1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "app_installation_optimized_test.h"
17 #include <thread>
18
19 #include "access_token_error.h"
20 #include "accesstoken_common_log.h"
21 #include "accesstoken_service_ipc_interface_code.h"
22 #include "nativetoken_kit.h"
23 #include "permission_grant_info.h"
24 #include "permission_state_change_info_parcel.h"
25 #include "string_ex.h"
26 #include "test_common.h"
27 #include "tokenid_kit.h"
28 #include "token_setproc.h"
29
30 using namespace testing::ext;
31 namespace OHOS {
32 namespace Security {
33 namespace AccessToken {
34 namespace {
35 const std::string CERT_PERMISSION = "ohos.permission.ACCESS_CERT_MANAGER";
36 const std::string CALENDAR_PERMISSION = "ohos.permission.WRITE_CALENDAR";
37 const std::string APP_TRACKING_PERMISSION = "ohos.permission.APP_TRACKING_CONSENT";
38 const std::string ACCESS_BLUETOOTH_PERMISSION = "ohos.permission.ACCESS_BLUETOOTH";
39 static constexpr int32_t DEFAULT_API_VERSION = 8;
40 static constexpr int32_t MAX_PERM_LIST_SIZE = 1024;
41 static MockNativeToken* g_mock;
42
43 PermissionStateFull g_infoManagerCameraState = {
44 .permissionName = APP_TRACKING_PERMISSION,
45 .isGeneral = true,
46 .resDeviceID = {"local2"},
47 .grantStatus = {PermissionState::PERMISSION_DENIED},
48 .grantFlags = {0}
49 };
50
51 PermissionStateFull g_infoBlueToothManagerState = {
52 .permissionName = ACCESS_BLUETOOTH_PERMISSION,
53 .isGeneral = true,
54 .resDeviceID = {"local2"},
55 .grantStatus = {PermissionState::PERMISSION_DENIED},
56 .grantFlags = {0}
57 };
58
59 PermissionStateFull g_infoManagerMicrophoneState = {
60 .permissionName = CALENDAR_PERMISSION,
61 .isGeneral = true,
62 .resDeviceID = {"local2"},
63 .grantStatus = {PermissionState::PERMISSION_DENIED},
64 .grantFlags = {0}
65 };
66
67 PermissionStateFull g_infoManagerCertState = {
68 .permissionName = CERT_PERMISSION,
69 .isGeneral = true,
70 .resDeviceID = {"local3"},
71 .grantStatus = {PermissionState::PERMISSION_DENIED},
72 .grantFlags = {0}
73 };
74
75 PermissionStateFull g_infoManagerTestState4 = {
76 .permissionName = "ohos.permission.ACCESS_BUNDLE_DIR",
77 .isGeneral = true,
78 .resDeviceID = {"local3"},
79 .grantStatus = {PermissionState::PERMISSION_DENIED},
80 .grantFlags = {0}
81 };
82
83 PermissionStateFull g_infoManagerTestStateMdm = {
84 .permissionName = "ohos.permission.SET_ENTERPRISE_INFO",
85 .isGeneral = true,
86 .resDeviceID = {"local3"},
87 .grantStatus = {PermissionState::PERMISSION_DENIED},
88 .grantFlags = {0}
89 };
90
91 HapInfoParams g_testHapInfoParams = {
92 .userID = 1,
93 .bundleName = "testName",
94 .instIndex = 0,
95 .appIDDesc = "test2",
96 .apiVersion = 11 // api version is 11
97 };
98
99 HapPolicyParams g_testPolicyParams = {
100 .apl = APL_NORMAL,
101 .domain = "test.domain2",
102 .permStateList = {
103 g_infoManagerCameraState,
104 g_infoManagerMicrophoneState,
105 g_infoManagerCertState
106 }
107 };
108 uint64_t g_selfShellTokenId;
109 }
110
SetUpTestCase()111 void AppInstallationOptimizedTest::SetUpTestCase()
112 {
113 g_selfShellTokenId = GetSelfTokenID();
114 TestCommon::SetTestEvironment(g_selfShellTokenId);
115 g_mock = new (std::nothrow) MockNativeToken("foundation");
116
117 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(
118 g_testHapInfoParams.userID, g_testHapInfoParams.bundleName, g_testHapInfoParams.instIndex);
119 AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
120 }
121
TearDownTestCase()122 void AppInstallationOptimizedTest::TearDownTestCase()
123 {
124 if (g_mock != nullptr) {
125 delete g_mock;
126 g_mock = nullptr;
127 }
128 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(
129 g_testHapInfoParams.userID, g_testHapInfoParams.bundleName, g_testHapInfoParams.instIndex);
130 AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
131
132 EXPECT_EQ(0, SetSelfTokenID(g_selfShellTokenId));
133 TestCommon::ResetTestEvironment();
134 }
135
SetUp()136 void AppInstallationOptimizedTest::SetUp()
137 {
138 LOGI(ATM_DOMAIN, ATM_TAG, "SetUp ok.");
139 }
140
TearDown()141 void AppInstallationOptimizedTest::TearDown()
142 {
143 }
144
145 /**
146 * @tc.name: InitHapToken001
147 * @tc.desc:Init a tokenId successfully, delete it successfully the first time and fail to delete it again.
148 * @tc.type: FUNC
149 * @tc.require: Issue Number
150 */
151 HWTEST_F(AppInstallationOptimizedTest, InitHapToken001, TestSize.Level1)
152 {
153 AccessTokenIDEx fullTokenId;
154 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, g_testPolicyParams, fullTokenId);
155 EXPECT_EQ(RET_SUCCESS, ret);
156 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
157 ASSERT_NE(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
158 }
159
160 /**
161 * @tc.name: InitHapToken002
162 * @tc.desc:
163 * @tc.type: FUNC
164 * @tc.require: Issue Number
165 */
166 HWTEST_F(AppInstallationOptimizedTest, InitHapToken002, TestSize.Level1)
167 {
168 HapPolicyParams testPolicyParams = {
169 .apl = APL_SYSTEM_BASIC,
170 .domain = "test.domain2",
171 .permStateList = {g_infoManagerCertState}
172 };
173 AccessTokenIDEx fullTokenId;
174 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams, fullTokenId);
175 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
176 EXPECT_EQ(RET_SUCCESS, res);
177 int32_t ret = AccessTokenKit::VerifyAccessToken(
178 fullTokenId.tokenIdExStruct.tokenID, CERT_PERMISSION);
179 EXPECT_EQ(ret, PERMISSION_GRANTED);
180 std::vector<PermissionStateFull> permStatList;
181 res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList, true);
182 ASSERT_EQ(RET_SUCCESS, res);
183 ASSERT_EQ(static_cast<uint32_t>(1), permStatList.size());
184 ASSERT_EQ(CERT_PERMISSION, permStatList[0].permissionName);
185 EXPECT_EQ(permStatList[0].grantFlags[0], PERMISSION_SYSTEM_FIXED);
186 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
187 }
188
189 /**
190 * @tc.name: InitHapToken003
191 * @tc.desc:
192 * @tc.type: FUNC
193 * @tc.require: Issue Number
194 */
195 HWTEST_F(AppInstallationOptimizedTest, InitHapToken003, TestSize.Level1)
196 {
197 HapPolicyParams testPolicyParams = {
198 .apl = APL_NORMAL,
199 .domain = "test.domain2",
200 .permStateList = {g_infoManagerMicrophoneState}
201 };
202 AccessTokenIDEx fullTokenId;
203 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams, fullTokenId);
204 EXPECT_EQ(RET_SUCCESS, res);
205 int32_t ret = AccessTokenKit::VerifyAccessToken(
206 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION);
207 EXPECT_EQ(ret, PERMISSION_DENIED);
208 uint32_t flag;
209 TestCommon::GetPermissionFlagByTest(fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION, flag);
210 EXPECT_EQ(flag, PERMISSION_DEFAULT_FLAG);
211 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
212 }
213
214 /**
215 * @tc.name: InitHapToken004
216 * @tc.desc:
217 * @tc.type: FUNC
218 * @tc.require: Issue Number
219 */
220 HWTEST_F(AppInstallationOptimizedTest, InitHapToken004, TestSize.Level1)
221 {
222 PreAuthorizationInfo info1 = {
223 .permissionName = CALENDAR_PERMISSION,
224 .userCancelable = false
225 };
226 HapPolicyParams testPolicyParams = {
227 .apl = APL_NORMAL,
228 .domain = "test.domain2",
229 .permStateList = {g_infoManagerMicrophoneState},
230 .preAuthorizationInfo = {info1},
231 };
232 AccessTokenIDEx fullTokenId;
233 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams, fullTokenId);
234 EXPECT_EQ(RET_SUCCESS, res);
235 int32_t ret = AccessTokenKit::VerifyAccessToken(
236 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION);
237 EXPECT_EQ(ret, PERMISSION_GRANTED);
238 std::vector<PermissionStateFull> permStatList;
239 res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList, false);
240 ASSERT_EQ(RET_SUCCESS, res);
241 ASSERT_EQ(static_cast<uint32_t>(1), permStatList.size());
242 ASSERT_EQ(CALENDAR_PERMISSION, permStatList[0].permissionName);
243 EXPECT_EQ(permStatList[0].grantFlags[0], PERMISSION_SYSTEM_FIXED);
244 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
245 }
246
247
248 /**
249 * @tc.name: InitHapToken005
250 * @tc.desc:
251 * @tc.type: FUNC
252 * @tc.require: Issue Number
253 */
254 HWTEST_F(AppInstallationOptimizedTest, InitHapToken005, TestSize.Level1)
255 {
256 PreAuthorizationInfo info1 = {
257 .permissionName = CALENDAR_PERMISSION,
258 .userCancelable = true
259 };
260 HapPolicyParams testPolicyParams = {
261 .apl = APL_NORMAL,
262 .domain = "test.domain2",
263 .permStateList = {g_infoManagerMicrophoneState},
264 .preAuthorizationInfo = {info1},
265 };
266 AccessTokenIDEx fullTokenId;
267 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams, fullTokenId);
268 EXPECT_EQ(RET_SUCCESS, res);
269 int32_t ret = AccessTokenKit::VerifyAccessToken(
270 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION);
271 EXPECT_EQ(ret, PERMISSION_GRANTED);
272
273 std::vector<PermissionStateFull> permStatList;
274 res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList, false);
275 ASSERT_EQ(RET_SUCCESS, res);
276 ASSERT_EQ(static_cast<uint32_t>(1), permStatList.size());
277 ASSERT_EQ(CALENDAR_PERMISSION, permStatList[0].permissionName);
278 EXPECT_EQ(permStatList[0].grantFlags[0], PERMISSION_GRANTED_BY_POLICY);
279 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
280 }
281
282 /**
283 * @tc.name: InitHapToken006
284 * @tc.desc:
285 * @tc.type: FUNC
286 * @tc.require: Issue Number
287 */
288 HWTEST_F(AppInstallationOptimizedTest, InitHapToken006, TestSize.Level1)
289 {
290 HapPolicyParams testPolicyParam = {
291 .apl = APL_SYSTEM_BASIC,
292 .domain = "test.domain2",
293 .permStateList = {g_infoManagerTestStateMdm},
294 };
295 g_testHapInfoParams.appDistributionType = "enterprise_mdm";
296 AccessTokenIDEx fullTokenId;
297 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
298 EXPECT_EQ(RET_SUCCESS, res);
299 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
300 }
301
302 /**
303 * @tc.name: InitHapToken007
304 * @tc.desc:
305 * @tc.type: FUNC
306 * @tc.require: Issue Number
307 */
308 HWTEST_F(AppInstallationOptimizedTest, InitHapToken007, TestSize.Level1)
309 {
310 HapPolicyParams testPolicyParam = {
311 .apl = APL_SYSTEM_BASIC,
312 .domain = "test.domain2",
313 .permStateList = {g_infoManagerTestStateMdm},
314 };
315 g_testHapInfoParams.appDistributionType = "";
316 AccessTokenIDEx fullTokenId;
317 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
318 EXPECT_EQ(ERR_PERM_REQUEST_CFG_FAILED, res);
319 }
320
321 /**
322 * @tc.name: InitHapToken008
323 * @tc.desc:
324 * @tc.type: FUNC
325 * @tc.require: Issue Number
326 */
327 HWTEST_F(AppInstallationOptimizedTest, InitHapToken008, TestSize.Level1)
328 {
329 HapPolicyParams testPolicyParam = {
330 .apl = APL_SYSTEM_BASIC,
331 .domain = "test.domain2",
332 .permStateList = {g_infoManagerTestStateMdm},
333 };
334 g_testHapInfoParams.appDistributionType = "none";
335 AccessTokenIDEx fullTokenId;
336 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
337 EXPECT_EQ(RET_SUCCESS, res);
338 }
339
340 /**
341 * @tc.name: InitHapToken009
342 * @tc.desc:
343 * @tc.type: FUNC
344 * @tc.require: Issue Number
345 */
346 HWTEST_F(AppInstallationOptimizedTest, InitHapToken009, TestSize.Level1)
347 {
348 HapPolicyParams testPolicyParam = {
349 .apl = APL_NORMAL,
350 .domain = "test.domain2",
351 .permStateList = {g_infoManagerTestState4},
352 };
353
354 AccessTokenIDEx fullTokenId;
355 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
356 EXPECT_EQ(ERR_PERM_REQUEST_CFG_FAILED, res);
357 }
358
359 /**
360 * @tc.name: InitHapToken010
361 * @tc.desc:
362 * @tc.type: FUNC
363 * @tc.require: Issue Number
364 */
365 HWTEST_F(AppInstallationOptimizedTest, InitHapToken010, TestSize.Level1)
366 {
367 HapPolicyParams testPolicyParam = {
368 .apl = APL_SYSTEM_BASIC,
369 .domain = "test.domain2",
370 .permStateList = {g_infoManagerTestState4},
371 };
372 g_testHapInfoParams.appDistributionType = "";
373 AccessTokenIDEx fullTokenId;
374 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
375 EXPECT_EQ(RET_SUCCESS, res);
376 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
377 }
378
379 /**
380 * @tc.name: InitHapToken011
381 * @tc.desc: InitHapToken with dlp type.
382 * @tc.type: FUNC
383 * @tc.require: Issue Number
384 */
385 HWTEST_F(AppInstallationOptimizedTest, InitHapToken011, TestSize.Level1)
386 {
387 HapPolicyParams testPolicyParams = {
388 .apl = APL_SYSTEM_BASIC,
389 .domain = "test.domain2",
390 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState, g_infoManagerCertState}
391 };
392 AccessTokenIDEx fullTokenId;
393 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams, fullTokenId);
394 EXPECT_EQ(RET_SUCCESS, res);
395
396 HapInfoParams testHapInfoParams1 = g_testHapInfoParams;
397 testHapInfoParams1.dlpType = DLP_FULL_CONTROL;
398 testHapInfoParams1.instIndex++;
399 AccessTokenIDEx dlpFullTokenId1;
400 res = AccessTokenKit::InitHapToken(testHapInfoParams1, testPolicyParams, dlpFullTokenId1);
401 EXPECT_EQ(RET_SUCCESS, res);
402
403 res = AccessTokenKit::VerifyAccessToken(dlpFullTokenId1.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
404 EXPECT_EQ(res, PERMISSION_DENIED);
405
406 (void)TestCommon::GrantPermissionByTest(
407 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION, PERMISSION_USER_SET);
408 (void)TestCommon::RevokePermissionByTest(
409 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION, PERMISSION_USER_SET);
410
411 testHapInfoParams1.instIndex++;
412 AccessTokenIDEx dlpFullTokenId2;
413 res = AccessTokenKit::InitHapToken(testHapInfoParams1, testPolicyParams, dlpFullTokenId2);
414 EXPECT_EQ(RET_SUCCESS, res);
415 res = AccessTokenKit::VerifyAccessToken(dlpFullTokenId2.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
416 EXPECT_EQ(res, PERMISSION_GRANTED);
417 res = AccessTokenKit::VerifyAccessToken(dlpFullTokenId1.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
418 EXPECT_EQ(res, PERMISSION_GRANTED);
419
420 std::vector<PermissionStateFull> permStatList1;
421 res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList1, false);
422 ASSERT_EQ(RET_SUCCESS, res);
423 std::vector<PermissionStateFull> permStatList2;
424 res = TestCommon::GetReqPermissionsByTest(dlpFullTokenId2.tokenIdExStruct.tokenID, permStatList2, false);
425 ASSERT_EQ(permStatList2.size(), permStatList1.size());
426 EXPECT_EQ(APP_TRACKING_PERMISSION, permStatList2[0].permissionName);
427 EXPECT_EQ(permStatList2[0].grantStatus[0], PERMISSION_GRANTED);
428 EXPECT_EQ(permStatList2[0].grantFlags[0], PERMISSION_USER_SET);
429 EXPECT_EQ(CALENDAR_PERMISSION, permStatList2[1].permissionName);
430 EXPECT_EQ(permStatList2[1].grantStatus[0], PERMISSION_DENIED);
431 EXPECT_EQ(permStatList2[1].grantFlags[0], PERMISSION_USER_SET);
432 ASSERT_EQ(RET_SUCCESS, res);
433 }
434
435 /**
436 * @tc.name: UpdateHapToken001
437 * @tc.desc:
438 * @tc.type: FUNC
439 * @tc.require: Issue Number
440 */
441 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken001, TestSize.Level1)
442 {
443 HapPolicyParams testPolicyParams1 = {
444 .apl = APL_NORMAL,
445 .domain = "test.domain2",
446 .permStateList = {g_infoManagerCameraState, g_infoBlueToothManagerState, g_infoManagerCertState}
447 };
448 AccessTokenIDEx fullTokenId;
449 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
450 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
451 EXPECT_EQ(RET_SUCCESS, ret);
452 ret = AccessTokenKit::VerifyAccessToken(
453 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
454 EXPECT_EQ(PERMISSION_DENIED, ret);
455 ret = AccessTokenKit::VerifyAccessToken(
456 fullTokenId.tokenIdExStruct.tokenID, CERT_PERMISSION);
457 EXPECT_EQ(PERMISSION_GRANTED, ret);
458
459 ret = TestCommon::GrantPermissionByTest(fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION, 0);
460 EXPECT_EQ(RET_SUCCESS, ret);
461 ret = AccessTokenKit::VerifyAccessToken(fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
462 EXPECT_EQ(PERMISSION_GRANTED, ret);
463 ret = TestCommon::GrantPermissionByTest(
464 fullTokenId.tokenIdExStruct.tokenID, ACCESS_BLUETOOTH_PERMISSION, PERMISSION_SYSTEM_FIXED);
465 EXPECT_EQ(RET_SUCCESS, ret);
466 ret = AccessTokenKit::VerifyAccessToken(
467 fullTokenId.tokenIdExStruct.tokenID, ACCESS_BLUETOOTH_PERMISSION);
468 EXPECT_EQ(PERMISSION_GRANTED, ret);
469
470 UpdateHapInfoParams info;
471 info.appIDDesc = "TEST";
472 info.apiVersion = DEFAULT_API_VERSION;
473 info.isSystemApp = false;
474 HapPolicyParams testPolicyParams2 = {
475 .apl = APL_NORMAL,
476 .domain = "test.domain2",
477 .permStateList = {g_infoManagerCameraState, g_infoBlueToothManagerState, g_infoManagerMicrophoneState}
478 };
479 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
480 ASSERT_EQ(RET_SUCCESS, ret);
481 ret = AccessTokenKit::VerifyAccessToken(fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
482 EXPECT_EQ(PERMISSION_GRANTED, ret);
483 ret = AccessTokenKit::VerifyAccessToken(fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION);
484 EXPECT_EQ(PERMISSION_DENIED, ret);
485 ret = AccessTokenKit::VerifyAccessToken(fullTokenId.tokenIdExStruct.tokenID, ACCESS_BLUETOOTH_PERMISSION);
486 EXPECT_EQ(PERMISSION_DENIED, ret);
487 ret = AccessTokenKit::VerifyAccessToken(fullTokenId.tokenIdExStruct.tokenID, CERT_PERMISSION);
488 EXPECT_EQ(PERMISSION_DENIED, ret);
489
490 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
491 }
492
493 /**
494 * @tc.name: UpdateHapToken002
495 * @tc.desc:
496 * @tc.type: FUNC
497 * @tc.require: Issue Number
498 */
499 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken002, TestSize.Level1)
500 {
501 HapPolicyParams testPolicyParams1 = {
502 .apl = APL_NORMAL,
503 .domain = "test.domain2",
504 .permStateList = {g_infoManagerCameraState}
505 };
506 AccessTokenIDEx fullTokenId;
507 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
508 EXPECT_EQ(RET_SUCCESS, ret);
509 ret = TestCommon::RevokePermissionByTest(
510 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION, PERMISSION_USER_FIXED);
511 EXPECT_EQ(RET_SUCCESS, ret);
512
513 std::vector<PermissionStateFull> permStatList;
514 int32_t res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList, false);
515 ASSERT_EQ(RET_SUCCESS, res);
516 ASSERT_EQ(static_cast<uint32_t>(1), permStatList.size());
517 ASSERT_EQ(APP_TRACKING_PERMISSION, permStatList[0].permissionName);
518 EXPECT_EQ(permStatList[0].grantStatus[0], PERMISSION_DENIED);
519 EXPECT_EQ(permStatList[0].grantFlags[0], PERMISSION_USER_FIXED);
520
521 UpdateHapInfoParams info;
522 info.appIDDesc = "TEST";
523 info.apiVersion = DEFAULT_API_VERSION;
524 info.isSystemApp = false;
525 HapPolicyParams testPolicyParams2 = {
526 .apl = APL_NORMAL,
527 .domain = "test.domain2",
528 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState}
529 };
530 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
531 ASSERT_EQ(RET_SUCCESS, ret);
532 std::vector<PermissionStateFull> permStatList1;
533 res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList1, false);
534 ASSERT_EQ(RET_SUCCESS, res);
535 ASSERT_EQ(static_cast<uint32_t>(2), permStatList1.size());
536 ASSERT_EQ(APP_TRACKING_PERMISSION, permStatList1[0].permissionName);
537 EXPECT_EQ(permStatList1[0].grantStatus[0], PERMISSION_DENIED);
538 EXPECT_EQ(permStatList1[0].grantFlags[0], PERMISSION_USER_FIXED);
539 ASSERT_EQ(CALENDAR_PERMISSION, permStatList1[1].permissionName);
540 EXPECT_EQ(permStatList1[1].grantStatus[0], PERMISSION_DENIED);
541 EXPECT_EQ(permStatList1[1].grantFlags[0], PERMISSION_DEFAULT_FLAG);
542
543 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
544 }
545
546 /**
547 * @tc.name: UpdateHapToken003
548 * @tc.desc:
549 * @tc.type: FUNC
550 * @tc.require: Issue Number
551 */
552 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken003, TestSize.Level1)
553 {
554 HapPolicyParams testPolicyParams1 = {
555 .apl = APL_NORMAL,
556 .domain = "test.domain2",
557 .permStateList = {g_infoManagerCameraState}
558 };
559 AccessTokenIDEx fullTokenId;
560 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
561 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
562 EXPECT_EQ(RET_SUCCESS, ret);
563 ret = AccessTokenKit::VerifyAccessToken(
564 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
565 EXPECT_EQ(PERMISSION_DENIED, ret);
566
567 UpdateHapInfoParams info;
568 info.appIDDesc = "TEST";
569 info.apiVersion = DEFAULT_API_VERSION;
570 info.isSystemApp = false;
571 PreAuthorizationInfo info1 = {
572 .permissionName = CALENDAR_PERMISSION,
573 .userCancelable = true
574 };
575 HapPolicyParams testPolicyParams2 = {
576 .apl = APL_NORMAL,
577 .domain = "test.domain2",
578 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState},
579 .preAuthorizationInfo = {info1}
580 };
581 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
582 ASSERT_EQ(RET_SUCCESS, ret);
583 std::vector<PermissionStateFull> permStatList1;
584 int32_t res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList1, false);
585 ASSERT_EQ(RET_SUCCESS, res);
586 ASSERT_EQ(static_cast<uint32_t>(2), permStatList1.size());
587 ASSERT_EQ(APP_TRACKING_PERMISSION, permStatList1[0].permissionName);
588 EXPECT_EQ(permStatList1[0].grantStatus[0], PERMISSION_DENIED);
589 EXPECT_EQ(permStatList1[0].grantFlags[0], PERMISSION_DEFAULT_FLAG);
590 ASSERT_EQ(CALENDAR_PERMISSION, permStatList1[1].permissionName);
591 EXPECT_EQ(permStatList1[1].grantStatus[0], PERMISSION_GRANTED);
592 EXPECT_EQ(permStatList1[1].grantFlags[0], PERMISSION_GRANTED_BY_POLICY);
593
594 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
595 }
596
597 /**
598 * @tc.name: UpdateHapToken004
599 * @tc.desc:
600 * @tc.type: FUNC
601 * @tc.require: Issue Number
602 */
603 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken004, TestSize.Level1)
604 {
605 HapPolicyParams testPolicyParams1 = {
606 .apl = APL_NORMAL,
607 .domain = "test.domain2",
608 .permStateList = {g_infoManagerCameraState}
609 };
610 AccessTokenIDEx fullTokenId;
611 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
612 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
613 EXPECT_EQ(RET_SUCCESS, ret);
614
615 UpdateHapInfoParams info;
616 info.appIDDesc = "TEST";
617 info.apiVersion = DEFAULT_API_VERSION;
618 info.isSystemApp = true;
619 PreAuthorizationInfo info1 = {
620 .permissionName = CALENDAR_PERMISSION,
621 .userCancelable = false
622 };
623 HapPolicyParams testPolicyParams2 = {
624 .apl = APL_NORMAL,
625 .domain = "test.domain2",
626 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState},
627 .preAuthorizationInfo = {info1}
628 };
629 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
630 ASSERT_EQ(RET_SUCCESS, ret);
631 std::vector<PermissionStateFull> state;
632 int32_t res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
633 ASSERT_EQ(RET_SUCCESS, res);
634 ASSERT_EQ(static_cast<uint32_t>(2), state.size());
635 ASSERT_EQ(CALENDAR_PERMISSION, state[1].permissionName);
636 EXPECT_EQ(state[1].grantStatus[0], PERMISSION_GRANTED);
637 EXPECT_EQ(state[1].grantFlags[0], PERMISSION_SYSTEM_FIXED);
638
639 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
640 }
641
642 /**
643 * @tc.name: UpdateHapToken005
644 * @tc.desc:
645 * @tc.type: FUNC
646 * @tc.require: Issue Number
647 */
648 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken005, TestSize.Level1)
649 {
650 HapPolicyParams testPolicyParam = {
651 .apl = APL_SYSTEM_BASIC,
652 .domain = "test.domain2",
653 .permStateList = {g_infoManagerCameraState}
654 };
655 AccessTokenIDEx fullTokenId;
656 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
657 EXPECT_EQ(RET_SUCCESS, res);
658
659 HapPolicyParams testPolicyParam2 = {
660 .apl = APL_SYSTEM_BASIC,
661 .domain = "test.domain2",
662 .permStateList = {g_infoManagerCameraState, g_infoManagerTestStateMdm},
663 };
664 UpdateHapInfoParams info = {
665 .appIDDesc = "TEST",
666 .apiVersion = DEFAULT_API_VERSION,
667 .isSystemApp = false
668 };
669 info.appDistributionType = "enterprise_mdm";
670 res = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParam2);
671 EXPECT_EQ(RET_SUCCESS, res);
672 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
673 }
674
675 /**
676 * @tc.name: UpdateHapToken006
677 * @tc.desc:
678 * @tc.type: FUNC
679 * @tc.require: Issue Number
680 */
681 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken006, TestSize.Level1)
682 {
683 HapPolicyParams testPolicyParam = {
684 .apl = APL_SYSTEM_BASIC,
685 .domain = "test.domain2",
686 .permStateList = {g_infoManagerCameraState}
687 };
688 AccessTokenIDEx fullTokenId;
689 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
690 EXPECT_EQ(RET_SUCCESS, res);
691
692 HapPolicyParams testPolicyParam2 = {
693 .apl = APL_SYSTEM_BASIC,
694 .domain = "test.domain2",
695 .permStateList = {g_infoManagerCameraState, g_infoManagerTestStateMdm},
696 };
697 UpdateHapInfoParams info = {
698 .appIDDesc = "TEST",
699 .apiVersion = DEFAULT_API_VERSION,
700 .isSystemApp = false
701 };
702 info.appDistributionType = "";
703 res = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParam2);
704 EXPECT_EQ(ERR_PERM_REQUEST_CFG_FAILED, res);
705 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
706 }
707
708 /**
709 * @tc.name: UpdateHapToken007
710 * @tc.desc:
711 * @tc.type: FUNC
712 * @tc.require: Issue Number
713 */
714 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken007, TestSize.Level1)
715 {
716 HapPolicyParams testPolicyParam = {
717 .apl = APL_SYSTEM_BASIC,
718 .domain = "test.domain2",
719 .permStateList = {g_infoManagerCameraState}
720 };
721 AccessTokenIDEx fullTokenId;
722 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
723 EXPECT_EQ(RET_SUCCESS, res);
724
725 HapPolicyParams testPolicyParam2 = {
726 .apl = APL_SYSTEM_BASIC,
727 .domain = "test.domain2",
728 .permStateList = {g_infoManagerCameraState, g_infoManagerTestStateMdm},
729 };
730 UpdateHapInfoParams info = {
731 .appIDDesc = "TEST",
732 .apiVersion = DEFAULT_API_VERSION,
733 .isSystemApp = false
734 };
735 info.appDistributionType = "none";
736 res = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParam2);
737 EXPECT_EQ(RET_SUCCESS, res);
738 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
739 }
740
741 /**
742 * @tc.name: UpdateHapToken008
743 * @tc.desc:
744 * @tc.type: FUNC
745 * @tc.require: Issue Number
746 */
747 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken008, TestSize.Level1)
748 {
749 HapPolicyParams testPolicyParam = {
750 .apl = APL_NORMAL,
751 .domain = "test.domain2",
752 .permStateList = {g_infoManagerCameraState}
753 };
754 AccessTokenIDEx fullTokenId;
755 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
756 EXPECT_EQ(RET_SUCCESS, res);
757
758 HapPolicyParams testPolicyParam2 = {
759 .apl = APL_SYSTEM_BASIC,
760 .domain = "test.domain2",
761 .permStateList = {g_infoManagerCameraState, g_infoManagerTestState4},
762 };
763 UpdateHapInfoParams info = {
764 .appIDDesc = "TEST",
765 .apiVersion = DEFAULT_API_VERSION,
766 .isSystemApp = true
767 };
768 res = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParam2);
769 EXPECT_EQ(RET_SUCCESS, res);
770 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
771 }
772
773 /**
774 * @tc.name: UpdateHapToken009
775 * @tc.desc:
776 * @tc.type: FUNC
777 * @tc.require: Issue Number
778 */
779 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken009, TestSize.Level1)
780 {
781 HapPolicyParams testPolicyParam = {
782 .apl = APL_NORMAL,
783 .domain = "test.domain2",
784 .permStateList = {g_infoManagerCameraState}
785 };
786 AccessTokenIDEx fullTokenId;
787 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
788 EXPECT_EQ(RET_SUCCESS, res);
789
790 HapPolicyParams testPolicyParam1 = {
791 .apl = APL_NORMAL,
792 .domain = "test.domain2",
793 .permStateList = {g_infoManagerCameraState, g_infoManagerTestState4},
794 };
795 UpdateHapInfoParams info = {
796 .appIDDesc = "TEST",
797 .apiVersion = DEFAULT_API_VERSION,
798 .isSystemApp = true
799 };
800 res = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParam1);
801 EXPECT_NE(RET_SUCCESS, res);
802 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
803 }
804
805 /**
806 * @tc.name: UpdateHapToken010
807 * @tc.desc:
808 * @tc.type: FUNC
809 * @tc.require: Issue Number
810 */
811 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken010, TestSize.Level1)
812 {
813 HapPolicyParams testPolicyParams1 = {
814 .apl = APL_NORMAL,
815 .domain = "test.domain2",
816 .permStateList = {g_infoManagerCameraState}
817 };
818 AccessTokenIDEx fullTokenId;
819 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
820 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
821 EXPECT_EQ(RET_SUCCESS, ret);
822
823 UpdateHapInfoParams info;
824 info.appIDDesc = "TEST";
825 info.apiVersion = DEFAULT_API_VERSION;
826 info.isSystemApp = true;
827 PreAuthorizationInfo info1 = {
828 .permissionName = APP_TRACKING_PERMISSION,
829 .userCancelable = false
830 };
831 HapPolicyParams testPolicyParams2 = {
832 .apl = APL_NORMAL,
833 .domain = "test.domain2",
834 .permStateList = {g_infoManagerCameraState},
835 .preAuthorizationInfo = {info1}
836 };
837 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
838 ASSERT_EQ(RET_SUCCESS, ret);
839 std::vector<PermissionStateFull> state;
840 int32_t res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
841 ASSERT_EQ(RET_SUCCESS, res);
842 ASSERT_EQ(static_cast<uint32_t>(1), state.size());
843 ASSERT_EQ(APP_TRACKING_PERMISSION, state[0].permissionName);
844 EXPECT_EQ(state[0].grantStatus[0], PERMISSION_GRANTED);
845 EXPECT_EQ(state[0].grantFlags[0], PERMISSION_SYSTEM_FIXED);
846
847 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
848 }
849
850 /**
851 * @tc.name: UpdateHapToken011
852 * @tc.desc: app user_grant permission has not been operated, update with pre-authorization
853 * @tc.type: FUNC
854 * @tc.require: Issue Number
855 */
856 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken011, TestSize.Level1)
857 {
858 HapPolicyParams testPolicyParams1 = {
859 .apl = APL_NORMAL,
860 .domain = "test.domain2",
861 .permStateList = {g_infoManagerCameraState}
862 };
863 AccessTokenIDEx fullTokenId;
864 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
865 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
866 EXPECT_EQ(RET_SUCCESS, ret);
867
868 UpdateHapInfoParams info;
869 info.appIDDesc = "TEST";
870 info.apiVersion = DEFAULT_API_VERSION;
871 info.isSystemApp = true;
872 PreAuthorizationInfo info1 = {
873 .permissionName = APP_TRACKING_PERMISSION,
874 .userCancelable = false
875 };
876 HapPolicyParams testPolicyParams2 = {
877 .apl = APL_NORMAL,
878 .domain = "test.domain2",
879 .permStateList = {g_infoManagerCameraState},
880 .preAuthorizationInfo = {info1}
881 };
882 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
883 ASSERT_EQ(RET_SUCCESS, ret);
884 std::vector<PermissionStateFull> state;
885 int32_t res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
886 ASSERT_EQ(RET_SUCCESS, res);
887 ASSERT_EQ(static_cast<uint32_t>(1), state.size());
888 ASSERT_EQ(APP_TRACKING_PERMISSION, state[0].permissionName);
889 EXPECT_EQ(state[0].grantStatus[0], PERMISSION_GRANTED);
890 EXPECT_EQ(state[0].grantFlags[0], PERMISSION_SYSTEM_FIXED);
891
892 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
893 }
894
895 /**
896 * @tc.name: UpdateHapToken012
897 * @tc.desc: app user_grant permission has been granted or revoked by user, update with pre-authorization
898 * @tc.type: FUNC
899 * @tc.require: Issue Number
900 */
901 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken012, TestSize.Level1)
902 {
903 HapPolicyParams testPolicyParams1 = {
904 .apl = APL_NORMAL,
905 .domain = "test.domain2",
906 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState}
907 };
908 AccessTokenIDEx fullTokenId;
909 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
910 EXPECT_EQ(RET_SUCCESS, ret);
911
912 ret = TestCommon::GrantPermissionByTest(
913 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION, PERMISSION_USER_FIXED);
914 EXPECT_EQ(RET_SUCCESS, ret);
915 ret = TestCommon::RevokePermissionByTest(
916 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION, PERMISSION_USER_FIXED);
917 EXPECT_EQ(RET_SUCCESS, ret);
918
919 UpdateHapInfoParams info;
920 info.appIDDesc = "TEST";
921 info.apiVersion = DEFAULT_API_VERSION;
922 info.isSystemApp = true;
923 PreAuthorizationInfo info1 = {
924 .permissionName = APP_TRACKING_PERMISSION,
925 .userCancelable = false
926 };
927 PreAuthorizationInfo info2 = {
928 .permissionName = CALENDAR_PERMISSION,
929 .userCancelable = false
930 };
931 HapPolicyParams testPolicyParams2 = {
932 .apl = APL_NORMAL,
933 .domain = "test.domain2",
934 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState},
935 .preAuthorizationInfo = {info1, info2}
936 };
937 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
938 ASSERT_EQ(RET_SUCCESS, ret);
939 std::vector<PermissionStateFull> state;
940 TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
941 ASSERT_EQ(static_cast<uint32_t>(2), state.size());
942 ASSERT_EQ(APP_TRACKING_PERMISSION, state[0].permissionName);
943 EXPECT_EQ(state[0].grantStatus[0], PERMISSION_GRANTED);
944 EXPECT_EQ(state[0].grantFlags[0], PERMISSION_USER_FIXED);
945 ASSERT_EQ(CALENDAR_PERMISSION, state[1].permissionName);
946 EXPECT_EQ(state[1].grantStatus[0], PERMISSION_DENIED);
947 EXPECT_EQ(state[1].grantFlags[0], PERMISSION_USER_FIXED);
948
949 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
950 }
951
952
953 /**
954 * @tc.name: UpdateHapToken013
955 * @tc.desc: app user_grant permission has been pre-authorized with
956 * userUnCancelable flag, update with userCancelable pre-authorization
957 * @tc.type: FUNC
958 * @tc.require: Issue Number
959 */
960 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken013, TestSize.Level1)
961 {
962 PreAuthorizationInfo info1 = {
963 .permissionName = APP_TRACKING_PERMISSION,
964 .userCancelable = false
965 };
966 PreAuthorizationInfo info2 = {
967 .permissionName = CALENDAR_PERMISSION,
968 .userCancelable = false
969 };
970 HapPolicyParams testPolicyParams1 = {
971 .apl = APL_NORMAL,
972 .domain = "test.domain2",
973 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState},
974 .preAuthorizationInfo = {info1, info2}
975 };
976 AccessTokenIDEx fullTokenId;
977 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
978 EXPECT_EQ(RET_SUCCESS, ret);
979
980 ret = TestCommon::GrantPermissionByTest(
981 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION, PERMISSION_USER_FIXED);
982 EXPECT_NE(RET_SUCCESS, ret);
983 ret = TestCommon::RevokePermissionByTest(
984 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION, PERMISSION_USER_FIXED);
985 EXPECT_NE(RET_SUCCESS, ret);
986
987 UpdateHapInfoParams info;
988 info.appIDDesc = "TEST";
989 info.apiVersion = DEFAULT_API_VERSION;
990 info.isSystemApp = true;
991 info1.userCancelable = true;
992 testPolicyParams1.preAuthorizationInfo = {info1};
993
994 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams1);
995 ASSERT_EQ(RET_SUCCESS, ret);
996 std::vector<PermissionStateFull> state;
997 TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
998 ASSERT_EQ(static_cast<uint32_t>(2), state.size());
999 EXPECT_EQ(state[0].grantStatus[0], PERMISSION_GRANTED);
1000 EXPECT_EQ(state[0].grantFlags[0], PERMISSION_GRANTED_BY_POLICY);
1001 EXPECT_EQ(state[1].grantStatus[0], PERMISSION_DENIED);
1002 EXPECT_EQ(state[1].grantFlags[0], PERMISSION_DEFAULT_FLAG);
1003
1004 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
1005 }
1006
1007 /**
1008 * @tc.name: UpdateHapToken014
1009 * @tc.desc: app user_grant permission has been pre-authorized with userCancelable flag,
1010 * update with userCancelable pre-authorization
1011 * @tc.type: FUNC
1012 * @tc.require: Issue Number
1013 */
1014 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken014, TestSize.Level1)
1015 {
1016 PreAuthorizationInfo info1 = {
1017 .permissionName = APP_TRACKING_PERMISSION,
1018 .userCancelable = true
1019 };
1020 PreAuthorizationInfo info2 = {
1021 .permissionName = CALENDAR_PERMISSION,
1022 .userCancelable = true
1023 };
1024 HapPolicyParams testPolicyParams1 = {
1025 .apl = APL_NORMAL,
1026 .domain = "test.domain2",
1027 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState},
1028 .preAuthorizationInfo = {info1, info2}
1029 };
1030 AccessTokenIDEx fullTokenId;
1031 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
1032 EXPECT_EQ(RET_SUCCESS, ret);
1033
1034 ret = TestCommon::RevokePermissionByTest(
1035 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION, PERMISSION_USER_FIXED);
1036 EXPECT_EQ(RET_SUCCESS, ret);
1037
1038 UpdateHapInfoParams info;
1039 info.appIDDesc = "TEST";
1040 info.apiVersion = DEFAULT_API_VERSION;
1041 info.isSystemApp = true;
1042 info1.userCancelable = false;
1043 testPolicyParams1.preAuthorizationInfo = {info1};
1044
1045 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams1);
1046 ASSERT_EQ(RET_SUCCESS, ret);
1047 std::vector<PermissionStateFull> state;
1048 TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
1049 ASSERT_EQ(static_cast<uint32_t>(2), state.size());
1050 EXPECT_EQ(state[0].grantStatus[0], PERMISSION_GRANTED);
1051 EXPECT_EQ(state[0].grantFlags[0], PERMISSION_SYSTEM_FIXED);
1052 EXPECT_EQ(state[1].grantStatus[0], PERMISSION_DENIED);
1053 EXPECT_EQ(state[1].grantFlags[0], PERMISSION_USER_FIXED | PERMISSION_GRANTED_BY_POLICY);
1054
1055 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
1056 }
1057
1058 /**
1059 * @tc.name: InitHapTokenAbnormal001
1060 * @tc.desc:
1061 * @tc.type: FUNC
1062 * @tc.require: Issue Number
1063 */
1064 HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal001, TestSize.Level1)
1065 {
1066 HapPolicyParams testPolicyParam = {
1067 .apl = APL_NORMAL,
1068 .domain = "test.domain2",
1069 .permStateList = {g_infoManagerCameraState},
1070 .aclRequestedList = {}
1071 };
1072 for (uint32_t i = 0; i < MAX_PERM_LIST_SIZE; i++) {
1073 testPolicyParam.aclRequestedList.emplace_back("ohos.permission.CAMERA");
1074 }
1075 AccessTokenIDEx fullTokenId;
1076 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
1077 EXPECT_EQ(RET_SUCCESS, res);
1078 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
1079 testPolicyParam.aclRequestedList.emplace_back("ohos.permission.CAMERA");
1080
1081 res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
1082 EXPECT_NE(RET_SUCCESS, res);
1083 }
1084
1085 /**
1086 * @tc.name: InitHapTokenAbnormal002
1087 * @tc.desc:
1088 * @tc.type: FUNC
1089 * @tc.require: Issue Number
1090 */
1091 HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal002, TestSize.Level1)
1092 {
1093 HapPolicyParams testPolicyParam = {
1094 .apl = APL_NORMAL,
1095 .domain = "test.domain2",
1096 .permStateList = {g_infoManagerCameraState},
1097 .aclRequestedList = {},
1098 };
1099 PreAuthorizationInfo info = {
1100 .permissionName = CALENDAR_PERMISSION,
1101 .userCancelable = false
1102 };
1103 for (uint32_t i = 0; i < MAX_PERM_LIST_SIZE; i++) {
1104 testPolicyParam.preAuthorizationInfo.emplace_back(info);
1105 }
1106 AccessTokenIDEx fullTokenId;
1107 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
1108 EXPECT_EQ(RET_SUCCESS, res);
1109 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
1110 testPolicyParam.preAuthorizationInfo.emplace_back(info);
1111
1112 res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
1113 EXPECT_NE(RET_SUCCESS, res);
1114 }
1115
1116 /**
1117 * @tc.name: InitHapTokenAbnormal003
1118 * @tc.desc:
1119 * @tc.type: FUNC
1120 * @tc.require: Issue Number
1121 */
1122 HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal003, TestSize.Level1)
1123 {
1124 HapInfoParams testHapInfoParams = g_testHapInfoParams;
1125 HapPolicyParams testPolicyParam = {
1126 .apl = APL_NORMAL,
1127 .domain = "test.domain2",
1128 .permStateList = {g_infoManagerCameraState},
1129 .aclRequestedList = {},
1130 .preAuthorizationInfo = {}
1131 };
1132
1133 // invalid userID
1134 testHapInfoParams.userID = -1;
1135 AccessTokenIDEx fullTokenId;
1136 int32_t res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1137 EXPECT_EQ(ERR_PARAM_INVALID, res);
1138 testHapInfoParams.userID = g_testHapInfoParams.userID;
1139
1140 // invalid bundleName
1141 testHapInfoParams.bundleName = "";
1142 res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1143 EXPECT_EQ(ERR_PARAM_INVALID, res);
1144 testHapInfoParams.bundleName = g_testHapInfoParams.bundleName;
1145
1146 // invalid dlpType
1147 testHapInfoParams.dlpType = -1;
1148 res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1149 EXPECT_EQ(ERR_PARAM_INVALID, res);
1150 testHapInfoParams.dlpType = g_testHapInfoParams.dlpType;
1151
1152 int32_t invalidAppIdLen = 10241; // 10241 is invalid appid length
1153 // invalid dlpType
1154 std::string invalidAppIDDesc (invalidAppIdLen, 'x');
1155 testHapInfoParams.appIDDesc = invalidAppIDDesc;
1156 res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1157 EXPECT_EQ(ERR_PARAM_INVALID, res);
1158 testHapInfoParams.appIDDesc = g_testHapInfoParams.appIDDesc;
1159 }
1160
1161 /**
1162 * @tc.name: InitHapTokenAbnormal004
1163 * @tc.desc:
1164 * @tc.type: FUNC
1165 * @tc.require: Issue Number
1166 */
1167 HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal004, TestSize.Level1)
1168 {
1169 HapInfoParams testHapInfoParams = g_testHapInfoParams;
1170 HapPolicyParams testPolicyParam = g_testPolicyParams;
1171
1172 // invalid apl 8
1173 testPolicyParam.apl = static_cast<AccessToken::TypeATokenAplEnum>(8);
1174 AccessTokenIDEx fullTokenId;
1175 int32_t res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1176 EXPECT_NE(RET_SUCCESS, res);
1177 testPolicyParam.apl = g_testPolicyParams.apl;
1178
1179 // invalid domain 1025
1180 const static int32_t MAX_DCAP_LENGTH = 1025;
1181 std::string invalidDomain (MAX_DCAP_LENGTH, 'x');
1182 testPolicyParam.domain = invalidDomain;
1183 res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1184 EXPECT_NE(RET_SUCCESS, res);
1185 testPolicyParam.domain = g_testPolicyParams.domain;
1186 }
1187
1188 } // namespace AccessToken
1189 } // namespace Security
1190 } // namespace OHOS
1191