1 /** 2 * Copyright (c) 2021 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #include "ActsPMSTest.h" 17 18 using namespace std; 19 using namespace testing::ext; 20 21 static PmsInnerApi *g_interface; 22 static PermissionTrans g_systemPers[] = { 23 { 24 "ohos.permission.CAMERA", 25 "for CAMERA use", 26 INUSE, 27 }, 28 { 29 "ohos.permission.RECORD_AUDIO", 30 "for RECORD_AUDIO use", 31 ALWAYS, 32 }, 33 { 34 "ohos.permission.READ_MEDIA_AUDIO", 35 "for READ_MEDIA_AUDIO use", 36 INUSE, 37 }, 38 { 39 "ohos.permission.READ_MEDIA_IMAGES", 40 "for READ_MEDIA_IMAGES use", 41 ALWAYS, 42 }, 43 { 44 "ohos.permission.READ_MEDIA_VIDEO", 45 "for READ_MEDIA_VIDEO use", 46 INUSE, 47 }, 48 { 49 "ohos.permission.WRITE_MEDIA_AUDIO", 50 "for WRITE_MEDIA_AUDIO use", 51 ALWAYS, 52 }, 53 { 54 "ohos.permission.WRITE_MEDIA_IMAGES", 55 "for WRITE_MEDIA_IMAGES use", 56 INUSE, 57 }, 58 { 59 "ohos.permission.WRITE_MEDIA_VIDEO", 60 "for WRITE_MEDIA_VIDEO use", 61 ALWAYS, 62 }, 63 { 64 "ohos.permission.MODIFY_AUDIO_SETTINGS", 65 "for MODIFY_AUDIO_SETTINGS use", 66 INUSE, 67 }, 68 }; 69 70 class ActsPMSRevokeRuntimeTest : public testing::Test { 71 protected: SetUpTestCase(void)72 static void SetUpTestCase(void) 73 { 74 CreateAppDir(); 75 IUnknown *iUnknown = SAMGR_GetInstance()->GetFeatureApi(PERMISSION_SERVICE, PERM_INNER); 76 iUnknown->QueryInterface(iUnknown, DEFAULT_VERSION, (void **) &g_interface); 77 setuid(0); 78 } TearDownTestCase(void)79 static void TearDownTestCase(void) {} SetUp()80 virtual void SetUp() {} TearDown()81 virtual void TearDown() 82 { 83 DeletePermissions(TEST_APP_ID); 84 DeletePermissions(TEST_APP_ID2); 85 DeletePermissions(SUBTEST_APP_ID); 86 UnLoadPermissions(TEST_TASKID); 87 UnLoadPermissions(SUBTEST_TASKID); 88 } 89 }; 90 91 /* 92 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_5000 93 * @tc.desc: revoke permissions to large and small PIDs 94 * @tc.type: FUNC 95 * @tc.require: AR000E07N7 96 */ 97 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_5000, Function | MediumTest | Level3) 98 { 99 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 100 LoadPermissions(TEST_APP_ID, MAX_PID); 101 int ret = g_interface->RevokeRuntimePermission(MAX_PID, g_systemPers[0].name); 102 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "revoke ret = " << ret << endl; 103 ret = g_interface->CheckPermission(MAX_PID, g_systemPers[0].name); 104 EXPECT_EQ(ret, NOT_GRANTED) << "checkperm ret = " << ret << endl; 105 UnLoadPermissions(MAX_PID); 106 LoadPermissions(TEST_APP_ID, MIN_PID); 107 ret = g_interface->RevokeRuntimePermission(MIN_PID, g_systemPers[1].name); 108 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "revoke ret = " << ret << endl; 109 ret = g_interface->CheckPermission(MIN_PID, g_systemPers[1].name); 110 EXPECT_EQ(ret, NOT_GRANTED) << "checkperm ret = " << ret << endl; 111 UnLoadPermissions(MIN_PID); 112 DeletePermissions(TEST_APP_ID); 113 } 114 115 /* 116 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_5100 117 * @tc.desc: revoke permissions while not load permiossion 118 * @tc.type: FUNC 119 * @tc.require: AR000F4FSI 120 */ 121 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_5100, Function | MediumTest | Level2) 122 { 123 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 124 int ret = g_interface->RevokeRuntimePermission(TEST_TASKID, g_systemPers[0].name); 125 EXPECT_EQ(ret, PERM_ERRORCODE_TASKID_NOT_EXIST) << "revoke ret = " << ret << endl; 126 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[0].name); 127 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 128 DeletePermissions(TEST_APP_ID); 129 } 130 131 /* 132 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_5200 133 * @tc.desc: revoke runtime app permissions 134 * @tc.type: FUNC 135 * @tc.require: AR000F4FSI 136 */ 137 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_5200, Function | MediumTest | Level0) 138 { 139 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 140 LoadPermissions(TEST_APP_ID, TEST_TASKID); 141 int ret = g_interface->RevokeRuntimePermission(TEST_TASKID, g_systemPers[0].name); 142 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "revoke ret = " << ret << endl; 143 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[0].name); 144 EXPECT_EQ(ret, NOT_GRANTED) << "checkperm ret = " << ret << endl; 145 UnLoadPermissions(TEST_TASKID); 146 DeletePermissions(TEST_APP_ID); 147 } 148 149 /* 150 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_5300 151 * @tc.desc: revoke permissions without request 152 * @tc.type: FUNC 153 * @tc.require: AR000F4FSI 154 */ 155 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_5300, Function | MediumTest | Level2) 156 { 157 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, 1, FIRST_INSTALL); 158 LoadPermissions(TEST_APP_ID, TEST_TASKID); 159 int ret = g_interface->RevokeRuntimePermission(TEST_TASKID, g_systemPers[1].name); 160 EXPECT_EQ(ret, PERM_ERRORCODE_PERM_NOT_EXIST) << "revoke ret = " << ret << endl; 161 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[1].name); 162 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 163 UnLoadPermissions(TEST_TASKID); 164 DeletePermissions(TEST_APP_ID); 165 } 166 167 /* 168 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_5400 169 * @tc.desc: revoke system_grant permissions 170 * @tc.type: FUNC 171 * @tc.require: AR000F4FSI 172 */ 173 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_5400, Function | MediumTest | Level2) 174 { 175 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 176 LoadPermissions(TEST_APP_ID, TEST_TASKID); 177 int ret = g_interface->RevokeRuntimePermission(TEST_TASKID, g_systemPers[SYS_PERM_NUM - 1].name); 178 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "revoke ret = " << ret << endl; 179 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[SYS_PERM_NUM - 1].name); 180 EXPECT_EQ(ret, NOT_GRANTED) << "checkperm ret = " << ret << endl; 181 UnLoadPermissions(TEST_TASKID); 182 DeletePermissions(TEST_APP_ID); 183 } 184 185 /* 186 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_5500 187 * @tc.desc: revoke user_grant permissions 188 * @tc.type: FUNC 189 * @tc.require: AR000F4FSI 190 */ 191 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_5500, Function | MediumTest | Level1) 192 { 193 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 194 LoadPermissions(TEST_APP_ID, TEST_TASKID); 195 int ret; 196 for (int i = 0; i < SYS_PERM_NUM - 1; i++) { 197 ret = g_interface->RevokeRuntimePermission(TEST_TASKID, g_systemPers[i].name); 198 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "revoke ret = " << ret << endl; 199 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[i].name); 200 EXPECT_EQ(ret, NOT_GRANTED) << "checkperm ret = " << ret << endl; 201 } 202 UnLoadPermissions(TEST_TASKID); 203 DeletePermissions(TEST_APP_ID); 204 } 205 206 /* 207 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_5600 208 * @tc.desc: revoke unknown permissions 209 * @tc.type: FUNC 210 * @tc.require: AR000F4FSI 211 */ 212 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_5600, Function | MediumTest | Level3) 213 { 214 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 215 LoadPermissions(TEST_APP_ID, TEST_TASKID); 216 int ret = g_interface->RevokeRuntimePermission(TEST_TASKID, PERMISSION_UNDEFINED); 217 EXPECT_EQ(ret, PERM_ERRORCODE_PERM_NOT_EXIST) << "revoke ret = " << ret << endl; 218 ret = g_interface->CheckPermission(TEST_TASKID, PERMISSION_UNDEFINED); 219 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 220 UnLoadPermissions(TEST_TASKID); 221 DeletePermissions(TEST_APP_ID); 222 } 223 224 /* 225 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_5700 226 * @tc.desc: revoke runtime permissions after revoke permission 227 * @tc.type: FUNC 228 * @tc.require: AR000F4FSI 229 */ 230 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_5700, Function | MediumTest | Level3) 231 { 232 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 233 g_interface->GrantPermission(TEST_APP_ID, g_systemPers[0].name); 234 g_interface->RevokePermission(TEST_APP_ID, g_systemPers[0].name); 235 LoadPermissions(TEST_APP_ID, TEST_TASKID); 236 int ret = g_interface->RevokeRuntimePermission(TEST_TASKID, g_systemPers[0].name); 237 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "revoke ret = " << ret << endl; 238 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[0].name); 239 EXPECT_EQ(ret, NOT_GRANTED) << "checkperm ret = " << ret << endl; 240 UnLoadPermissions(TEST_TASKID); 241 DeletePermissions(TEST_APP_ID); 242 } 243 244 /* 245 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_5800 246 * @tc.desc: revoke runtime permissions after grant permission 247 * @tc.type: FUNC 248 * @tc.require: AR000F4FSI 249 */ 250 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_5800, Function | MediumTest | Level2) 251 { 252 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 253 g_interface->GrantPermission(TEST_APP_ID, g_systemPers[0].name); 254 LoadPermissions(TEST_APP_ID, TEST_TASKID); 255 int ret = g_interface->RevokeRuntimePermission(TEST_TASKID, g_systemPers[0].name); 256 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "revoke ret = " << ret << endl; 257 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[0].name); 258 EXPECT_EQ(ret, NOT_GRANTED) << "checkperm ret = " << ret << endl; 259 UnLoadPermissions(TEST_TASKID); 260 DeletePermissions(TEST_APP_ID); 261 } 262 263 /* 264 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_5900 265 * @tc.desc: revoke runtime permissions continuously 266 * @tc.type: FUNC 267 * @tc.require: AR000F4FSI 268 */ 269 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_5900, Function | MediumTest | Level2) 270 { 271 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 272 LoadPermissions(TEST_APP_ID, TEST_TASKID); 273 int ret; 274 for (int i = 0; i < RELI_TEST_TIME; i++) { 275 ret = g_interface->RevokeRuntimePermission(TEST_TASKID, g_systemPers[0].name); 276 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "revoke ret = " << ret << endl; 277 if (ret != PERM_ERRORCODE_SUCCESS) { 278 break; 279 } 280 } 281 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[0].name); 282 EXPECT_EQ(ret, NOT_GRANTED) << "checkperm ret = " << ret << endl; 283 UnLoadPermissions(TEST_TASKID); 284 DeletePermissions(TEST_APP_ID); 285 } 286 287 /* 288 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_6000 289 * @tc.desc: revoke permissions of unnormal task 290 * @tc.type: FUNC 291 * @tc.require: AR000F4FSI 292 */ 293 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_6000, Function | MediumTest | Level3) 294 { 295 int ret = g_interface->RevokeRuntimePermission(ABNORMAL_TASKID, g_systemPers[0].name); 296 EXPECT_EQ(ret, PERM_ERRORCODE_TASKID_NOT_EXIST) << "revoke ret = " << ret << endl; 297 } 298 299 /* 300 * @tc.name: SUB_SEC_AppSEC_PermissionMgmt_PMS_6100 301 * @tc.desc: revoke permissions of unnormal permission 302 * @tc.type: FUNC 303 * @tc.require: AR000F4FSI 304 */ 305 HWTEST_F(ActsPMSRevokeRuntimeTest, testSecPMPMS_6100, Function | MediumTest | Level4) 306 { 307 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 308 LoadPermissions(TEST_APP_ID, TEST_TASKID); 309 int ret = g_interface->RevokeRuntimePermission(TEST_TASKID, PERMISSION_UNSUPPORTED); 310 EXPECT_EQ(ret, PERM_ERRORCODE_PERM_NOT_EXIST) << "revoke ret = " << ret << endl; 311 UnLoadPermissions(TEST_TASKID); 312 DeletePermissions(TEST_APP_ID); 313 }