1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "security_guard_risk_analysis_test.h"
16 #include "gmock/gmock.h"
17 #define private public
18 #define protected public
19 #include "risk_analysis_manager_service.h"
20 #include "risk_analysis_manager_stub.h"
21 #undef private
22 #undef protected
23 #include "accesstoken_kit.h"
24 #include "tokenid_kit.h"
25 #include "ipc_skeleton.h"
26 using namespace testing;
27 using namespace testing::ext;
28 using namespace OHOS::Security::SecurityGuard;
29 using namespace OHOS::Security::SecurityGuardTest;
30 namespace OHOS {
31 std::shared_ptr<Security::AccessToken::MockTokenIdKitInterface>
32 Security::AccessToken::TokenIdKit::instance_ = nullptr;
33 std::mutex Security::AccessToken::TokenIdKit::mutex_ {};
34 std::shared_ptr<Security::AccessToken::MockAccessTokenKitInterface>
35 Security::AccessToken::AccessTokenKit::instance_ = nullptr;
36 std::mutex Security::AccessToken::AccessTokenKit::mutex_ {};
37
38 class MockRemoteObject final : public IRemoteObject {
39 public:
MockRemoteObject()40 MockRemoteObject() : IRemoteObject(u"")
41 {
42 }
GetObjectRefCount()43 int32_t GetObjectRefCount() { return 0; };
SendRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)44 int SendRequest(uint32_t code, MessageParcel &data, MessageParcel &reply, MessageOption &option) { return 0; };
AddDeathRecipient(const sptr<DeathRecipient> & recipient)45 bool AddDeathRecipient(const sptr<DeathRecipient> &recipient) { return true; };
RemoveDeathRecipient(const sptr<DeathRecipient> & recipient)46 bool RemoveDeathRecipient(const sptr<DeathRecipient> &recipient) { return true; };
Dump(int fd,const std::vector<std::u16string> & args)47 int Dump(int fd, const std::vector<std::u16string> &args) { return 0; };
48 };
49 }
50 namespace OHOS::Security::SecurityGuardTest {
51 RiskAnalysisManagerService riskAnalysisManagerService(RISK_ANALYSIS_MANAGER_SA_ID, true);
SetUpTestCase()52 void SecurityGuardRiskAnalysisTest::SetUpTestCase()
53 {
54 }
TearDownTestCase()55 void SecurityGuardRiskAnalysisTest::TearDownTestCase()
56 {
57 AccessToken::AccessTokenKit::DelInterface();
58 AccessToken::TokenIdKit::DelInterface();
59 }
SetUp()60 void SecurityGuardRiskAnalysisTest::SetUp()
61 {
62 }
TearDown()63 void SecurityGuardRiskAnalysisTest::TearDown()
64 {
65 }
66
67 HWTEST_F(SecurityGuardRiskAnalysisTest, IsApiHasPermission_ApiNotInMap, TestSize.Level1) {
68 std::string api = "apiNotInMap";
69 EXPECT_EQ(riskAnalysisManagerService.IsApiHasPermission(api), 1);
70 }
71
72 HWTEST_F(SecurityGuardRiskAnalysisTest, IsApiHasPermission_CallerNoPermission, TestSize.Level1) {
73 const std::string api = "RequestSecurityModelResult";
74 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), VerifyAccessToken)
75 .WillRepeatedly(Return(AccessToken::PermissionState::PERMISSION_GRANTED));
76 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), GetTokenType)
77 .WillRepeatedly(Return(AccessToken::TypeATokenTypeEnum::TOKEN_HAP));
78 int32_t result = riskAnalysisManagerService.IsApiHasPermission(api);
79 EXPECT_EQ(result, NO_SYSTEMCALL);
80 }
81
82 HWTEST_F(SecurityGuardRiskAnalysisTest, IsApiHasPermission_NotSystemAppNoPermission, TestSize.Level1) {
83 const std::string api = "RequestSecurityModelResult";
84 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), VerifyAccessToken)
85 .WillRepeatedly(Return(AccessToken::PermissionState::PERMISSION_GRANTED));
86 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), GetTokenType)
87 .WillRepeatedly(Return(AccessToken::TypeATokenTypeEnum::TOKEN_NATIVE));
88 int32_t result = riskAnalysisManagerService.IsApiHasPermission(api);
89 EXPECT_EQ(result, SUCCESS);
90 }
91
92 HWTEST_F(SecurityGuardRiskAnalysisTest, IsApiHasPermission_PermissionDenied, TestSize.Level1) {
93 const std::string api = "RequestSecurityModelResult";
94 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), VerifyAccessToken).WillRepeatedly(
95 Return(AccessToken::PermissionState::PERMISSION_DENIED));
96 int32_t result = riskAnalysisManagerService.IsApiHasPermission(api);
97 EXPECT_EQ(result, 2);
98 }
99
100 HWTEST_F(SecurityGuardRiskAnalysisTest, IsApiHasPermission_Success, TestSize.Level1) {
101 const std::string api = "RequestSecurityModelResult";
102 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), VerifyAccessToken).WillRepeatedly(
103 Return(AccessToken::PermissionState::PERMISSION_GRANTED));
104 int32_t result = riskAnalysisManagerService.IsApiHasPermission(api);
105 EXPECT_EQ(result, 0);
106 }
107
108 HWTEST_F(SecurityGuardRiskAnalysisTest, SetModelState_Success, TestSize.Level1) {
109 uint32_t modelId = 1;
110 bool enable = true;
111 int32_t result = riskAnalysisManagerService.SetModelState(modelId, enable);
112 ASSERT_EQ(result, SUCCESS);
113 }
114
115 HWTEST_F(SecurityGuardRiskAnalysisTest, HandleSetModelState_001, TestSize.Level1)
116 {
117 MessageParcel *data;
118 MessageParcel *reply;
119 data = new MessageParcel();
120 reply = new MessageParcel();
121 data->WriteBool(true);
122 int32_t ret = riskAnalysisManagerService.HandleSetModelState(*data, *reply);
123 ASSERT_EQ(ret, BAD_PARAM);
124 delete data;
125 delete reply;
126 }
127
128 HWTEST_F(SecurityGuardRiskAnalysisTest, HandleSetModelState_002, TestSize.Level1)
129 {
130 MessageParcel *data;
131 MessageParcel *reply;
132 data = new MessageParcel();
133 reply = new MessageParcel();
134 data->WriteUint32(1);
135 data->WriteBool(true);
136 data->WriteUint32(2);
137 int32_t ret = riskAnalysisManagerService.HandleSetModelState(*data, *reply);
138 ASSERT_EQ(ret, SUCCESS);
139 delete data;
140 delete reply;
141 }
142
143 HWTEST_F(SecurityGuardRiskAnalysisTest, HandleGetSecurityModelResult_001, TestSize.Level1)
144 {
145 MessageParcel data;
146 MessageParcel reply;
147 EXPECT_EQ(riskAnalysisManagerService.HandleGetSecurityModelResult(data, reply), BAD_PARAM);
148 }
149
150 HWTEST_F(SecurityGuardRiskAnalysisTest, HandleGetSecurityModelResult_002, TestSize.Level1)
151 {
152 MessageParcel data;
153 data.WriteUint32(1);
154 data.WriteString("param");
155 data.WriteRemoteObject(nullptr);
156 MessageParcel reply;
157 EXPECT_EQ(riskAnalysisManagerService.HandleGetSecurityModelResult(data, reply), BAD_PARAM);
158 }
159
160 HWTEST_F(SecurityGuardRiskAnalysisTest, HandleGetSecurityModelResult_003, TestSize.Level1)
161 {
162 MessageParcel data;
163 data.WriteUint32(1);
164 data.WriteString("param");
165 sptr<IRemoteObject> obj(new (std::nothrow) MockRemoteObject());
166 data.WriteRemoteObject(obj);
167 MessageParcel reply;
168 EXPECT_EQ(riskAnalysisManagerService.HandleGetSecurityModelResult(data, reply),
169 riskAnalysisManagerService.RequestSecurityModelResult("", 1, "param", obj));
170 }
171 }
172