeTokenInfoParams infoInstance = {
513 .dcapsNum = 2,
514 .permsNum = 2,
515 .aclsNum = 2,
516 .dcaps = dcaps,
517 .perms = perms,
518 .acls = acls,
519 .processName = "GetAccessTokenId008",
520 .aplStr = "system_core",
521 };
522 tokenId = GetAccessTokenId(&infoInstance);
523 ASSERT_NE(tokenId, 0);
524 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId008"), 0);
525
526 delete[] perms;
527 delete[] dcaps;
528 delete[] acls;
529 }
530
531 /**
532 * @tc.name: GetAccessTokenId009
533 * @tc.desc: cannot getAccessTokenId with invalid perms.
534 * @tc.type: FUNC
535 * @tc.require:AR000GK6TD
536 */
537 HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1)
538 {
539 const char **perms = new (std::nothrow) const char *[2];
540 ASSERT_NE(perms, nullptr);
541 perms[0] = "AT_CAP";
542 perms[1] = "ST_CAP";
543 int32_t permsNum = 2;
544 uint64_t tokenId;
545 NativeTokenInfoParams infoInstance = {
546 .dcapsNum = 0,
547 .dcaps = nullptr,
548 .aplStr = "system_core",
549 };
550
551 infoInstance.permsNum = permsNum;
552 infoInstance.perms = nullptr;
553 infoInstance.processName = "GetAccessTokenId009";
554 tokenId = GetAccessTokenId(&infoInstance);
555 ASSERT_EQ(tokenId, 0);
556
557 permsNum = 0;
558 infoInstance.permsNum = permsNum;
559 infoInstance.perms = nullptr;
560 infoInstance.processName = "GetAccessTokenId009_01";
561 tokenId = GetAccessTokenId(&infoInstance);
562 ASSERT_NE(tokenId, 0);
563 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId009_01"), 0);
564
565 permsNum = 2;
566 /* 1025 is invalid dcap length */
567 const std::string invalidDcap (MAX_PERM_LEN + 1, 'x');
568 perms[0] = invalidDcap.c_str();
569 infoInstance.permsNum = permsNum;
570 infoInstance.perms = perms;
571 infoInstance.processName = "GetAccessTokenId009_02";
572 tokenId = GetAccessTokenId(&infoInstance);
573 ASSERT_EQ(tokenId, 0);
574
575 const std::string validDcap01 (MAX_PERM_LEN, 'x');
576 perms[0] = validDcap01.c_str();
577 infoInstance.permsNum = permsNum;
578 infoInstance.perms = perms;
579 infoInstance.processName = "GetAccessTokenId009_03";
580 tokenId = GetAccessTokenId(&infoInstance);
581 ASSERT_NE(tokenId, 0);
582 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId009_03"), 0);
583
584 const std::string validDcap02 (MAX_PERM_LEN - 1, 'x');
585 perms[0] = validDcap02.c_str();
586 infoInstance.permsNum = permsNum;
587 infoInstance.perms = perms;
588 infoInstance.processName = "GetAccessTokenId009_04";
589 tokenId = GetAccessTokenId(&infoInstance);
590 ASSERT_NE(tokenId, 0);
591 ASSERT_EQ(DeleteAccessTokenId("GetAccessTokenId009_04"), 0);
592
593 delete[] perms;
594 }
595
596 /**
597 * @tc.name: GetAccessTokenId010
598 * @tc.desc: Get a batch of AccessTokenId.
599 * @tc.type: FUNC
600 * @tc.require:AR000GK6TD
601 */
602 HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1)
603 {
604 char processName[200][MAX_PROCESS_NAME_LEN];
605 /* enable 200 process before fondation is prepared */
606 for (int32_t i = 0; i < 200; i++) {
607 processName[i][0] = '\0';
608 int32_t ret = sprintf_s(processName[i], MAX_PROCESS_NAME_LEN, "processName_%d", i);
609 ASSERT_NE(ret, 0);
610 uint64_t tokenId = Start(processName[i]);
611 ASSERT_NE(tokenId, 0);
612 }
613 char *fileBuff = nullptr;
614 int32_t ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff);
615 ASSERT_EQ(ret, 0);
616 for (int32_t i = 0; i < 200; i++) {
617 char *pos = strstr(fileBuff, processName[i]);
618 ASSERT_NE(pos, nullptr);
619 }
620 free(fileBuff);
621 for (int32_t i = 0; i < 200; i++) {
622 ASSERT_EQ(DeleteAccessTokenId(processName[i]), 0);
623 }
624 }
625
626 /**
627 * @tc.name: GetAccessTokenId011
628 * @tc.desc: Get AccessTokenId and check the config file.
629 * @tc.type: FUNC
630 * @tc.require:AR000GK6TD
631 */
632 HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1)
633 {
634 Start("process1");
635 Start("process2");
636
637 char *fileBuff = nullptr;
638 int32_t ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff);
639 ASSERT_EQ(ret, 0);
640 char *pos = strstr(fileBuff, "process1");
641 ASSERT_NE(pos, nullptr);
642 pos = strstr(fileBuff, "process2");
643 ASSERT_NE(pos, nullptr);
644 free(fileBuff);
645
646 DeleteAccessTokenId("process1");
647 DeleteAccessTokenId("process2");
648 fileBuff = nullptr;
649 ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff);
650 ASSERT_EQ(ret, 0);
651 pos = strstr(fileBuff, "process1");
652 ASSERT_EQ(pos, nullptr);
653 pos = strstr(fileBuff, "process2");
654 ASSERT_EQ(pos, nullptr);
655 free(fileBuff);
656 }
657
658 /**
659 * @tc.name: GetAccessTokenId012
660 * @tc.desc: Get AccessTokenId with valid acls.
661 * @tc.type: FUNC
662 * @tc.require:AR000H09K6
663 */
664 HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1)
665 {
666 const char **dcaps = new (std::nothrow) const char *[2];
667 ASSERT_NE(dcaps, nullptr);
668 dcaps[0] = "AT_CAP";
669 dcaps[1] = "ST_CAP";
670 uint64_t tokenId;
671 const char **acls = new (std::nothrow) const char *[2];
672 ASSERT_NE(acls, nullptr);
673 acls[0] = "ohos.permission.test1";
674 acls[1] = "ohos.permission.test2";
675
676 NativeTokenInfoParams infoInstance = {
677 .dcapsNum = 2,
678 .permsNum = 0,
679 .aclsNum = 2,
680 .dcaps = dcaps,
681 .perms = nullptr,
682 .acls = acls,
683 .processName = "GetAccessTokenId008",
684 .aplStr = "system_core",
685 };
686 tokenId = GetAccessTokenId(&infoInstance);
687 ASSERT_EQ(tokenId, 0);
688
689 infoInstance.acls = nullptr;
690 infoInstance.aclsNum = 0;
691
692 delete[] dcaps;
693 delete[] acls;
694 }
695
696 /**
697 * @tc.name: GetAccessTokenId013
698 * @tc.desc: cannot getAccessTokenId with invalid acls.
699 * @tc.type: FUNC
700 * @tc.require:AR000H09K6
701 */
702 HWTEST_F(TokenLibKitTest, GetAccessTokenId013, TestSize.Level1)
703 {
704 const char **acls = new (std::nothrow) const char *[2];
705 ASSERT_NE(acls, nullptr);
706 acls[0] = "AT_CAP";
707 acls[1] = "ST_CAP";
708 int32_t aclsNum = 2;
709 uint64_t tokenId;
710 NativeTokenInfoParams infoInstance = {
711 .dcapsNum = 0,
712 .permsNum = 2,
713 .dcaps = nullptr,
714 .perms = acls,
715 .aplStr = "system_core",
716 };
717
718 infoInstance.aclsNum = aclsNum;
719 infoInstance.acls = nullptr;
720 infoInstance.processName = "GetAccessTokenId013";
721 tokenId = GetAccessTokenId(&infoInstance);
722 ASSERT_EQ(tokenId, 0);
723
724 aclsNum = 0;
725 infoInstance.aclsNum = aclsNum;
726 infoInstance.acls = nullptr;
727 infoInstance.processName = "GetAccessTokenId013_01";
728 tokenId = GetAccessTokenId(&infoInstance);
729 ASSERT_NE(tokenId, 0);
730 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
731
732 aclsNum = 1;
733 const std::string invalidAcl (MAX_PERM_LEN + 1, 'x');
734 acls[0] = invalidAcl.c_str();
735 infoInstance.aclsNum = aclsNum;
736 infoInstance.acls = acls;
737 infoInstance.processName = "GetAccessTokenId013_02";
738 tokenId = GetAccessTokenId(&infoInstance);
739 ASSERT_EQ(tokenId, 0);
740
741 const std::string validcAcl01 (MAX_PERM_LEN, 'x');
742 acls[0] = validcAcl01.c_str();
743 infoInstance.aclsNum = aclsNum;
744 infoInstance.acls = acls;
745 infoInstance.processName = "GetAccessTokenId013_03";
746 tokenId = GetAccessTokenId(&infoInstance);
747 ASSERT_NE(tokenId, 0);
748 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
749
750 const std::string validcAcl02 (MAX_PERM_LEN - 1, 'x');
751 acls[0] = validcAcl02.c_str();
752 infoInstance.aclsNum = aclsNum;
753 infoInstance.acls = acls;
754 infoInstance.processName = "GetAccessTokenId013_04";
755 tokenId = GetAccessTokenId(&infoInstance);
756 ASSERT_NE(tokenId, 0);
757 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
758
759 delete[] acls;
760 }
761
762 /**
763 * @tc.name: GetAccessTokenId014
764 * @tc.desc: getAccessTokenId success with perms and acls.
765 * @tc.type: FUNC
766 * @tc.require:AR000H09K7
767 */
768 HWTEST_F(TokenLibKitTest, GetAccessTokenId014, TestSize.Level0)
769 {
770 uint64_t tokenId;
771 const char **acls = new (std::nothrow) const char *[1];
772 ASSERT_NE(acls, nullptr);
773 acls[0] = "ohos.permission.PERMISSION_USED_STATS";
774 const char **perms = new (std::nothrow) const char *[3];
775 ASSERT_NE(perms, nullptr);
776 perms[0] = "ohos.permission.PERMISSION_USED_STATS"; // system_core
777 perms[1] = "ohos.permission.PLACE_CALL"; // system_basic
778 perms[2] = "ohos.permission.unknown"; // invalid
779 NativeTokenInfoParams infoInstance = {
780 .dcapsNum = 0,
781 .permsNum = 3,
782 .dcaps = nullptr,
783 .perms = perms,
784 .aplStr = "system_basic",
785 };
786
787 infoInstance.acls = nullptr;
788 infoInstance.aclsNum = 0;
789 infoInstance.processName = "GetAccessTokenId014_01";
790 tokenId = GetAccessTokenId(&infoInstance);
791 ASSERT_NE(tokenId, 0);
792 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
793
794 infoInstance.acls = acls;
795 infoInstance.aclsNum = 1;
796 infoInstance.processName = "GetAccessTokenId014_02";
797 tokenId = GetAccessTokenId(&infoInstance);
798 ASSERT_NE(tokenId, 0);
799 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
800
801 delete[] perms;
802 delete[] acls;
803 }
804
805 /**
806 * @tc.name: GetAccessTokenId015
807 * @tc.desc: cannot getAccessTokenId with invalid aclsNum.
808 * @tc.type: FUNC
809 * @tc.require:AR000H09K6
810 */
811 HWTEST_F(TokenLibKitTest, GetAccessTokenId015, TestSize.Level1)
812 {
813 const char **perms = new (std::nothrow) const char *[MAX_PERM_NUM + 1];
814 ASSERT_NE(perms, nullptr);
815 perms[0] = "ohos.permission.test1";
816 perms[1] = "ohos.permission.test2";
817 int32_t permsNum = 2;
818 uint64_t tokenId;
819 NativeTokenInfoParams infoInstance = {
820 .dcapsNum = 0,
821 .dcaps = nullptr,
822 .perms = perms,
823 .acls = perms,
824 .aplStr = "system_core",
825 };
826
827 infoInstance.permsNum = permsNum;
828 infoInstance.aclsNum = -1;
829 infoInstance.processName = "GetAccessTokenId015";
830 tokenId = GetAccessTokenId(&infoInstance);
831 ASSERT_EQ(tokenId, 0);
832
833 for (int32_t i = 0; i < MAX_PERM_NUM + 1; i++) {
834 perms[i] = "ohos.permission.test";
835 }
836
837 infoInstance.permsNum = MAX_PERM_NUM;
838 infoInstance.aclsNum = MAX_PERM_NUM + 1;
839 infoInstance.processName = "GetAccessTokenId015_00";
840 tokenId = GetAccessTokenId(&infoInstance);
841 ASSERT_EQ(tokenId, 0);
842
843 permsNum = MAX_PERM_NUM;
844 infoInstance.permsNum = permsNum;
845 infoInstance.aclsNum = permsNum;
846 infoInstance.processName = "GetAccessTokenId015_01";
847 tokenId = GetAccessTokenId(&infoInstance);
848 ASSERT_NE(tokenId, 0);
849 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
850
851 permsNum = MAX_PERM_NUM - 1;
852 infoInstance.permsNum = permsNum;
853 infoInstance.aclsNum = permsNum;
854 infoInstance.processName = "GetAccessTokenId015_02";
855 tokenId = GetAccessTokenId(&infoInstance);
856 ASSERT_NE(tokenId, 0);
857 ASSERT_EQ(DeleteAccessTokenId(infoInstance.processName), 0);
858
859 permsNum = MAX_PERM_NUM - 1;
860 infoInstance.permsNum = permsNum;
861 infoInstance.aclsNum = permsNum + 1;
862 infoInstance.processName = "GetAccessTokenId015_03";
863 tokenId = GetAccessTokenId(&infoInstance);
864 ASSERT_EQ(tokenId, 0);
865
866 delete[] perms;
867 }
868