1 /** 2 * Copyright (c) 2021 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #include "ActsPMSTest.h" 17 18 using namespace std; 19 using namespace testing::ext; 20 21 static PmsInnerApi *g_interface; 22 static PermissionTrans g_systemPers[] = { 23 { 24 "ohos.permission.CAMERA", 25 "for CAMERA use", 26 INUSE, 27 }, 28 { 29 "ohos.permission.RECORD_AUDIO", 30 "for RECORD_AUDIO use", 31 ALWAYS, 32 }, 33 { 34 "ohos.permission.READ_MEDIA_AUDIO", 35 "for READ_MEDIA_AUDIO use", 36 INUSE, 37 }, 38 { 39 "ohos.permission.READ_MEDIA_IMAGES", 40 "for READ_MEDIA_IMAGES use", 41 ALWAYS, 42 }, 43 { 44 "ohos.permission.READ_MEDIA_VIDEO", 45 "for READ_MEDIA_VIDEO use", 46 INUSE, 47 }, 48 { 49 "ohos.permission.WRITE_MEDIA_AUDIO", 50 "for WRITE_MEDIA_AUDIO use", 51 ALWAYS, 52 }, 53 { 54 "ohos.permission.WRITE_MEDIA_IMAGES", 55 "for WRITE_MEDIA_IMAGES use", 56 INUSE, 57 }, 58 { 59 "ohos.permission.WRITE_MEDIA_VIDEO", 60 "for WRITE_MEDIA_VIDEO use", 61 ALWAYS, 62 }, 63 { 64 "ohos.permission.MODIFY_AUDIO_SETTINGS", 65 "for MODIFY_AUDIO_SETTINGS use", 66 INUSE, 67 }, 68 }; 69 70 class ActsPMSDeleteTest : public testing::Test { 71 protected: SetUpTestCase(void)72 static void SetUpTestCase(void) 73 { 74 CreateAppDir(); 75 IUnknown *iUnknown = SAMGR_GetInstance()->GetFeatureApi(PERMISSION_SERVICE, PERM_INNER); 76 iUnknown->QueryInterface(iUnknown, DEFAULT_VERSION, (void **) &g_interface); 77 setuid(0); 78 } TearDownTestCase(void)79 static void TearDownTestCase(void) {} SetUp()80 virtual void SetUp() {} TearDown()81 virtual void TearDown() 82 { 83 DeletePermissions(TEST_APP_ID); 84 DeletePermissions(TEST_APP_ID2); 85 DeletePermissions(SUBTEST_APP_ID); 86 UnLoadPermissions(TEST_TASKID); 87 UnLoadPermissions(SUBTEST_TASKID); 88 } 89 }; 90 91 /** 92 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0200 93 * @tc.name The application is unloaded and the permission data is deleted 94 * @tc.desc [C- SECURITY -0800] 95 */ 96 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0200, Function | MediumTest | Level0) 97 { 98 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 99 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl; 100 ret = DeletePermissions(TEST_APP_ID); 101 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 102 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers); 103 } 104 105 /** 106 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0210 107 * @tc.name Unload unknown applications 108 * @tc.desc [C- SECURITY -0800] 109 */ 110 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0210, Function | MediumTest | Level2) 111 { 112 int ret = DeletePermissions(TEST_APP_ID); 113 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 114 ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 115 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl; 116 ret = DeletePermissions(TEST_APP_ID); 117 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 118 ret = DeletePermissions(TEST_APP_ID); 119 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 120 } 121 122 /** 123 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0230 124 * @tc.name Delete multiple application permissions 125 * @tc.desc [C- SECURITY -0800] 126 */ 127 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0230, Function | MediumTest | Level3) 128 { 129 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 130 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl; 131 ret = SaveOrUpdatePermissions(TEST_APP_ID2, g_systemPers, 0, FIRST_INSTALL); 132 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl; 133 ret = DeletePermissions(TEST_APP_ID); 134 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 135 ret = DeletePermissions(TEST_APP_ID2); 136 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 137 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers); 138 CheckAppPermission(TEST_APP_ID2, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers); 139 } 140 141 /** 142 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0250 143 * @tc.name After the application permissions are loaded, the permissions can be deleted 144 * @tc.desc [C- SECURITY -0800] 145 */ 146 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0250, Function | MediumTest | Level3) 147 { 148 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 149 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl; 150 ret = LoadPermissions(TEST_APP_ID, TEST_TASKID); 151 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "load ret = " << ret << endl; 152 ret = DeletePermissions(TEST_APP_ID); 153 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 154 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers); 155 ret = UnLoadPermissions(TEST_TASKID); 156 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 157 } 158 159 /** 160 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0260 161 * @tc.name After the application permissions are unloaded, the permissions can be deleted 162 * @tc.desc [C- SECURITY -0800] 163 */ 164 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0260, Function | MediumTest | Level2) 165 { 166 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 167 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl; 168 ret = LoadPermissions(TEST_APP_ID, TEST_TASKID); 169 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "load ret = " << ret << endl; 170 ret = UnLoadPermissions(TEST_TASKID); 171 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 172 ret = DeletePermissions(TEST_APP_ID); 173 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 174 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers); 175 } 176 177 /** 178 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0270 179 * @tc.name After the application permissions are checked, the permissions can be deleted 180 * @tc.desc [C- SECURITY -0800] 181 */ 182 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0270, Function | MediumTest | Level2) 183 { 184 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 185 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl; 186 for (int i = 0; i < SYS_PERM_NUM; i++) { 187 g_interface->GrantPermission(TEST_APP_ID, g_systemPers[i].name); 188 } 189 ret = LoadPermissions(TEST_APP_ID, TEST_TASKID); 190 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "load ret = " << ret << endl; 191 ret = CheckPermission(TEST_TASKID, g_systemPers[0].name); 192 EXPECT_EQ(ret, GRANTED) << "checkperm ret = " << ret << endl; 193 ret = DeletePermissions(TEST_APP_ID); 194 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 195 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers); 196 ret = UnLoadPermissions(TEST_TASKID); 197 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 198 } 199 200 /** 201 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0280 202 * @tc.name After the application permissions are queryed, the permissions can be deleted 203 * @tc.desc [C- SECURITY -0800] 204 */ 205 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0280, Function | MediumTest | Level4) 206 { 207 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 208 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl; 209 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_SUCCESS, SYS_PERM_NUM, g_systemPers); 210 ret = DeletePermissions(TEST_APP_ID); 211 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 212 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers); 213 } 214 215 /** 216 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0290 217 * @tc.name After the application permissions are granted, the permissions can be deleted 218 * @tc.desc [C- SECURITY -0800] 219 */ 220 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0290, Function | MediumTest | Level2) 221 { 222 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 223 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl; 224 for (int i = 0; i < SYS_PERM_NUM; i++) { 225 ret = g_interface->GrantPermission(TEST_APP_ID, g_systemPers[i].name); 226 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "grant ret = " << ret << endl; 227 } 228 ret = DeletePermissions(TEST_APP_ID); 229 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 230 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers); 231 } 232 233 /** 234 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0300 235 * @tc.name After the application permissions are revoked, the permissions can be deleted 236 * @tc.desc [C- SECURITY -0800] 237 */ 238 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0300, Function | MediumTest | Level2) 239 { 240 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 241 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl; 242 for (int i = 0; i < SYS_PERM_NUM; i++) { 243 ret = g_interface->RevokePermission(TEST_APP_ID, g_systemPers[i].name); 244 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "revoke ret = " << ret << endl; 245 } 246 ret = DeletePermissions(TEST_APP_ID); 247 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 248 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers); 249 } 250 251 /** 252 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0310 253 * @tc.name Another application permission change does not affect delete permission 254 * @tc.desc [C- SECURITY -0800] 255 */ 256 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0310, Function | MediumTest | Level3) 257 { 258 int pid = fork(); 259 int status = 0; 260 if (pid != 0) { 261 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 262 int ret = DeletePermissions(TEST_APP_ID); 263 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 264 waitpid(pid, &status, 0); 265 } else { 266 SubTestWithoutCheck(SUBTEST_APP_ID, SUBTEST_TASKID); 267 exit(0); 268 } 269 } 270 271 /** 272 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0420 273 * @tc.name The permission file is abnormal and can be deleted 274 * @tc.desc [C- SECURITY -0800] 275 */ 276 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0420, Function | MediumTest | Level4) 277 { 278 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 279 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl; 280 int fd = access(TEST_APP_PATH, F_OK); 281 if (fd == 0) { 282 unlink(TEST_APP_PATH); 283 } 284 fd = open(TEST_APP_PATH, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR); 285 if (fd >= 0) { 286 write(fd, PERMISSION_UNSUPPORTED, strlen(PERMISSION_UNSUPPORTED)); 287 close(fd); 288 } 289 DeletePermissions(TEST_APP_ID); 290 fd = open(TEST_APP_PATH, O_RDONLY); 291 EXPECT_LT(fd, 0); 292 } 293 294 /** 295 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0500 296 * @tc.name Can delete application permission with long and short package names 297 * @tc.desc [C- SECURITY -0800] 298 */ 299 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0500, Function | MediumTest | Level2) 300 { 301 SaveOrUpdatePermissions(TEST_APP_SHORT, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 302 SaveOrUpdatePermissions(TEST_APP_LONG, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 303 int ret = DeletePermissions(TEST_APP_SHORT); 304 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 305 ret = DeletePermissions(TEST_APP_LONG); 306 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl; 307 }