1 /** 2 * Copyright (c) 2021 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #include "ActsPMSTest.h" 17 18 using namespace std; 19 using namespace testing::ext; 20 21 static PmsInnerApi *g_interface; 22 static PermissionTrans g_systemPers[] = { 23 { 24 "ohos.permission.CAMERA", 25 "for CAMERA use", 26 INUSE, 27 }, 28 { 29 "ohos.permission.RECORD_AUDIO", 30 "for RECORD_AUDIO use", 31 ALWAYS, 32 }, 33 { 34 "ohos.permission.READ_MEDIA_AUDIO", 35 "for READ_MEDIA_AUDIO use", 36 INUSE, 37 }, 38 { 39 "ohos.permission.READ_MEDIA_IMAGES", 40 "for READ_MEDIA_IMAGES use", 41 ALWAYS, 42 }, 43 { 44 "ohos.permission.READ_MEDIA_VIDEO", 45 "for READ_MEDIA_VIDEO use", 46 INUSE, 47 }, 48 { 49 "ohos.permission.WRITE_MEDIA_AUDIO", 50 "for WRITE_MEDIA_AUDIO use", 51 ALWAYS, 52 }, 53 { 54 "ohos.permission.WRITE_MEDIA_IMAGES", 55 "for WRITE_MEDIA_IMAGES use", 56 INUSE, 57 }, 58 { 59 "ohos.permission.WRITE_MEDIA_VIDEO", 60 "for WRITE_MEDIA_VIDEO use", 61 ALWAYS, 62 }, 63 { 64 "ohos.permission.MODIFY_AUDIO_SETTINGS", 65 "for MODIFY_AUDIO_SETTINGS use", 66 INUSE, 67 }, 68 }; 69 70 class ActsPMSUnloadTest : public testing::Test { 71 protected: SetUpTestCase(void)72 static void SetUpTestCase(void) 73 { 74 CreateAppDir(); 75 IUnknown *iUnknown = SAMGR_GetInstance()->GetFeatureApi(PERMISSION_SERVICE, PERM_INNER); 76 iUnknown->QueryInterface(iUnknown, DEFAULT_VERSION, (void **) &g_interface); 77 setuid(0); 78 } TearDownTestCase(void)79 static void TearDownTestCase(void) {} SetUp()80 virtual void SetUp() {} TearDown()81 virtual void TearDown() 82 { 83 DeletePermissions(TEST_APP_ID); 84 DeletePermissions(TEST_APP_ID2); 85 DeletePermissions(SUBTEST_APP_ID); 86 UnLoadPermissions(TEST_TASKID); 87 UnLoadPermissions(SUBTEST_TASKID); 88 } 89 }; 90 91 /** 92 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0590 93 * @tc.name Unload permissions to large and small PIDs 94 * @tc.desc [C- SECURITY -1000] 95 */ 96 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0590, Function | MediumTest | Level3) 97 { 98 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 99 LoadPermissions(TEST_APP_ID, MAX_PID); 100 int ret = UnLoadPermissions(MAX_PID); 101 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 102 LoadPermissions(TEST_APP_ID, MIN_PID); 103 ret = UnLoadPermissions(MIN_PID); 104 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 105 DeletePermissions(TEST_APP_ID); 106 } 107 108 /** 109 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0600 110 * @tc.name Unload permissions 111 * @tc.desc [C- SECURITY -1000] 112 */ 113 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0600, Function | MediumTest | Level2) 114 { 115 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 116 LoadPermissions(TEST_APP_ID, TEST_TASKID); 117 DeletePermissions(TEST_APP_ID); 118 int ret = UnLoadPermissions(TEST_TASKID); 119 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 120 } 121 122 /** 123 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0610 124 * @tc.name Unload permissions not loaded 125 * @tc.desc [C- SECURITY -1000] 126 */ 127 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0610, Function | MediumTest | Level3) 128 { 129 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 130 int ret = UnLoadPermissions(TEST_TASKID); 131 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 132 DeletePermissions(TEST_APP_ID); 133 } 134 135 /** 136 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0620 137 * @tc.name Unload permissions not installed 138 * @tc.desc [C- SECURITY -1000] 139 */ 140 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0620, Function | MediumTest | Level4) 141 { 142 int ret = UnLoadPermissions(TEST_TASKID); 143 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 144 } 145 146 /** 147 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0640 148 * @tc.name Duplicate unload application permissions 149 * @tc.desc [C- SECURITY -1000] 150 */ 151 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0640, Function | MediumTest | Level3) 152 { 153 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 154 g_interface->GrantPermission(TEST_APP_ID, g_systemPers[0].name); 155 LoadPermissions(TEST_APP_ID, TEST_TASKID); 156 int ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[0].name); 157 EXPECT_EQ(ret, GRANTED) << "checkperm ret = " << ret << endl; 158 UnLoadPermissions(TEST_TASKID); 159 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[0].name); 160 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 161 UnLoadPermissions(TEST_TASKID); 162 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[0].name); 163 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 164 DeletePermissions(TEST_APP_ID); 165 } 166 167 /** 168 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0660 169 * @tc.name Unload multiple application permissions 170 * @tc.desc [C- SECURITY -1000] 171 */ 172 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0660, Function | MediumTest | Level3) 173 { 174 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 175 SaveOrUpdatePermissions(TEST_APP_ID2, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 176 LoadPermissions(TEST_APP_ID, TEST_TASKID); 177 LoadPermissions(TEST_APP_ID2, SUBTEST_TASKID); 178 int ret = UnLoadPermissions(TEST_TASKID); 179 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 180 ret = UnLoadPermissions(SUBTEST_TASKID); 181 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 182 DeletePermissions(TEST_APP_ID); 183 DeletePermissions(TEST_APP_ID2); 184 } 185 186 /** 187 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0750 188 * @tc.name Unload immediately after installing permissions 189 * @tc.desc [C- SECURITY -1000] 190 */ 191 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0750, Function | MediumTest | Level2) 192 { 193 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 194 LoadPermissions(TEST_APP_ID, TEST_TASKID); 195 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, 0, FIRST_INSTALL); 196 int ret = UnLoadPermissions(TEST_TASKID); 197 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 198 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[SYS_PERM_NUM - 1].name); 199 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 200 DeletePermissions(TEST_APP_ID); 201 } 202 203 /** 204 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0760 205 * @tc.name Unload immediately after updating permissions 206 * @tc.desc [C- SECURITY -1000] 207 */ 208 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0760, Function | MediumTest | Level2) 209 { 210 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 211 LoadPermissions(TEST_APP_ID, TEST_TASKID); 212 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, 0, UPDATE); 213 int ret = UnLoadPermissions(TEST_TASKID); 214 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 215 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[SYS_PERM_NUM - 1].name); 216 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 217 DeletePermissions(TEST_APP_ID); 218 } 219 220 /** 221 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0770 222 * @tc.name Unload immediately after deleting permissions 223 * @tc.desc [C- SECURITY -1000] 224 */ 225 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0770, Function | MediumTest | Level3) 226 { 227 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 228 DeletePermissions(TEST_APP_ID); 229 int ret = UnLoadPermissions(TEST_TASKID); 230 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 231 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[SYS_PERM_NUM - 1].name); 232 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 233 } 234 235 /** 236 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0780 237 * @tc.name Unload after loading and deleting permissions 238 * @tc.desc [C- SECURITY -1000] 239 */ 240 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0780, Function | MediumTest | Level3) 241 { 242 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 243 LoadPermissions(TEST_APP_ID, TEST_TASKID); 244 DeletePermissions(TEST_APP_ID); 245 int ret = UnLoadPermissions(TEST_TASKID); 246 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 247 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[SYS_PERM_NUM - 1].name); 248 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 249 } 250 251 /** 252 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0790 253 * @tc.name Unload immediately after querying permissions 254 * @tc.desc [C- SECURITY -1000] 255 */ 256 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0790, Function | MediumTest | Level4) 257 { 258 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 259 LoadPermissions(TEST_APP_ID, TEST_TASKID); 260 CheckPermission(TEST_TASKID, g_systemPers[0].name); 261 int ret = UnLoadPermissions(TEST_TASKID); 262 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 263 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[SYS_PERM_NUM - 1].name); 264 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 265 DeletePermissions(TEST_APP_ID); 266 } 267 268 /** 269 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0800 270 * @tc.name Unload permission after grant runtime permissions 271 * @tc.desc [C- SECURITY -1000] 272 */ 273 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0800, Function | MediumTest | Level2) 274 { 275 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 276 LoadPermissions(TEST_APP_ID, TEST_TASKID); 277 g_interface->GrantRuntimePermission(TEST_TASKID, g_systemPers[0].name); 278 int ret = UnLoadPermissions(TEST_TASKID); 279 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 280 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[SYS_PERM_NUM - 1].name); 281 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 282 DeletePermissions(TEST_APP_ID); 283 } 284 285 /** 286 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0810 287 * @tc.name Unload immediately after granting permissions 288 * @tc.desc [C- SECURITY -1000] 289 */ 290 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0810, Function | MediumTest | Level2) 291 { 292 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 293 LoadPermissions(TEST_APP_ID, TEST_TASKID); 294 g_interface->GrantPermission(TEST_APP_ID, g_systemPers[0].name); 295 int ret = UnLoadPermissions(TEST_TASKID); 296 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 297 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[0].name); 298 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 299 DeletePermissions(TEST_APP_ID); 300 } 301 302 /** 303 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0820 304 * @tc.name Unload immediately after revoking permissions 305 * @tc.desc [C- SECURITY -1000] 306 */ 307 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0820, Function | MediumTest | Level2) 308 { 309 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 310 LoadPermissions(TEST_APP_ID, TEST_TASKID); 311 g_interface->GrantPermission(TEST_APP_ID, g_systemPers[0].name); 312 g_interface->RevokePermission(TEST_APP_ID, g_systemPers[0].name); 313 int ret = UnLoadPermissions(TEST_TASKID); 314 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 315 ret = g_interface->CheckPermission(TEST_TASKID, g_systemPers[SYS_PERM_NUM - 1].name); 316 EXPECT_EQ(ret, RET_NOK) << "checkperm ret = " << ret << endl; 317 DeletePermissions(TEST_APP_ID); 318 } 319 320 /** 321 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0840 322 * @tc.name Another application permission change does not affect unload permission 323 * @tc.desc [C- SECURITY -1000] 324 */ 325 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0840, Function | MediumTest | Level3) 326 { 327 int pid = fork(); 328 int status = 0; 329 if (pid != 0) { 330 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 331 LoadPermissions(TEST_APP_ID, TEST_TASKID); 332 int ret = UnLoadPermissions(TEST_TASKID); 333 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 334 DeletePermissions(TEST_APP_ID); 335 waitpid(pid, &status, 0); 336 } else { 337 SubTestWithoutCheck(SUBTEST_APP_ID, SUBTEST_TASKID); 338 exit(0); 339 } 340 } 341 342 /** 343 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0900 344 * @tc.name Permission to unload exception data 345 * @tc.desc [C- SECURITY -1000] 346 */ 347 HWTEST_F(ActsPMSUnloadTest, testSecPMPMS_0900, Function | MediumTest | Level4) 348 { 349 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL); 350 LoadPermissions(TEST_APP_ID, TEST_TASKID); 351 int fd = access(TEST_APP_PATH, F_OK); 352 if (fd == 0) { 353 unlink(TEST_APP_PATH); 354 } 355 fd = open(TEST_APP_PATH, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR); 356 if (fd >= 0) { 357 write(fd, PERMISSION_UNSUPPORTED, strlen(PERMISSION_UNSUPPORTED)); 358 close(fd); 359 } 360 int ret = UnLoadPermissions(TEST_TASKID); 361 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl; 362 DeletePermissions(TEST_APP_ID); 363 }