1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "accesstoken_info_manager_test.h"
17
18 #include <fcntl.h>
19 #include <gmock/gmock.h>
20
21 #include "accesstoken_id_manager.h"
22 #include "access_token_error.h"
23 #define private public
24 #include "accesstoken_callback_stubs.h"
25 #include "accesstoken_info_manager.h"
26 #include "accesstoken_remote_token_manager.h"
27 #include "libraryloader.h"
28 #include "token_field_const.h"
29 #ifdef TOKEN_SYNC_ENABLE
30 #include "token_sync_kit_loader.h"
31 #endif
32 #include "permission_manager.h"
33 #include "token_modify_notifier.h"
34 #undef private
35 #include "permission_validator.h"
36 #include "string_ex.h"
37 #include "token_setproc.h"
38
39 using namespace testing::ext;
40 using namespace OHOS;
41
42 namespace OHOS {
43 namespace Security {
44 namespace AccessToken {
45 namespace {
46 static constexpr int32_t DEFAULT_API_VERSION = 8;
47 static constexpr int USER_ID = 100;
48 static constexpr int INST_INDEX = 0;
49 static constexpr int32_t MAX_EXTENDED_MAP_SIZE = 512;
50 static constexpr int32_t MAX_VALUE_LENGTH = 1024;
51 static PermissionDef g_infoManagerTestPermDef1 = {
52 .permissionName = "open the door",
53 .bundleName = "accesstoken_test",
54 .grantMode = 1,
55 .availableLevel = APL_NORMAL,
56 .provisionEnable = false,
57 .distributedSceneEnable = false,
58 .label = "label",
59 .labelId = 1,
60 .description = "open the door",
61 .descriptionId = 1
62 };
63
64 static PermissionDef g_infoManagerTestPermDef2 = {
65 .permissionName = "break the door",
66 .bundleName = "accesstoken_test",
67 .grantMode = 1,
68 .availableLevel = APL_NORMAL,
69 .provisionEnable = false,
70 .distributedSceneEnable = false,
71 .label = "label",
72 .labelId = 1,
73 .description = "break the door",
74 .descriptionId = 1
75 };
76
77 static PermissionStatus g_infoManagerTestState1 = {
78 .permissionName = "open the door",
79 .grantStatus = 1,
80 .grantFlag = 1
81 };
82
83 static PermissionStatus g_infoManagerTestState2 = {
84 .permissionName = "break the door",
85 .grantStatus = 1,
86 .grantFlag = 1
87 };
88
89 static HapInfoParams g_infoManagerTestInfoParms = {
90 .userID = 1,
91 .bundleName = "accesstoken_test",
92 .instIndex = 0,
93 .appIDDesc = "testtesttesttest"
94 };
95
96 static HapPolicy g_infoManagerTestPolicyPrams1 = {
97 .apl = APL_NORMAL,
98 .domain = "test.domain",
99 .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2},
100 .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2}
101 };
102
103 static PermissionStatus g_permState = {
104 .permissionName = "ohos.permission.CAMERA",
105 .grantStatus = PermissionState::PERMISSION_DENIED,
106 .grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG
107 };
108
109 #ifdef TOKEN_SYNC_ENABLE
110 static const int32_t FAKE_SYNC_RET = 0xabcdef;
111 class TokenSyncCallbackMock : public TokenSyncCallbackStub {
112 public:
113 TokenSyncCallbackMock() = default;
114 virtual ~TokenSyncCallbackMock() = default;
115
116 MOCK_METHOD(int32_t, GetRemoteHapTokenInfo, (const std::string&, AccessTokenID), (override));
117 MOCK_METHOD(int32_t, DeleteRemoteHapTokenInfo, (AccessTokenID), (override));
118 MOCK_METHOD(int32_t, UpdateRemoteHapTokenInfo, (const HapTokenInfoForSync&), (override));
119 };
120 #endif
121 }
122
SetUpTestCase()123 void AccessTokenInfoManagerTest::SetUpTestCase()
124 {
125 AccessTokenInfoManager::GetInstance().Init();
126 }
127
TearDownTestCase()128 void AccessTokenInfoManagerTest::TearDownTestCase()
129 {
130 sleep(3); // delay 3 minutes
131 }
132
SetUp()133 void AccessTokenInfoManagerTest::SetUp()
134 {
135 atManagerService_ = DelayedSingleton<AccessTokenManagerService>::GetInstance();
136 EXPECT_NE(nullptr, atManagerService_);
137 }
138
TearDown()139 void AccessTokenInfoManagerTest::TearDown()
140 {
141 atManagerService_ = nullptr;
142 }
143
144 /**
145 * @tc.name: HapTokenInfoInner001
146 * @tc.desc: HapTokenInfoInner::HapTokenInfoInner.
147 * @tc.type: FUNC
148 * @tc.require:
149 */
150 HWTEST_F(AccessTokenInfoManagerTest, HapTokenInfoInner001, TestSize.Level1)
151 {
152 AccessTokenID id = 0x20240112;
153 HapTokenInfo info = {
154 .ver = 1,
155 .userID = 1,
156 .bundleName = "com.ohos.access_token",
157 .instIndex = 1,
158 .tokenID = id,
159 .tokenAttr = 0
160 };
161 std::vector<PermissionStatus> permStateList;
162 std::shared_ptr<HapTokenInfoInner> hap = std::make_shared<HapTokenInfoInner>(id, info, permStateList);
163 ASSERT_EQ(hap->IsRemote(), false);
164 hap->SetRemote(true);
165 std::vector<GenericValues> valueList;
166 hap->StoreHapInfo(valueList, "test", APL_NORMAL);
167
168 hap->StorePermissionPolicy(valueList);
169 ASSERT_EQ(hap->IsRemote(), true);
170 hap->SetRemote(false);
171 int32_t version = hap->GetApiVersion(5608);
172 ASSERT_EQ(static_cast<int32_t>(608), version);
173 }
174
175 /**
176 * @tc.name: CreateHapTokenInfo001
177 * @tc.desc: Verify the CreateHapTokenInfo add one hap token function.
178 * @tc.type: FUNC
179 * @tc.require:
180 */
181 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level1)
182 {
183 AccessTokenIDEx tokenIdEx = {0};
184 int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
185 g_infoManagerTestPolicyPrams1, tokenIdEx);
186 ASSERT_EQ(RET_SUCCESS, ret);
187 GTEST_LOG_(INFO) << "add a hap token";
188
189 std::shared_ptr<HapTokenInfoInner> tokenInfo;
190 tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID);
191 ASSERT_NE(nullptr, tokenInfo);
192 std::string infoDes;
193 tokenInfo->ToString(infoDes);
194 GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str();
195
196 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
197 ASSERT_EQ(RET_SUCCESS, ret);
198 GTEST_LOG_(INFO) << "remove the token info";
199
200 tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID);
201 ASSERT_EQ(nullptr, tokenInfo);
202 }
203
204 /**
205 * @tc.name: CreateHapTokenInfo002
206 * @tc.desc: Verify the CreateHapTokenInfo add one hap token twice function.
207 * @tc.type: FUNC
208 * @tc.require:
209 */
210 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level1)
211 {
212 AccessTokenIDEx tokenIdEx = {0};
213 int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
214 g_infoManagerTestPolicyPrams1, tokenIdEx);
215 ASSERT_EQ(RET_SUCCESS, ret);
216 GTEST_LOG_(INFO) << "add a hap token";
217
218 AccessTokenIDEx tokenIdEx1 = {0};
219 ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
220 g_infoManagerTestPolicyPrams1, tokenIdEx1);
221 ASSERT_EQ(RET_SUCCESS, ret);
222 ASSERT_NE(tokenIdEx.tokenIdExStruct.tokenID, tokenIdEx1.tokenIdExStruct.tokenID);
223 GTEST_LOG_(INFO) << "add same hap token";
224
225 std::shared_ptr<HapTokenInfoInner> tokenInfo;
226 tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx1.tokenIdExStruct.tokenID);
227 ASSERT_NE(nullptr, tokenInfo);
228
229 std::string infoDes;
230 tokenInfo->ToString(infoDes);
231 GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str();
232
233 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx1.tokenIdExStruct.tokenID);
234 ASSERT_EQ(RET_SUCCESS, ret);
235 GTEST_LOG_(INFO) << "remove the token info";
236 }
237
238 /**
239 * @tc.name: CreateHapTokenInfo003
240 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test userID invalid
241 * @tc.type: FUNC
242 * @tc.require:
243 */
244 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo003, TestSize.Level1)
245 {
246 HapInfoParams info = {
247 .userID = -1
248 };
249 HapPolicy policy;
250 AccessTokenIDEx tokenIdEx;
251
252 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx));
253 }
254
255 /**
256 * @tc.name: CreateHapTokenInfo004
257 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test bundleName invalid
258 * @tc.type: FUNC
259 * @tc.require:
260 */
261 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo004, TestSize.Level1)
262 {
263 HapInfoParams info = {
264 .userID = USER_ID,
265 .bundleName = ""
266 };
267 HapPolicy policy;
268 AccessTokenIDEx tokenIdEx;
269
270 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx));
271 }
272
273 /**
274 * @tc.name: CreateHapTokenInfo005
275 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test appIDDesc invalid
276 * @tc.type: FUNC
277 * @tc.require:
278 */
279 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo005, TestSize.Level1)
280 {
281 HapInfoParams info = {
282 .userID = USER_ID,
283 .bundleName = "ohos.com.testtesttest",
284 .appIDDesc = ""
285 };
286 HapPolicy policy;
287 AccessTokenIDEx tokenIdEx;
288
289 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx));
290 }
291
292 /**
293 * @tc.name: CreateHapTokenInfo006
294 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test domain invalid
295 * @tc.type: FUNC
296 * @tc.require:
297 */
298 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo006, TestSize.Level1)
299 {
300 HapInfoParams info = {
301 .userID = USER_ID,
302 .bundleName = "ohos.com.testtesttest",
303 .appIDDesc = "who cares"
304 };
305 HapPolicy policy = {
306 .domain = ""
307 };
308 AccessTokenIDEx tokenIdEx;
309
310 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx));
311 }
312
313 /**
314 * @tc.name: CreateHapTokenInfo007
315 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test dlpType invalid
316 * @tc.type: FUNC
317 * @tc.require:
318 */
319 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo007, TestSize.Level1)
320 {
321 HapInfoParams info = {
322 .userID = USER_ID,
323 .bundleName = "ohos.com.testtesttest",
324 .dlpType = -1,
325 .appIDDesc = "who cares"
326 };
327 HapPolicy policy = {
328 .domain = "who cares"
329 };
330 AccessTokenIDEx tokenIdEx;
331
332 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx));
333 }
334
335 /**
336 * @tc.name: CreateHapTokenInfo008
337 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test grant mode invalid
338 * @tc.type: FUNC
339 * @tc.require:
340 */
341 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo008, TestSize.Level1)
342 {
343 static PermissionDef permDef = {
344 .permissionName = "ohos.permission.test",
345 .bundleName = "accesstoken_test",
346 .grantMode = -1, // -1:invalid grant mode
347 .availableLevel = APL_NORMAL,
348 .provisionEnable = false,
349 .distributedSceneEnable = false,
350 .label = "label",
351 .labelId = 1,
352 .description = "open the door",
353 .descriptionId = 1
354 };
355 HapInfoParams info = {
356 .userID = USER_ID,
357 .bundleName = "ohos.com.testtesttest",
358 .appIDDesc = ""
359 };
360 HapPolicy policy = {
361 .apl = APL_NORMAL,
362 .domain = "test.domain",
363 .permList = {permDef}
364 };
365 AccessTokenIDEx tokenIdEx;
366 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx));
367 }
368
369 /**
370 * @tc.name: InitHapToken001
371 * @tc.desc: InitHapToken function test with invalid userID
372 * @tc.type: FUNC
373 * @tc.require:
374 */
375 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken001, TestSize.Level1)
376 {
377 HapInfoParcel hapinfoParcel;
378 hapinfoParcel.hapInfoParameter = {
379 .userID = -1,
380 .bundleName = "accesstoken_test",
381 .instIndex = 0,
382 .dlpType = DLP_COMMON,
383 .appIDDesc = "testtesttesttest",
384 .apiVersion = DEFAULT_API_VERSION,
385 .isSystemApp = false,
386 };
387 HapPolicyParcel hapPolicyParcel;
388 hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL;
389 hapPolicyParcel.hapPolicy.domain = "test.domain";
390 AccessTokenIDEx tokenIdEx;
391 HapInfoCheckResult result;
392 ASSERT_EQ(ERR_PARAM_INVALID, atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, tokenIdEx, result));
393 }
394
395 /**
396 * @tc.name: InitHapToken002
397 * @tc.desc: InitHapToken function test with invalid userID
398 * @tc.type: FUNC
399 * @tc.require:
400 */
401 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken002, TestSize.Level1)
402 {
403 HapInfoParcel hapinfoParcel;
404 hapinfoParcel.hapInfoParameter = {
405 .userID = -1,
406 .bundleName = "accesstoken_test",
407 .instIndex = 0,
408 .dlpType = DLP_READ,
409 .appIDDesc = "testtesttesttest",
410 .apiVersion = DEFAULT_API_VERSION,
411 .isSystemApp = false,
412 };
413 HapPolicyParcel hapPolicyParcel;
414 hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL;
415 hapPolicyParcel.hapPolicy.domain = "test.domain";
416 AccessTokenIDEx tokenIdEx;
417 HapInfoCheckResult result;
418 ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED,
419 atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, tokenIdEx, result));
420 }
421
422 /**
423 * @tc.name: InitHapToken003
424 * @tc.desc: InitHapToken function test with invalid apl permission
425 * @tc.type: FUNC
426 * @tc.require:
427 */
428 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken003, TestSize.Level1)
429 {
430 HapInfoParcel info;
431 info.hapInfoParameter = {
432 .userID = 0,
433 .bundleName = "accesstoken_test",
434 .instIndex = 0,
435 .dlpType = DLP_COMMON,
436 .appIDDesc = "testtesttesttest",
437 .apiVersion = DEFAULT_API_VERSION,
438 .isSystemApp = false,
439 };
440 HapPolicyParcel policy;
441 PermissionStatus permissionStateA = {
442 .permissionName = "ohos.permission.GET_ALL_APP_ACCOUNTS",
443 .grantStatus = 1,
444 .grantFlag = 1
445 };
446 PermissionStatus permissionStateB = {
447 .permissionName = "ohos.permission.test",
448 .grantStatus = 1,
449 .grantFlag = 1
450 };
451 policy.hapPolicy = {
452 .apl = APL_NORMAL,
453 .domain = "test",
454 .permList = {},
455 .permStateList = { permissionStateA, permissionStateB }
456 };
457 AccessTokenIDEx fullTokenId = {0};
458 HapInfoCheckResult result;
459
460 ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
461 ASSERT_EQ(result.permCheckResult.permissionName, "ohos.permission.GET_ALL_APP_ACCOUNTS");
462 ASSERT_EQ(result.permCheckResult.rule, PERMISSION_ACL_RULE);
463 permissionStateA.permissionName = "ohos.permission.ENTERPRISE_MANAGE_SETTINGS";
464 policy.hapPolicy.aclRequestedList = { "ohos.permission.ENTERPRISE_MANAGE_SETTINGS" };
465 policy.hapPolicy.permStateList = { permissionStateA, permissionStateB };
466 ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
467 ASSERT_EQ(result.permCheckResult.permissionName, "ohos.permission.ENTERPRISE_MANAGE_SETTINGS");
468 ASSERT_EQ(result.permCheckResult.rule, PERMISSION_EDM_RULE);
469 }
470
GetHapParams(HapInfoParams & infoParams,HapPolicy & policyParams)471 static void GetHapParams(HapInfoParams& infoParams, HapPolicy& policyParams)
472 {
473 infoParams.userID = 0;
474 infoParams.bundleName = "com.ohos.AccessTokenTestBundle";
475 infoParams.instIndex = 0;
476 infoParams.appIDDesc = "AccessTokenTestAppID";
477 infoParams.apiVersion = DEFAULT_API_VERSION;
478 infoParams.isSystemApp = true;
479 infoParams.appDistributionType = "";
480
481 policyParams.apl = APL_SYSTEM_CORE;
482 policyParams.domain = "accesstoken_test_domain";
483 }
484
TestPrepareKernelPermissionStatus(HapPolicy & policyParams)485 void TestPrepareKernelPermissionStatus(HapPolicy& policyParams)
486 {
487 PermissionStatus permissionStatusBasic = {
488 .permissionName = "ohos.permission.test_basic",
489 .grantStatus = PERMISSION_GRANTED,
490 .grantFlag = PERMISSION_SYSTEM_FIXED,
491 };
492
493 PermissionStatus PermissionStatus001 = permissionStatusBasic;
494 PermissionStatus001.permissionName = "ohos.permission.KERNEL_ATM_SELF_USE";
495 PermissionStatus PermissionStatus002 = permissionStatusBasic;
496 PermissionStatus002.permissionName = "ohos.permission.MICROPHONE";
497 PermissionStatus PermissionStatus003 = permissionStatusBasic;
498 PermissionStatus003.permissionName = "ohos.permission.CAMERA";
499 policyParams.permStateList = {PermissionStatus001, PermissionStatus002, PermissionStatus003};
500 policyParams.aclExtendedMap["ohos.permission.KERNEL_ATM_SELF_USE"] = "123";
501 policyParams.aclExtendedMap["ohos.permission.MICROPHONE"] = "456"; // filtered
502 policyParams.aclExtendedMap["ohos.permission.CAMERA"] = "789"; // filtered
503 }
504
505 /**
506 * @tc.name: InitHapToken004
507 * @tc.desc: aclExtendedMap size test
508 * @tc.type: FUNC
509 * @tc.require:
510 */
511 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken004, TestSize.Level1)
512 {
513 HapInfoParcel info;
514 HapPolicyParcel policy;
515 GetHapParams(info.hapInfoParameter, policy.hapPolicy);
516
517 AccessTokenIDEx fullTokenId;
518 HapInfoCheckResult result;
519 int32_t ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
520 ASSERT_EQ(RET_SUCCESS, ret);
521
522 for (size_t i = 0; i < MAX_EXTENDED_MAP_SIZE - 1; i++) {
523 policy.hapPolicy.aclExtendedMap[std::to_string(i)] = std::to_string(i);
524 }
525 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
526 ASSERT_EQ(RET_SUCCESS, ret);
527
528 policy.hapPolicy.aclExtendedMap[std::to_string(MAX_EXTENDED_MAP_SIZE - 1)] =
529 std::to_string(MAX_EXTENDED_MAP_SIZE - 1);
530 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
531 ASSERT_EQ(RET_SUCCESS, ret);
532
533 policy.hapPolicy.aclExtendedMap[std::to_string(MAX_EXTENDED_MAP_SIZE)] =
534 std::to_string(MAX_EXTENDED_MAP_SIZE);
535 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
536 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
537 AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
538 ret = atManagerService_->DeleteToken(tokenID);
539 EXPECT_EQ(RET_SUCCESS, ret);
540 }
541
542 /**
543 * @tc.name: InitHapToken005
544 * @tc.desc: aclExtendedMap size test
545 * @tc.type: FUNC
546 * @tc.require:
547 */
548 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken005, TestSize.Level1)
549 {
550 HapInfoParcel info;
551 HapPolicyParcel policy;
552 GetHapParams(info.hapInfoParameter, policy.hapPolicy);
553
554 AccessTokenIDEx fullTokenId;
555 HapInfoCheckResult result;
556 policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = "";
557 int32_t ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
558 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
559
560 std::string testValue(MAX_VALUE_LENGTH - 1, '1');
561 policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue;
562 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
563 ASSERT_EQ(RET_SUCCESS, ret);
564
565 testValue.push_back('1');
566 policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue;
567 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
568 ASSERT_EQ(RET_SUCCESS, ret);
569
570 testValue.push_back('1');
571 policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue;
572 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
573 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
574 AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
575
576 ret = atManagerService_->DeleteToken(tokenID);
577 EXPECT_EQ(RET_SUCCESS, ret);
578 }
579
580 /**
581 * @tc.name: InitHapToken006
582 * @tc.desc: InitHapToken permission with value
583 * @tc.type: FUNC
584 * @tc.require:
585 */
586 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken006, TestSize.Level1)
587 {
588 HapInfoParcel info;
589 HapPolicyParcel policy;
590 GetHapParams(info.hapInfoParameter, policy.hapPolicy);
591 AccessTokenIDEx fullTokenId;
592 HapInfoCheckResult result;
593
594 TestPrepareKernelPermissionStatus(policy.hapPolicy);
595 ASSERT_EQ(RET_SUCCESS, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
596 AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
597
598 std::vector<PermissionWithValue> kernelPermList;
599 EXPECT_EQ(RET_SUCCESS, atManagerService_->GetKernelPermissions(tokenID, kernelPermList));
600 EXPECT_EQ(1, kernelPermList.size());
601
602 std::string value;
603 EXPECT_EQ(RET_SUCCESS, atManagerService_->GetReqPermissionByName(
604 tokenID, "ohos.permission.KERNEL_ATM_SELF_USE", value));
605 EXPECT_EQ("123", value);
606
607 EXPECT_EQ(AccessTokenError::ERR_PERMISSION_WITHOUT_VALUE, atManagerService_->GetReqPermissionByName(
608 tokenID, "ohos.permission.MICROPHONE", value));
609 EXPECT_EQ(AccessTokenError::ERR_PERMISSION_WITHOUT_VALUE, atManagerService_->GetReqPermissionByName(
610 tokenID, "ohos.permission.CAMERA", value));
611
612 ASSERT_EQ(RET_SUCCESS, atManagerService_->DeleteToken(tokenID));
613 }
614
615 /**
616 * @tc.name: IsTokenIdExist001
617 * @tc.desc: Verify the IsTokenIdExist exist accesstokenid.
618 * @tc.type: FUNC
619 * @tc.require:
620 */
621 HWTEST_F(AccessTokenInfoManagerTest, IsTokenIdExist001, TestSize.Level1)
622 {
623 AccessTokenID testId = 1;
624 ASSERT_EQ(AccessTokenInfoManager::GetInstance().IsTokenIdExist(testId), false);
625 }
626
627 /**
628 * @tc.name: GetHapTokenInfo001
629 * @tc.desc: Verify the GetHapTokenInfo abnormal and normal branch.
630 * @tc.type: FUNC
631 * @tc.require:
632 */
633 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfo001, TestSize.Level1)
634 {
635 AccessTokenIDEx tokenIdEx = {0};
636 int result;
637 HapTokenInfo hapInfo;
638 result = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapInfo);
639 ASSERT_EQ(result, ERR_TOKENID_NOT_EXIST);
640
641 result = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
642 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx);
643 ASSERT_EQ(RET_SUCCESS, result);
644 GTEST_LOG_(INFO) << "add a hap token";
645 result = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapInfo);
646 ASSERT_EQ(result, RET_SUCCESS);
647 result = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
648 ASSERT_EQ(RET_SUCCESS, result);
649 GTEST_LOG_(INFO) << "remove the token info";
650 }
651
652 /**
653 * @tc.name: RemoveHapTokenInfo001
654 * @tc.desc: Verify the RemoveHapTokenInfo abnormal branch tokenID type is not true.
655 * @tc.type: FUNC
656 * @tc.require:
657 */
658 HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level1)
659 {
660 AccessTokenIDEx tokenIdEx = {0};
661 // type != TOKEN_HAP
662 ASSERT_EQ(
663 ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID));
664
665 AccessTokenID tokenId = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
666 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP));
667 // hapTokenInfoMap_.count(id) == 0
668 ASSERT_EQ(ERR_TOKENID_NOT_EXIST, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
669
670 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP));
671 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = nullptr;
672 ASSERT_EQ(ERR_TOKEN_INVALID, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId)); // info == nullptr
673 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId);
674
675 std::shared_ptr<HapTokenInfoInner> info = std::make_shared<HapTokenInfoInner>();
676 info->tokenInfoBasic_.userID = USER_ID;
677 info->tokenInfoBasic_.bundleName = "com.ohos.TEST";
678 info->tokenInfoBasic_.instIndex = INST_INDEX;
679 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = info;
680 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP));
681 // count(HapUniqueKey) == 0
682 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
683
684 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP)); // removed above
685 AccessTokenID tokenId2 = 537919486; // 537919486: 001 00 0 000000 11111111111111111110
686 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = info;
687 std::string hapUniqueKey = "com.ohos.TEST&" + std::to_string(USER_ID) + "&" + std::to_string(INST_INDEX);
688 AccessTokenInfoManager::GetInstance().hapTokenIdMap_[hapUniqueKey] = tokenId2;
689 // hapTokenIdMap_[HapUniqueKey] != id
690 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
691 AccessTokenInfoManager::GetInstance().hapTokenIdMap_.erase(hapUniqueKey);
692 }
693
694 /**
695 * @tc.name: GetHapTokenID001
696 * @tc.desc: Verify the GetHapTokenID by userID/bundleName/instIndex, function.
697 * @tc.type: FUNC
698 * @tc.require:
699 */
700 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID001, TestSize.Level1)
701 {
702 AccessTokenIDEx tokenIdEx = {0};
703 int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
704 g_infoManagerTestPolicyPrams1, tokenIdEx);
705 ASSERT_EQ(RET_SUCCESS, ret);
706 GTEST_LOG_(INFO) << "add a hap token";
707
708 tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(g_infoManagerTestInfoParms.userID,
709 g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex);
710 AccessTokenID getTokenId = tokenIdEx.tokenIdExStruct.tokenID;
711 ASSERT_EQ(tokenIdEx.tokenIdExStruct.tokenID, getTokenId);
712 GTEST_LOG_(INFO) << "find hap info";
713
714 std::shared_ptr<HapTokenInfoInner> tokenInfo;
715 tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID);
716 ASSERT_NE(nullptr, tokenInfo);
717 GTEST_LOG_(INFO) << "remove the token info";
718
719 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
720 ASSERT_EQ(RET_SUCCESS, ret);
721 GTEST_LOG_(INFO) << "remove the token info";
722 }
723
724 /**
725 * @tc.name: UpdateHapToken001
726 * @tc.desc: Verify the UpdateHapToken token function.
727 * @tc.type: FUNC
728 * @tc.require:
729 */
730 HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1)
731 {
732 AccessTokenIDEx tokenIdEx = {0};
733 int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
734 g_infoManagerTestPolicyPrams1, tokenIdEx);
735 ASSERT_EQ(RET_SUCCESS, ret);
736 GTEST_LOG_(INFO) << "add a hap token";
737
738 HapPolicy policy = g_infoManagerTestPolicyPrams1;
739 policy.apl = APL_SYSTEM_BASIC;
740 UpdateHapInfoParams info;
741 info.appIDDesc = std::string("updateAppId");
742 info.apiVersion = DEFAULT_API_VERSION;
743 info.isSystemApp = false;
744 ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(
745 tokenIdEx, info, policy.permStateList, policy);
746 ASSERT_EQ(RET_SUCCESS, ret);
747 GTEST_LOG_(INFO) << "update the hap token";
748
749 std::shared_ptr<HapTokenInfoInner> tokenInfo;
750 tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID);
751 ASSERT_NE(nullptr, tokenInfo);
752 std::string infoDes;
753 tokenInfo->ToString(infoDes);
754 GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str();
755
756 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
757 ASSERT_EQ(RET_SUCCESS, ret);
758 GTEST_LOG_(INFO) << "remove the token info";
759 }
760
761 /**
762 * @tc.name: UpdateHapToken002
763 * @tc.desc: Verify the UpdateHapToken token function abnormal branch.
764 * @tc.type: FUNC
765 * @tc.require:
766 */
767 HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level1)
768 {
769 AccessTokenIDEx tokenIdEx = {0};
770 HapPolicy policy = g_infoManagerTestPolicyPrams1;
771 policy.apl = APL_SYSTEM_BASIC;
772 UpdateHapInfoParams info;
773 info.appIDDesc = std::string("");
774 info.apiVersion = DEFAULT_API_VERSION;
775 info.isSystemApp = false;
776 int ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(
777 tokenIdEx, info, policy.permStateList, policy);
778 ASSERT_EQ(ERR_PARAM_INVALID, ret);
779
780 info.appIDDesc = std::string("updateAppId");
781 ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(
782 tokenIdEx, info, policy.permStateList, policy);
783 ASSERT_EQ(ERR_TOKENID_NOT_EXIST, ret);
784 }
785
786 /**
787 * @tc.name: UpdateHapToken003
788 * @tc.desc: AccessTokenInfoManager::UpdateHapToken function test IsRemote_ true
789 * @tc.type: FUNC
790 * @tc.require:
791 */
792 HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level1)
793 {
794 AccessTokenID tokenId = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
795 AccessTokenIDEx tokenIdEx = {0};
796 tokenIdEx.tokenIdExStruct.tokenID = tokenId;
797 std::shared_ptr<HapTokenInfoInner> info = std::make_shared<HapTokenInfoInner>();
798 info->isRemote_ = true;
799 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = info;
800 HapPolicy policy;
801 UpdateHapInfoParams hapInfoParams;
802 hapInfoParams.appIDDesc = "who cares";
803 hapInfoParams.apiVersion = DEFAULT_API_VERSION;
804 hapInfoParams.isSystemApp = false;
805 ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, AccessTokenInfoManager::GetInstance().UpdateHapToken(
806 tokenIdEx, hapInfoParams, policy.permStateList, policy));
807 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId);
808 }
809
810 /**
811 * @tc.name: UpdateHapToken004
812 * @tc.desc: UpdateHapToken permission with value
813 * @tc.type: FUNC
814 * @tc.require:
815 */
816 HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken004, TestSize.Level1)
817 {
818 HapInfoParcel info;
819 HapPolicyParcel policy;
820 GetHapParams(info.hapInfoParameter, policy.hapPolicy);
821 AccessTokenIDEx fullTokenId;
822 HapInfoCheckResult result;
823
824 TestPrepareKernelPermissionStatus(policy.hapPolicy);
825 ASSERT_EQ(RET_SUCCESS, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
826 AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID;
827
828 policy.hapPolicy.aclExtendedMap["ohos.permission.KERNEL_ATM_SELF_USE"] = "1"; // modified value
829 UpdateHapInfoParams updateInfoParams = {
830 .appIDDesc = "AccessTokenTestAppID",
831 .apiVersion = DEFAULT_API_VERSION,
832 .isSystemApp = true,
833 .appDistributionType = "",
834 };
835 EXPECT_EQ(RET_SUCCESS, atManagerService_->UpdateHapToken(fullTokenId, updateInfoParams, policy, result));
836
837 std::vector<PermissionWithValue> kernelPermList;
838 EXPECT_EQ(RET_SUCCESS, atManagerService_->GetKernelPermissions(tokenID, kernelPermList));
839 EXPECT_EQ(1, kernelPermList.size());
840
841 std::string value;
842 EXPECT_EQ(RET_SUCCESS, atManagerService_->GetReqPermissionByName(
843 tokenID, "ohos.permission.KERNEL_ATM_SELF_USE", value));
844 EXPECT_EQ("1", value);
845
846 EXPECT_EQ(AccessTokenError::ERR_PERMISSION_WITHOUT_VALUE, atManagerService_->GetReqPermissionByName(
847 tokenID, "ohos.permission.MICROPHONE", value));
848 EXPECT_EQ(AccessTokenError::ERR_PERMISSION_WITHOUT_VALUE, atManagerService_->GetReqPermissionByName(
849 tokenID, "ohos.permission.CAMERA", value));
850
851 ASSERT_EQ(RET_SUCCESS, atManagerService_->DeleteToken(tokenID));
852 }
853
854
855 #ifdef TOKEN_SYNC_ENABLE
856 /**
857 * @tc.name: GetHapTokenSync001
858 * @tc.desc: Verify the GetHapTokenSync token function and abnormal branch.
859 * @tc.type: FUNC
860 * @tc.require:
861 */
862 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync001, TestSize.Level1)
863 {
864 AccessTokenIDEx tokenIdEx = {0};
865 int result;
866 result = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
867 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx);
868 ASSERT_EQ(RET_SUCCESS, result);
869 GTEST_LOG_(INFO) << "add a hap token";
870
871 HapTokenInfoForSync hapSync;
872 result = AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
873 ASSERT_EQ(result, RET_SUCCESS);
874
875 result = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
876 ASSERT_EQ(RET_SUCCESS, result);
877 GTEST_LOG_(INFO) << "remove the token info";
878
879 result = AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
880 ASSERT_NE(result, RET_SUCCESS);
881 }
882
883 /**
884 * @tc.name: GetHapTokenSync002
885 * @tc.desc: AccessTokenInfoManager::GetHapTokenSync function test permSetPtr is null
886 * @tc.type: FUNC
887 * @tc.require:
888 */
889 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync002, TestSize.Level1)
890 {
891 AccessTokenID tokenId = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
892 std::shared_ptr<HapTokenInfoInner> info = std::make_shared<HapTokenInfoInner>();
893 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = info;
894 HapTokenInfoForSync hapSync;
895 ASSERT_NE(0, AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenId, hapSync));
896 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId);
897 }
898
899 /**
900 * @tc.name: GetHapTokenInfoFromRemote001
901 * @tc.desc: Verify the GetHapTokenInfoFromRemote token function .
902 * @tc.type: FUNC
903 * @tc.require:
904 */
905 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
906 {
907 AccessTokenIDEx tokenIdEx = {0};
908 int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
909 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx);
910 ASSERT_EQ(RET_SUCCESS, ret);
911 GTEST_LOG_(INFO) << "add a hap token";
912
913 HapTokenInfoForSync hapSync;
914 ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
915 ASSERT_EQ(ret, RET_SUCCESS);
916
917 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
918 ASSERT_EQ(RET_SUCCESS, ret);
919 GTEST_LOG_(INFO) << "remove the token info";
920 }
921
922 /**
923 * @tc.name: RemoteHapTest001001
924 * @tc.desc: Verify the RemoteHap token function .
925 * @tc.type: FUNC
926 * @tc.require: issueI5RJBB
927 */
928 HWTEST_F(AccessTokenInfoManagerTest, RemoteHapTest001, TestSize.Level1)
929 {
930 AccessTokenIDEx tokenIdEx = {0};
931 int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
932 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx);
933 ASSERT_EQ(RET_SUCCESS, ret);
934 GTEST_LOG_(INFO) << "add a hap token";
935
936 std::string deviceId = "device_1";
937 std::string deviceId2 = "device_2";
938 AccessTokenID mapID =
939 AccessTokenInfoManager::GetInstance().AllocLocalTokenID(deviceId, tokenIdEx.tokenIdExStruct.tokenID);
940 ASSERT_EQ(mapID, 0);
941 HapTokenInfoForSync hapSync;
942 ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
943 ASSERT_EQ(RET_SUCCESS, ret);
944 ret = AccessTokenInfoManager::GetInstance().SetRemoteHapTokenInfo(deviceId, hapSync);
945 ASSERT_EQ(RET_SUCCESS, ret);
946 ret = AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceId);
947 ASSERT_EQ(RET_SUCCESS, ret);
948 ret = AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceId2);
949 ASSERT_EQ(ERR_DEVICE_NOT_EXIST, ret);
950
951 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
952 ASSERT_EQ(RET_SUCCESS, ret);
953 GTEST_LOG_(INFO) << "remove the token info";
954 }
955
956 /**
957 * @tc.name: DeleteRemoteToken001
958 * @tc.desc: Verify the DeleteRemoteToken normal and abnormal branch.
959 * @tc.type: FUNC
960 * @tc.require: issueI5RJBB
961 */
962 HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken001, TestSize.Level1)
963 {
964 AccessTokenIDEx tokenIdEx = {0};
965 int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
966 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx);
967 ASSERT_EQ(RET_SUCCESS, ret);
968 GTEST_LOG_(INFO) << "add a hap token";
969
970 std::string deviceId = "device_1";
971 std::string deviceId2 = "device_2";
972 AccessTokenID mapId =
973 AccessTokenInfoManager::GetInstance().AllocLocalTokenID(deviceId, tokenIdEx.tokenIdExStruct.tokenID);
974 ASSERT_EQ(mapId == 0, true);
975 HapTokenInfoForSync hapSync;
976 ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
977 ASSERT_EQ(RET_SUCCESS, ret);
978 ret = AccessTokenInfoManager::GetInstance().SetRemoteHapTokenInfo(deviceId, hapSync);
979 ASSERT_EQ(RET_SUCCESS, ret);
980 ret = AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceId, tokenIdEx.tokenIdExStruct.tokenID);
981 ASSERT_EQ(RET_SUCCESS, ret);
982 ret = AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceId2, tokenIdEx.tokenIdExStruct.tokenID);
983 ASSERT_NE(RET_SUCCESS, ret);
984
985 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
986 ASSERT_EQ(RET_SUCCESS, ret);
987 GTEST_LOG_(INFO) << "remove the token info";
988 }
989
SetRemoteHapTokenInfoTest(const std::string & deviceID,const HapTokenInfo & baseInfo)990 static bool SetRemoteHapTokenInfoTest(const std::string& deviceID, const HapTokenInfo& baseInfo)
991 {
992 std::vector<PermissionStatus> permStateList;
993 permStateList.emplace_back(g_infoManagerTestState1);
994 HapTokenInfoForSync remoteTokenInfo = {
995 .baseInfo = baseInfo,
996 .permStateList = permStateList
997 };
998
999 return RET_SUCCESS == AccessTokenInfoManager::GetInstance().SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
1000 }
1001
1002 /**
1003 * @tc.name: SetRemoteHapTokenInfo001
1004 * @tc.desc: set remote hap token info, token info is wrong
1005 * @tc.type: FUNC
1006 * @tc.require: issue5RJBB
1007 */
1008 HWTEST_F(AccessTokenInfoManagerTest, SetRemoteHapTokenInfo001, TestSize.Level1)
1009 {
1010 std::string deviceID = "deviceId";
1011 HapTokenInfo rightBaseInfo = {
1012 .ver = 1,
1013 .userID = 1,
1014 .bundleName = "com.ohos.access_token",
1015 .instIndex = 1,
1016 .tokenID = 0x20100000,
1017 .tokenAttr = 0
1018 };
1019 HapTokenInfo wrongBaseInfo = rightBaseInfo;
1020 std::string wrongStr(10241, 'x');
1021
1022 EXPECT_EQ(false, SetRemoteHapTokenInfoTest("", wrongBaseInfo));
1023
1024 wrongBaseInfo = rightBaseInfo;
1025 wrongBaseInfo.userID = -1; // wrong userID
1026 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1027
1028 wrongBaseInfo = rightBaseInfo;
1029 wrongBaseInfo.bundleName = wrongStr; // wrong bundleName
1030 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1031
1032 wrongBaseInfo = rightBaseInfo;
1033 wrongBaseInfo.tokenID = 0; // wrong tokenID
1034 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1035
1036 wrongBaseInfo = rightBaseInfo;
1037 wrongBaseInfo.dlpType = (HapDlpType)11; // wrong dlpType
1038 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1039
1040 wrongBaseInfo = rightBaseInfo;
1041 wrongBaseInfo.ver = 2; // 2: wrong version
1042 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1043
1044 wrongBaseInfo = rightBaseInfo;
1045 wrongBaseInfo.tokenID = AccessTokenInfoManager::GetInstance().GetNativeTokenId("hdcd");
1046 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1047 }
1048
1049 /**
1050 * @tc.name: ClearUserGrantedPermissionState001
1051 * @tc.desc: AccessTokenInfoManagerTest::ClearUserGrantedPermissionState function test
1052 * @tc.type: FUNC
1053 * @tc.require:
1054 */
1055 HWTEST_F(AccessTokenInfoManagerTest, ClearUserGrantedPermissionState001, TestSize.Level1)
1056 {
1057 AccessTokenID tokenId = 123; // 123 is random input
1058
1059 std::shared_ptr<HapTokenInfoInner> hap = std::make_shared<HapTokenInfoInner>();
1060 ASSERT_NE(nullptr, hap);
1061 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = hap;
1062
1063 AccessTokenInfoManager::GetInstance().ClearUserGrantedPermissionState(tokenId); // permPolicySet is null
1064
1065 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId);
1066 }
1067
1068 /**
1069 * @tc.name: NotifyTokenSyncTask001
1070 * @tc.desc: TokenModifyNotifier::NotifyTokenSyncTask function test
1071 * @tc.type: FUNC
1072 * @tc.require:
1073 */
1074 HWTEST_F(AccessTokenInfoManagerTest, NotifyTokenSyncTask001, TestSize.Level1)
1075 {
1076 std::vector<AccessTokenID> modifiedTokenList = TokenModifyNotifier::GetInstance().modifiedTokenList_; // backup
1077 TokenModifyNotifier::GetInstance().modifiedTokenList_.clear();
1078
1079 AccessTokenID tokenId = 123; // 123 is random input
1080
1081 TokenModifyNotifier::GetInstance().modifiedTokenList_.emplace_back(tokenId);
1082 ASSERT_EQ(true, TokenModifyNotifier::GetInstance().modifiedTokenList_.size() > 0);
1083 TokenModifyNotifier::GetInstance().NotifyTokenSyncTask();
1084
1085 TokenModifyNotifier::GetInstance().modifiedTokenList_ = modifiedTokenList; // recovery
1086 }
1087
1088 /**
1089 * @tc.name: RegisterTokenSyncCallback001
1090 * @tc.desc: TokenModifyNotifier::RegisterTokenSyncCallback function test
1091 * @tc.type: FUNC
1092 * @tc.require:
1093 */
1094 HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Level1)
1095 {
1096 setuid(3020);
1097 sptr<TokenSyncCallbackMock> callback = new (std::nothrow) TokenSyncCallbackMock();
1098 ASSERT_NE(nullptr, callback);
1099 EXPECT_EQ(RET_SUCCESS,
1100 atManagerService_->RegisterTokenSyncCallback(callback->AsObject()));
1101 EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_);
1102 EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackDeathRecipient_);
1103
1104 EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_)).WillOnce(testing::Return(FAKE_SYNC_RET));
1105 EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_->GetRemoteHapTokenInfo("", 0));
1106
1107 EXPECT_CALL(*callback, DeleteRemoteHapTokenInfo(testing::_)).WillOnce(testing::Return(FAKE_SYNC_RET));
1108 EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_->DeleteRemoteHapTokenInfo(0));
1109
1110 HapTokenInfoForSync tokenInfo;
1111 EXPECT_CALL(*callback, UpdateRemoteHapTokenInfo(testing::_)).WillOnce(testing::Return(FAKE_SYNC_RET));
1112 EXPECT_EQ(FAKE_SYNC_RET,
1113 TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_->UpdateRemoteHapTokenInfo(tokenInfo));
1114 EXPECT_EQ(RET_SUCCESS,
1115 atManagerService_->UnRegisterTokenSyncCallback());
1116 EXPECT_EQ(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_);
1117 EXPECT_EQ(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackDeathRecipient_);
1118 setuid(0);
1119 }
1120
1121 /**
1122 * @tc.name: RegisterTokenSyncCallback002
1123 * @tc.desc: TokenModifyNotifier::RegisterTokenSyncCallback function test
1124 * @tc.type: FUNC
1125 * @tc.require:
1126 */
1127 HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Level1)
1128 {
1129 setuid(3020);
1130 sptr<TokenSyncCallbackMock> callback = new (std::nothrow) TokenSyncCallbackMock();
1131 ASSERT_NE(nullptr, callback);
1132 EXPECT_EQ(RET_SUCCESS,
1133 atManagerService_->RegisterTokenSyncCallback(callback->AsObject()));
1134 EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_);
1135 EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_))
1136 .WillOnce(testing::Return(FAKE_SYNC_RET));
1137 EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance().GetRemoteHapTokenInfo("", 0));
1138
1139 std::vector<AccessTokenID> modifiedTokenList =
1140 TokenModifyNotifier::GetInstance().modifiedTokenList_; // backup
1141 std::vector<AccessTokenID> deleteTokenList = TokenModifyNotifier::GetInstance().deleteTokenList_;
1142 TokenModifyNotifier::GetInstance().modifiedTokenList_.clear();
1143 TokenModifyNotifier::GetInstance().deleteTokenList_.clear();
1144
1145 // add a hap token
1146 AccessTokenIDEx tokenIdEx = {123};
1147 int32_t result = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
1148 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx);
1149 EXPECT_EQ(RET_SUCCESS, result);
1150
1151 HapTokenInfoForSync hapSync;
1152 result = AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
1153 ASSERT_EQ(result, RET_SUCCESS);
1154 TokenModifyNotifier::GetInstance().modifiedTokenList_.emplace_back(tokenIdEx.tokenIdExStruct.tokenID);
1155 ASSERT_EQ(true, TokenModifyNotifier::GetInstance().modifiedTokenList_.size() > 0);
1156 TokenModifyNotifier::GetInstance().deleteTokenList_.clear();
1157
1158 EXPECT_CALL(*callback, UpdateRemoteHapTokenInfo(testing::_)) // 0 is a test ret
1159 .WillOnce(testing::Return(0));
1160 TokenModifyNotifier::GetInstance().NotifyTokenSyncTask();
1161
1162 TokenModifyNotifier::GetInstance().deleteTokenList_.emplace_back(tokenIdEx.tokenIdExStruct.tokenID);
1163 ASSERT_EQ(true, TokenModifyNotifier::GetInstance().deleteTokenList_.size() > 0);
1164 EXPECT_CALL(*callback, DeleteRemoteHapTokenInfo(testing::_)) // 0 is a test ret
1165 .WillOnce(testing::Return(0));
1166 TokenModifyNotifier::GetInstance().NotifyTokenSyncTask();
1167
1168 TokenModifyNotifier::GetInstance().modifiedTokenList_ = modifiedTokenList; // recovery
1169 TokenModifyNotifier::GetInstance().deleteTokenList_ = deleteTokenList;
1170 EXPECT_EQ(RET_SUCCESS,
1171 atManagerService_->UnRegisterTokenSyncCallback());
1172 setuid(0);
1173 }
1174
1175 /**
1176 * @tc.name: GetRemoteHapTokenInfo001
1177 * @tc.desc: TokenModifyNotifier::GetRemoteHapTokenInfo function test
1178 * @tc.type: FUNC
1179 * @tc.require:
1180 */
1181 HWTEST_F(AccessTokenInfoManagerTest, GetRemoteHapTokenInfo001, TestSize.Level1)
1182 {
1183 setuid(3020);
1184 sptr<TokenSyncCallbackMock> callback = new (std::nothrow) TokenSyncCallbackMock();
1185 ASSERT_NE(nullptr, callback);
1186 EXPECT_EQ(RET_SUCCESS, atManagerService_->RegisterTokenSyncCallback(callback->AsObject()));
1187 EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_))
1188 .WillOnce(testing::Return(FAKE_SYNC_RET));
1189 EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance()
1190 .GetRemoteHapTokenInfo("invalid_id", 0)); // this is a test input
1191
1192 EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_))
1193 .WillOnce(testing::Return(TOKEN_SYNC_OPENSOURCE_DEVICE));
1194 EXPECT_EQ(TOKEN_SYNC_IPC_ERROR, TokenModifyNotifier::GetInstance()
1195 .GetRemoteHapTokenInfo("invalid_id", 0)); // this is a test input
1196 EXPECT_EQ(RET_SUCCESS,
1197 atManagerService_->UnRegisterTokenSyncCallback());
1198 setuid(0);
1199 }
1200
1201 /**
1202 * @tc.name: UpdateRemoteHapTokenInfo001
1203 * @tc.desc: AccessTokenInfoManager::UpdateRemoteHapTokenInfo function test
1204 * @tc.type: FUNC
1205 * @tc.require:
1206 */
1207 HWTEST_F(AccessTokenInfoManagerTest, UpdateRemoteHapTokenInfo001, TestSize.Level1)
1208 {
1209 AccessTokenID mapID = 0;
1210 HapTokenInfoForSync hapSync;
1211
1212 // infoPtr is null
1213 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().UpdateRemoteHapTokenInfo(mapID, hapSync));
1214
1215 mapID = 123; // 123 is random input
1216 std::shared_ptr<HapTokenInfoInner> info = std::make_shared<HapTokenInfoInner>();
1217 info->SetRemote(true);
1218 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[mapID] = info;
1219
1220 // remote is true
1221 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().UpdateRemoteHapTokenInfo(mapID, hapSync));
1222
1223 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(mapID);
1224 }
1225
1226 /**
1227 * @tc.name: CreateRemoteHapTokenInfo001
1228 * @tc.desc: AccessTokenInfoManager::CreateRemoteHapTokenInfo function test
1229 * @tc.type: FUNC
1230 * @tc.require:
1231 */
1232 HWTEST_F(AccessTokenInfoManagerTest, CreateRemoteHapTokenInfo001, TestSize.Level1)
1233 {
1234 AccessTokenID mapID = 123; // 123 is random input
1235 HapTokenInfoForSync hapSync;
1236
1237 hapSync.baseInfo.tokenID = 123; // 123 is random input
1238 std::shared_ptr<HapTokenInfoInner> info = std::make_shared<HapTokenInfoInner>();
1239 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[123] = info;
1240
1241 // count(id) exsit
1242 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateRemoteHapTokenInfo(mapID, hapSync));
1243
1244 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(123);
1245 }
1246
1247 /**
1248 * @tc.name: DeleteRemoteToken002
1249 * @tc.desc: AccessTokenInfoManager::DeleteRemoteToken function test
1250 * @tc.type: FUNC
1251 * @tc.require:
1252 */
1253 HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken002, TestSize.Level1)
1254 {
1255 std::string deviceID = "dev-001";
1256 AccessTokenID tokenID = 123; // 123 is random input
1257
1258 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID,
1259 AccessTokenInfoManager::GetInstance().DeleteRemoteToken("", tokenID));
1260
1261 AccessTokenRemoteDevice device;
1262 device.deviceID_ = deviceID;
1263 // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
1264 device.MappingTokenIDPairMap_.insert(std::pair<AccessTokenID, AccessTokenID>(tokenID, 537919487));
1265 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_[deviceID] = device;
1266
1267 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(537919487, TOKEN_HAP));
1268 // hap mapID 537919487 is not exist
1269 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceID, tokenID));
1270 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_.erase(deviceID);
1271 AccessTokenIDManager::GetInstance().ReleaseTokenId(537919487);
1272
1273 // 672137215 is max native tokenId: 001 01 0 000000 11111111111111111111
1274 device.MappingTokenIDPairMap_[tokenID] = 672137215;
1275 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_[deviceID] = device;
1276
1277 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(672137215, TOKEN_NATIVE));
1278 // native mapID 672137215 is not exist
1279 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceID, tokenID));
1280 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_.erase(deviceID);
1281 AccessTokenIDManager::GetInstance().ReleaseTokenId(672137215);
1282 }
1283
1284 /**
1285 * @tc.name: AllocLocalTokenID001
1286 * @tc.desc: AccessTokenInfoManager::AllocLocalTokenID function test
1287 * @tc.type: FUNC
1288 * @tc.require:
1289 */
1290 HWTEST_F(AccessTokenInfoManagerTest, AllocLocalTokenID001, TestSize.Level1)
1291 {
1292 std::string remoteDeviceID;
1293 AccessTokenID remoteTokenID = 0;
1294
1295 ASSERT_EQ(static_cast<AccessTokenID>(0), AccessTokenInfoManager::GetInstance().AllocLocalTokenID(remoteDeviceID,
1296 remoteTokenID)); // remoteDeviceID invalid
1297
1298 // deviceID invalid + tokenID == 0
1299 ASSERT_EQ(static_cast<AccessTokenID>(0),
1300 AccessTokenInfoManager::GetInstance().GetRemoteNativeTokenID(remoteDeviceID, remoteTokenID));
1301
1302 // deviceID invalid
1303 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(remoteDeviceID));
1304
1305 remoteDeviceID = "dev-001";
1306 ASSERT_EQ(static_cast<AccessTokenID>(0), AccessTokenInfoManager::GetInstance().AllocLocalTokenID(remoteDeviceID,
1307 remoteTokenID)); // remoteTokenID invalid
1308
1309 // deviceID valid + tokenID == 0
1310 ASSERT_EQ(static_cast<AccessTokenID>(0),
1311 AccessTokenInfoManager::GetInstance().GetRemoteNativeTokenID(remoteDeviceID, remoteTokenID));
1312
1313 remoteTokenID = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
1314 // deviceID valid + tokenID != 0 + type != native + type != shell
1315 ASSERT_EQ(static_cast<AccessTokenID>(0),
1316 AccessTokenInfoManager::GetInstance().GetRemoteNativeTokenID(remoteDeviceID, remoteTokenID));
1317 }
1318 #endif
1319
1320 /**
1321 * @tc.name: Dump001
1322 * @tc.desc: Dump tokeninfo.
1323 * @tc.type: FUNC
1324 * @tc.require: issueI4V02P
1325 */
1326 HWTEST_F(AccessTokenInfoManagerTest, Dump001, TestSize.Level1)
1327 {
1328 int fd = -1;
1329 std::vector<std::u16string> args;
1330
1331 // fd is 0
1332 ASSERT_NE(RET_SUCCESS, atManagerService_->Dump(fd, args));
1333
1334 fd = open("/dev/null", O_WRONLY);
1335
1336 // hidumper
1337 ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args));
1338
1339 // hidumper -h
1340 args.emplace_back(Str8ToStr16("-h"));
1341 ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args));
1342
1343 args.clear();
1344 // hidumper -a
1345 args.emplace_back(Str8ToStr16("-a"));
1346 ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args));
1347
1348 args.clear();
1349 // hidumper -t
1350 args.emplace_back(Str8ToStr16("-t"));
1351 ASSERT_NE(RET_SUCCESS, atManagerService_->Dump(fd, args));
1352
1353 args.clear();
1354 // hidumper -t
1355 args.emplace_back(Str8ToStr16("-t"));
1356 args.emplace_back(Str8ToStr16("-1")); // illegal tokenId
1357 ASSERT_NE(RET_SUCCESS, atManagerService_->Dump(fd, args));
1358
1359 args.clear();
1360 // hidumper -t
1361 args.emplace_back(Str8ToStr16("-t"));
1362 args.emplace_back(Str8ToStr16("123")); // invalid tokenId
1363 ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args));
1364 }
1365
1366 /**
1367 * @tc.name: DumpTokenInfo001
1368 * @tc.desc: Test DumpTokenInfo with invalid tokenId.
1369 * @tc.type: FUNC
1370 * @tc.require: issueI4V02P
1371 */
1372 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level1)
1373 {
1374 std::string dumpInfo;
1375 AtmToolsParamInfo info;
1376 info.tokenId = static_cast<AccessTokenID>(0);
1377 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1378 EXPECT_EQ(false, dumpInfo.empty());
1379
1380 dumpInfo.clear();
1381 info.tokenId = static_cast<AccessTokenID>(123);
1382 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1383 EXPECT_EQ("invalid tokenId", dumpInfo);
1384 }
1385
1386 /**
1387 * @tc.name: DumpTokenInfo002
1388 * @tc.desc: Test DumpTokenInfo with hap tokenId.
1389 * @tc.type: FUNC
1390 * @tc.require: issueI4V02P
1391 */
1392 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo002, TestSize.Level1)
1393 {
1394 AccessTokenIDEx tokenIdEx = {0};
1395 AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
1396 g_infoManagerTestPolicyPrams1, tokenIdEx);
1397
1398 tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(g_infoManagerTestInfoParms.userID,
1399 g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex);
1400 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
1401 EXPECT_NE(0, static_cast<int>(tokenId));
1402 std::string dumpInfo;
1403 AtmToolsParamInfo info;
1404 info.tokenId = tokenId;
1405 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1406 EXPECT_EQ(false, dumpInfo.empty());
1407
1408 int32_t ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(
1409 tokenIdEx.tokenIdExStruct.tokenID);
1410 ASSERT_EQ(RET_SUCCESS, ret);
1411 GTEST_LOG_(INFO) << "remove the token info";
1412 }
1413
1414 /**
1415 * @tc.name: DumpTokenInfo003
1416 * @tc.desc: Test DumpTokenInfo with native tokenId.
1417 * @tc.type: FUNC
1418 * @tc.require: issueI4V02P
1419 */
1420 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo003, TestSize.Level1)
1421 {
1422 std::string dumpInfo;
1423 AtmToolsParamInfo info;
1424 info.tokenId = AccessTokenInfoManager::GetInstance().GetNativeTokenId("accesstoken_service");
1425 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1426 EXPECT_EQ(false, dumpInfo.empty());
1427 }
1428
1429 /**
1430 * @tc.name: DumpTokenInfo004
1431 * @tc.desc: Test DumpTokenInfo with shell tokenId.
1432 * @tc.type: FUNC
1433 * @tc.require: issueI4V02P
1434 */
1435 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo004, TestSize.Level1)
1436 {
1437 std::string dumpInfo;
1438 AtmToolsParamInfo info;
1439 info.tokenId = AccessTokenInfoManager::GetInstance().GetNativeTokenId("hdcd");
1440 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1441 EXPECT_EQ(false, dumpInfo.empty());
1442 }
1443
1444 /**
1445 * @tc.name: DumpTokenInfo006
1446 * @tc.desc: Test DumpTokenInfo with native processName.
1447 * @tc.type: FUNC
1448 * @tc.require: issueI4V02P
1449 */
1450 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo006, TestSize.Level1)
1451 {
1452 std::string dumpInfo;
1453 AtmToolsParamInfo info;
1454 info.processName = "hdcd";
1455 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1456 EXPECT_EQ(false, dumpInfo.empty());
1457 }
1458
1459 /**
1460 * @tc.name: DumpTokenInfo007
1461 * @tc.desc: Test DumpTokenInfo with hap bundleName.
1462 * @tc.type: FUNC
1463 * @tc.require: issueI4V02P
1464 */
1465 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo007, TestSize.Level1)
1466 {
1467 AccessTokenIDEx tokenIdEx = {0};
1468 AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
1469 g_infoManagerTestPolicyPrams1, tokenIdEx);
1470
1471 tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(g_infoManagerTestInfoParms.userID,
1472 g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex);
1473 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
1474 EXPECT_NE(0, static_cast<int>(tokenId));
1475
1476 std::string dumpInfo;
1477 AtmToolsParamInfo info;
1478 info.bundleName = g_infoManagerTestInfoParms.bundleName;
1479 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1480 EXPECT_EQ(false, dumpInfo.empty());
1481
1482 int32_t ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(
1483 tokenIdEx.tokenIdExStruct.tokenID);
1484 ASSERT_EQ(RET_SUCCESS, ret);
1485 }
1486
1487 /**
1488 * @tc.name: AccessTokenInfoManager001
1489 * @tc.desc: AccessTokenInfoManager::~AccessTokenInfoManager+Init function test hasInited_ is false
1490 * @tc.type: FUNC
1491 * @tc.require:
1492 */
1493 HWTEST_F(AccessTokenInfoManagerTest, AccessTokenInfoManager001, TestSize.Level1)
1494 {
1495 AccessTokenInfoManager::GetInstance().hasInited_ = true;
1496 AccessTokenInfoManager::GetInstance().Init();
1497 AccessTokenInfoManager::GetInstance().hasInited_ = false;
1498 ASSERT_EQ(false, AccessTokenInfoManager::GetInstance().hasInited_);
1499 }
1500
1501 /**
1502 * @tc.name: GetHapUniqueStr001
1503 * @tc.desc: AccessTokenInfoManager::GetHapUniqueStr function test info is null
1504 * @tc.type: FUNC
1505 * @tc.require:
1506 */
1507 HWTEST_F(AccessTokenInfoManagerTest, GetHapUniqueStr001, TestSize.Level1)
1508 {
1509 std::shared_ptr<HapTokenInfoInner> info = nullptr;
1510 ASSERT_EQ("", AccessTokenInfoManager::GetInstance().GetHapUniqueStr(info));
1511 }
1512
1513 /**
1514 * @tc.name: AddHapTokenInfo001
1515 * @tc.desc: AccessTokenInfoManager::AddHapTokenInfo function test info is null
1516 * @tc.type: FUNC
1517 * @tc.require:
1518 */
1519 HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo001, TestSize.Level1)
1520 {
1521 std::shared_ptr<HapTokenInfoInner> info = nullptr;
1522 ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(info));
1523 }
1524
1525 /**
1526 * @tc.name: AddHapTokenInfo002
1527 * @tc.desc: AccessTokenInfoManager::AddHapTokenInfo function test count(id) > 0
1528 * @tc.type: FUNC
1529 * @tc.require:
1530 */
1531 HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo002, TestSize.Level1)
1532 {
1533 HapInfoParams info = {
1534 .userID = USER_ID,
1535 .bundleName = "accesstoken_info_manager_test",
1536 .instIndex = INST_INDEX,
1537 .appIDDesc = "accesstoken_info_manager_test"
1538 };
1539 HapPolicy policy = {
1540 .apl = APL_NORMAL,
1541 .domain = "domain"
1542 };
1543 AccessTokenIDEx tokenIdEx = {0};
1544 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx));
1545 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
1546 ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
1547
1548 std::shared_ptr<HapTokenInfoInner> infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenId);
1549 ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(infoPtr));
1550
1551 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
1552 }
1553
1554 /**
1555 * @tc.name: GetHapTokenID002
1556 * @tc.desc: test GetHapTokenID function abnomal branch
1557 * @tc.type: FUNC
1558 * @tc.require: issueI60F1M
1559 */
1560 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID002, TestSize.Level1)
1561 {
1562 AccessTokenIDEx tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(
1563 USER_ID, "com.ohos.test", INST_INDEX);
1564 ASSERT_EQ(static_cast<AccessTokenID>(0), tokenIdEx.tokenIDEx);
1565 }
1566
1567 /**
1568 * @tc.name: IsPermissionDefValid001
1569 * @tc.desc: PermissionValidator::IsPermissionDefValid function test
1570 * @tc.type: FUNC
1571 * @tc.require:
1572 */
1573 HWTEST_F(AccessTokenInfoManagerTest, IsPermissionDefValid001, TestSize.Level1)
1574 {
1575 PermissionDef permDef = {
1576 .permissionName = "ohos.permission.TEST",
1577 .bundleName = "com.ohos.test",
1578 .grantMode = static_cast<GrantMode>(2),
1579 .availableLevel = ATokenAplEnum::APL_NORMAL,
1580 .provisionEnable = false,
1581 .distributedSceneEnable = false,
1582 .label = "buzhidao",
1583 .labelId = 100, // 100 is random input
1584 .description = "buzhidao",
1585 .descriptionId = 100 // 100 is random input
1586 };
1587
1588 // ret not RET_SUCCESS
1589 ASSERT_EQ(false, PermissionValidator::IsPermissionDefValid(permDef)); // grant mode invalid
1590
1591 permDef.grantMode = GrantMode::USER_GRANT;
1592 permDef.availableType = ATokenAvailableTypeEnum::INVALID;
1593 ASSERT_EQ(false, PermissionValidator::IsPermissionDefValid(permDef)); // availableType invalid
1594 }
1595
1596 /**
1597 * @tc.name: IsPermissionStateValid001
1598 * @tc.desc: PermissionValidator::IsPermissionStateValid function test
1599 * @tc.type: FUNC
1600 * @tc.require:
1601 */
1602 HWTEST_F(AccessTokenInfoManagerTest, IsPermissionStateValid001, TestSize.Level1)
1603 {
1604 std::string permissionName;
1605 std::string deviceID = "dev-001";
1606 int grantState = PermissionState::PERMISSION_DENIED;
1607 uint32_t grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG;
1608 PermissionStatus permState = {
1609 .permissionName = permissionName,
1610 .grantStatus = grantState,
1611 .grantFlag = grantFlag
1612 };
1613
1614 ASSERT_EQ(false, PermissionValidator::IsPermissionStateValid(permState)); // permissionName empty
1615
1616 permState.permissionName = "com.ohos.TEST";
1617 permState.grantStatus = 1; // 1: invalid status
1618 ASSERT_EQ(false, PermissionValidator::IsPermissionStateValid(permState));
1619
1620 permState.grantStatus = grantState;
1621 permState.grantFlag = -1; // -1: invalid flag
1622 ASSERT_EQ(false, PermissionValidator::IsPermissionStateValid(permState));
1623
1624 permState.grantFlag = grantFlag;
1625 ASSERT_EQ(true, PermissionValidator::IsPermissionStateValid(permState));
1626 }
1627
1628 /**
1629 * @tc.name: FilterInvalidPermissionDef001
1630 * @tc.desc: PermissionValidator::FilterInvalidPermissionDef function test
1631 * @tc.type: FUNC
1632 * @tc.require:
1633 */
1634 HWTEST_F(AccessTokenInfoManagerTest, FilterInvalidPermissionDef001, TestSize.Level1)
1635 {
1636 PermissionDef permDef = {
1637 .permissionName = "ohos.permission.TEST",
1638 .bundleName = "com.ohos.test",
1639 .grantMode = GrantMode::SYSTEM_GRANT,
1640 .availableLevel = ATokenAplEnum::APL_NORMAL,
1641 .provisionEnable = false,
1642 .distributedSceneEnable = false,
1643 .label = "buzhidao",
1644 .labelId = 100, // 100 is random input
1645 .description = "buzhidao",
1646 .descriptionId = 100 // 100 is random input
1647 };
1648
1649 std::vector<PermissionDef> permList;
1650 permList.emplace_back(permDef);
1651 permList.emplace_back(permDef);
1652
1653 ASSERT_EQ(static_cast<uint32_t>(2), permList.size());
1654
1655 std::vector<PermissionDef> result;
1656 PermissionValidator::FilterInvalidPermissionDef(permList, result); // permDefSet.count != 0
1657 ASSERT_EQ(static_cast<uint32_t>(1), result.size());
1658 }
1659
1660 /**
1661 * @tc.name: QueryPermissionFlag001
1662 * @tc.desc: PermissionPolicySet::QueryPermissionFlag function test
1663 * @tc.type: FUNC
1664 * @tc.require:
1665 */
1666 HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level1)
1667 {
1668 PermissionStatus perm = {
1669 .permissionName = "ohos.permission.TEST",
1670 .grantStatus = PermissionState::PERMISSION_DENIED,
1671 .grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG
1672 };
1673
1674 AccessTokenID tokenId = 0x280bc140; // 0x280bc140 is random native
1675 std::vector<PermissionStatus> permStateList;
1676 permStateList.emplace_back(perm);
1677
1678 PermissionDataBrief::GetInstance().AddPermToBriefPermission(tokenId, permStateList, true);
1679
1680 // perm.permissionName != permissionName
1681 uint32_t flag = 0;
1682 ASSERT_EQ(ERR_PERMISSION_NOT_EXIST,
1683 PermissionDataBrief::GetInstance().QueryPermissionFlag(tokenId, "ohos.permission.TEST1", flag));
1684 }
1685
1686 /**
1687 * @tc.name: UpdatePermissionStatus001
1688 * @tc.desc: PermissionPolicySet::UpdatePermissionStatus function test
1689 * @tc.type: FUNC
1690 * @tc.require:
1691 */
1692 HWTEST_F(AccessTokenInfoManagerTest, UpdatePermissionStatus001, TestSize.Level1)
1693 {
1694 PermissionStatus perm = {
1695 .permissionName = "ohos.permission.CAMERA",
1696 .grantStatus = PermissionState::PERMISSION_DENIED,
1697 .grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG
1698 };
1699
1700 AccessTokenID tokenId = 789; // 789 is random input
1701 std::vector<PermissionStatus> permStateList;
1702 permStateList.emplace_back(perm);
1703
1704 PermissionDataBrief::GetInstance().AddPermToBriefPermission(tokenId, permStateList, true);
1705
1706 // iter reach the end
1707 bool isGranted = false;
1708 uint32_t flag = PermissionFlag::PERMISSION_DEFAULT_FLAG;
1709 bool changed = false;
1710
1711 // permission is invalid
1712 ASSERT_EQ(ERR_PARAM_INVALID, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1713 "ohos.permission.TEST1", isGranted, flag, changed));
1714 // flag != PERMISSION_COMPONENT_SET
1715 flag = PermissionFlag::PERMISSION_DEFAULT_FLAG;
1716 ASSERT_EQ(RET_SUCCESS, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1717 "ohos.permission.CAMERA", isGranted, flag, changed));
1718
1719 // flag == PERMISSION_COMPONENT_SET
1720 flag = PermissionFlag::PERMISSION_COMPONENT_SET;
1721 ASSERT_EQ(RET_SUCCESS, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1722 "ohos.permission.CAMERA", isGranted, flag, changed));
1723
1724
1725 // flag == PERMISSION_SYSTEM_FIXED
1726 flag = PermissionFlag::PERMISSION_SYSTEM_FIXED;
1727 ASSERT_EQ(RET_SUCCESS, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1728 "ohos.permission.CAMERA", isGranted, flag, changed));
1729
1730 // Permission fixed by system
1731 flag = PermissionFlag::PERMISSION_DEFAULT_FLAG;
1732 ASSERT_EQ(ERR_PARAM_INVALID, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1733 "ohos.permission.CAMERA", isGranted, flag, changed));
1734 }
1735
1736 #ifdef TOKEN_SYNC_ENABLE
1737 /**
1738 * @tc.name: MapRemoteDeviceTokenToLocal001
1739 * @tc.desc: AccessTokenRemoteTokenManager::MapRemoteDeviceTokenToLocal function test
1740 * @tc.type: FUNC
1741 * @tc.require:
1742 */
1743 HWTEST_F(AccessTokenInfoManagerTest, MapRemoteDeviceTokenToLocal001, TestSize.Level1)
1744 {
1745 std::map<std::string, AccessTokenRemoteDevice> remoteDeviceMap;
1746 remoteDeviceMap = AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_; // backup
1747 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_.clear();
1748
1749 std::string deviceID;
1750 AccessTokenID remoteID = 0;
1751
1752 // input invalid
1753 ASSERT_EQ(static_cast<AccessTokenID>(0),
1754 AccessTokenRemoteTokenManager::GetInstance().MapRemoteDeviceTokenToLocal(deviceID, remoteID));
1755
1756 remoteID = 940572671; // 940572671 is max butt tokenId: 001 11 0 000000 11111111111111111111
1757 deviceID = "dev-001";
1758
1759 // tokeType invalid
1760 ASSERT_EQ(static_cast<AccessTokenID>(0),
1761 AccessTokenRemoteTokenManager::GetInstance().MapRemoteDeviceTokenToLocal(deviceID, remoteID));
1762
1763 remoteID = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111, no need to register
1764 std::map<AccessTokenID, AccessTokenID> MappingTokenIDPairMap;
1765 MappingTokenIDPairMap[537919487] = 456; // 456 is random input
1766 AccessTokenRemoteDevice device = {
1767 .deviceID_ = "dev-001",
1768 .MappingTokenIDPairMap_ = MappingTokenIDPairMap
1769 };
1770 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_["dev-001"] = device;
1771
1772 // count(remoteID) > 0
1773 ASSERT_EQ(static_cast<AccessTokenID>(456),
1774 AccessTokenRemoteTokenManager::GetInstance().MapRemoteDeviceTokenToLocal(deviceID, remoteID));
1775
1776 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_ = remoteDeviceMap; // recovery
1777 }
1778
1779 /**
1780 * @tc.name: GetDeviceAllRemoteTokenID001
1781 * @tc.desc: AccessTokenRemoteTokenManager::GetDeviceAllRemoteTokenID function test
1782 * @tc.type: FUNC
1783 * @tc.require:
1784 */
1785 HWTEST_F(AccessTokenInfoManagerTest, GetDeviceAllRemoteTokenID001, TestSize.Level1)
1786 {
1787 std::string deviceID;
1788 std::vector<AccessTokenID> remoteIDs;
1789
1790 // deviceID invalid
1791 ASSERT_EQ(ERR_PARAM_INVALID,
1792 AccessTokenRemoteTokenManager::GetInstance().GetDeviceAllRemoteTokenID(deviceID, remoteIDs));
1793 }
1794
1795 /**
1796 * @tc.name: RemoveDeviceMappingTokenID001
1797 * @tc.desc: AccessTokenRemoteTokenManager::RemoveDeviceMappingTokenID function test
1798 * @tc.type: FUNC
1799 * @tc.require:
1800 */
1801 HWTEST_F(AccessTokenInfoManagerTest, RemoveDeviceMappingTokenID001, TestSize.Level1)
1802 {
1803 std::map<std::string, AccessTokenRemoteDevice> remoteDeviceMap;
1804 remoteDeviceMap = AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_; // backup
1805 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_.clear();
1806
1807 std::string deviceID;
1808 AccessTokenID remoteID = 0;
1809
1810 // input invalid
1811 ASSERT_NE(RET_SUCCESS,
1812 AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, remoteID));
1813
1814 deviceID = "dev-001";
1815 remoteID = 123; // 123 is random input
1816
1817 // count < 1
1818 ASSERT_NE(RET_SUCCESS,
1819 AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, remoteID));
1820
1821 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_ = remoteDeviceMap; // recovery
1822 }
1823
1824 /**
1825 * @tc.name: AddHapTokenObservation001
1826 * @tc.desc: TokenModifyNotifier::AddHapTokenObservation function test
1827 * @tc.type: FUNC
1828 * @tc.require:
1829 */
1830 HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenObservation001, TestSize.Level1)
1831 {
1832 std::set<AccessTokenID> observationSet = TokenModifyNotifier::GetInstance().observationSet_; // backup
1833 TokenModifyNotifier::GetInstance().observationSet_.clear();
1834
1835 AccessTokenID tokenId = 123; // 123 is random input
1836
1837 TokenModifyNotifier::GetInstance().observationSet_.insert(tokenId);
1838 ASSERT_EQ(true, TokenModifyNotifier::GetInstance().observationSet_.count(tokenId) > 0);
1839
1840 // count > 0
1841 TokenModifyNotifier::GetInstance().AddHapTokenObservation(tokenId);
1842 TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenId);
1843
1844 TokenModifyNotifier::GetInstance().observationSet_ = observationSet; // recovery
1845 }
1846 #endif
1847
1848 /**
1849 * @tc.name: RestoreHapTokenInfo001
1850 * @tc.desc: HapTokenInfoInner::RestoreHapTokenInfo function test
1851 * @tc.type: FUNC
1852 * @tc.require:
1853 */
1854 HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level1)
1855 {
1856 std::shared_ptr<HapTokenInfoInner> hap = std::make_shared<HapTokenInfoInner>();
1857 ASSERT_NE(nullptr, hap);
1858
1859 AccessTokenID tokenId = 0;
1860 GenericValues tokenValue;
1861 std::vector<GenericValues> permStateRes;
1862 std::vector<GenericValues> extendedPermRes;
1863 std::string bundleName;
1864 std::string appIDDesc;
1865 std::string deviceID;
1866 int version = 10; // 10 is random input which only need not equal 1
1867 HapPolicy policy;
1868 UpdateHapInfoParams hapInfo;
1869 hapInfo.apiVersion = DEFAULT_API_VERSION;
1870 hapInfo.isSystemApp = false;
1871 hap->Update(hapInfo, policy.permStateList, policy); // permPolicySet_ is null
1872
1873 std::string info;
1874 hap->ToString(info); // permPolicySet_ is null
1875
1876 std::vector<GenericValues> hapInfoValues;
1877 std::vector<GenericValues> permStateValues;
1878 hap->StoreHapInfo(hapInfoValues, "test", APL_NORMAL);
1879 hap->StorePermissionPolicy(permStateValues); // permPolicySet_ is null
1880
1881
1882 tokenValue.Put(TokenFiledConst::FIELD_BUNDLE_NAME, bundleName);
1883 // bundleName invalid
1884 ASSERT_EQ(ERR_PARAM_INVALID, hap->RestoreHapTokenInfo(tokenId, tokenValue, permStateRes, extendedPermRes));
1885 tokenValue.Remove(TokenFiledConst::FIELD_BUNDLE_NAME);
1886
1887 bundleName = "com.ohos.permissionmanger";
1888 tokenValue.Put(TokenFiledConst::FIELD_BUNDLE_NAME, bundleName);
1889 tokenValue.Put(TokenFiledConst::FIELD_TOKEN_VERSION, version);
1890 // version invalid
1891 ASSERT_EQ(ERR_PARAM_INVALID, hap->RestoreHapTokenInfo(tokenId, tokenValue, permStateRes, extendedPermRes));
1892 }
1893
1894 /**
1895 * @tc.name: RegisterTokenId001
1896 * @tc.desc: AccessTokenIDManager::RegisterTokenId function test
1897 * @tc.type: FUNC
1898 * @tc.require:
1899 */
1900 HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenId001, TestSize.Level1)
1901 {
1902 // 1477443583 is max abnormal butt tokenId which version is 2: 010 11 0 000000 11111111111111111111
1903 AccessTokenID tokenId = 1477443583;
1904 ATokenTypeEnum type = ATokenTypeEnum::TOKEN_HAP;
1905
1906 // version != 1 + type dismatch
1907 ASSERT_NE(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, type));
1908
1909 AccessTokenIDEx tokenIdEx = {0};
1910 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
1911 g_infoManagerTestPolicyPrams1, tokenIdEx));
1912
1913 // register repeat
1914 ASSERT_NE(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(
1915 tokenIdEx.tokenIdExStruct.tokenID, type));
1916 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID));
1917 }
1918
1919 /**
1920 * @tc.name: ClearAllSecCompGrantedPerm001
1921 * @tc.desc: ClearAllSecCompGrantedPerm function test
1922 * @tc.type: FUNC
1923 * @tc.require:
1924 */
1925 HWTEST_F(AccessTokenInfoManagerTest, ClearAllSecCompGrantedPerm001, TestSize.Level1)
1926 {
1927 AccessTokenIDEx tokenIdEx = {0};
1928 int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
1929 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx);
1930 ASSERT_EQ(RET_SUCCESS, ret);
1931 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
1932
1933 ASSERT_EQ(PERMISSION_DENIED,
1934 AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, "ohos.permission.LOCATION"));
1935 PermissionManager::GetInstance().GrantPermission(tokenId, "ohos.permission.LOCATION", PERMISSION_COMPONENT_SET);
1936 ASSERT_EQ(PERMISSION_GRANTED,
1937 AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, "ohos.permission.LOCATION"));
1938
1939 std::string deviceId;
1940 atManagerService_->OnRemoveSystemAbility(SECURITY_COMPONENT_SERVICE_ID, deviceId);
1941 ASSERT_EQ(PERMISSION_DENIED,
1942 AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, "ohos.permission.LOCATION"));
1943
1944 // delete test token
1945 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
1946 }
1947
1948 /**
1949 * @tc.name: SetPermDialogCap001
1950 * @tc.desc: SetPermDialogCap with HapUniqueKey not exist
1951 * @tc.type: FUNC
1952 * @tc.require:
1953 */
1954 HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap001, TestSize.Level1)
1955 {
1956 AccessTokenID tokenId = 123; // 123: invalid tokenid
1957 ASSERT_EQ(ERR_TOKENID_NOT_EXIST, AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, true));
1958 }
1959
1960 /**
1961 * @tc.name: SetPermDialogCap002
1962 * @tc.desc: SetPermDialogCap with abnormal branch
1963 * @tc.type: FUNC
1964 * @tc.require:
1965 */
1966 HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap002, TestSize.Level1)
1967 {
1968 AccessTokenIDEx tokenIdEx = {0};
1969 int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
1970 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx);
1971 ASSERT_EQ(RET_SUCCESS, ret);
1972 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
1973
1974 // SetPermDialogCap successfull
1975 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, true));
1976 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(tokenId));
1977 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, false));
1978 ASSERT_EQ(false, AccessTokenInfoManager::GetInstance().GetPermDialogCap(tokenId));
1979
1980 std::shared_ptr<HapTokenInfoInner> back = AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId];
1981
1982 // tokeninfo of hapTokenInfoMap_ is nullptr, return true(forbid)
1983 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = nullptr;
1984 ASSERT_EQ(ERR_TOKENID_NOT_EXIST,
1985 AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, true)); // info is null
1986 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(tokenId));
1987
1988 // token is not found in hapTokenInfoMap_, return true(forbid)
1989 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId);
1990 ASSERT_EQ(ERR_TOKENID_NOT_EXIST,
1991 AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, true)); // info is null
1992 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(tokenId));
1993 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = back;
1994
1995 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
1996 }
1997
1998 /**
1999 * @tc.name: GetPermDialogCap001
2000 * @tc.desc: GetPermDialogCap with abnormal branch
2001 * @tc.type: FUNC
2002 * @tc.require:
2003 */
2004 HWTEST_F(AccessTokenInfoManagerTest, GetPermDialogCap001, TestSize.Level1)
2005 {
2006 // invalid token
2007 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(INVALID_TOKENID));
2008
2009 // nonexist token
2010 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(123)); // 123: tokenid
2011
2012 // tokeninfo is nullptr
2013 HapBaseInfo baseInfo = {
2014 .userID = g_infoManagerTestInfoParms.userID,
2015 .bundleName = g_infoManagerTestInfoParms.bundleName,
2016 .instIndex = g_infoManagerTestInfoParms.instIndex,
2017 };
2018 AccessTokenIDEx tokenIdEx = {0};
2019 int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
2020 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx);
2021 ASSERT_EQ(RET_SUCCESS, ret);
2022 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
2023 std::shared_ptr<HapTokenInfoInner> back = AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId];
2024 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = nullptr;
2025 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(123)); // 123: tokenid
2026
2027 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = back;
2028 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
2029 }
2030
2031 /**
2032 * @tc.name: AllocHapToken001
2033 * @tc.desc: alloc hap create haptokeninfo failed.
2034 * @tc.type: FUNC
2035 * @tc.require:
2036 */
2037 HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level1)
2038 {
2039 HapInfoParcel hapinfoParcel;
2040 hapinfoParcel.hapInfoParameter = {
2041 .userID = -1,
2042 .bundleName = "accesstoken_test",
2043 .instIndex = 0,
2044 .appIDDesc = "testtesttesttest",
2045 .apiVersion = DEFAULT_API_VERSION,
2046 .isSystemApp = false,
2047 };
2048 HapPolicyParcel hapPolicyParcel;
2049 hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL;
2050 hapPolicyParcel.hapPolicy.domain = "test.domain";
2051
2052 AccessTokenIDEx tokenIDEx = atManagerService_->AllocHapToken(hapinfoParcel, hapPolicyParcel);
2053 ASSERT_EQ(INVALID_TOKENID, tokenIDEx.tokenIDEx);
2054 }
2055
2056 /**
2057 * @tc.name: OnStart001
2058 * @tc.desc: service is running.
2059 * @tc.type: FUNC
2060 * @tc.require:
2061 */
2062 HWTEST_F(AccessTokenInfoManagerTest, OnStart001, TestSize.Level1)
2063 {
2064 ServiceRunningState state = atManagerService_->state_;
2065 atManagerService_->state_ = ServiceRunningState::STATE_RUNNING;
2066 atManagerService_->OnStart();
2067 ASSERT_EQ(ServiceRunningState::STATE_RUNNING, atManagerService_->state_);
2068 atManagerService_->state_ = state;
2069 }
2070
2071 /**
2072 * @tc.name: Dlopen001
2073 * @tc.desc: Open a not exist lib & not exist func
2074 * @tc.type: FUNC
2075 * @tc.require:
2076 */
2077 HWTEST_F(AccessTokenInfoManagerTest, Dlopen001, TestSize.Level1)
2078 {
2079 LibraryLoader loader1("libnotexist.z.so"); // is a not exist path
2080 EXPECT_EQ(nullptr, loader1.handle_);
2081
2082 LibraryLoader loader2("libaccesstoken_manager_service.z.so"); // is a exist lib without create func
2083 EXPECT_EQ(nullptr, loader2.instance_);
2084 EXPECT_NE(nullptr, loader2.handle_);
2085 }
2086
2087 #ifdef TOKEN_SYNC_ENABLE
2088 /**
2089 * @tc.name: Dlopen002
2090 * @tc.desc: Open a exist lib & exist func
2091 * @tc.type: FUNC
2092 * @tc.require:
2093 */
2094 HWTEST_F(AccessTokenInfoManagerTest, Dlopen002, TestSize.Level1)
2095 {
2096 LibraryLoader loader(TOKEN_SYNC_LIBPATH);
2097 TokenSyncKitInterface* tokenSyncKit = loader.GetObject<TokenSyncKitInterface>();
2098 EXPECT_NE(nullptr, loader.handle_);
2099 EXPECT_NE(nullptr, tokenSyncKit);
2100 }
2101 #endif
2102
2103 /**
2104 * @tc.name: OnRemoteRequest001
2105 * @tc.desc: Test OnRemoteRequest
2106 * @tc.type: FUNC
2107 * @tc.require:
2108 */
2109 HWTEST_F(AccessTokenInfoManagerTest, OnRemoteRequest001, TestSize.Level1)
2110 {
2111 uint32_t code = 0;
2112 MessageParcel data;
2113 MessageParcel reply;
2114 MessageOption option;
2115 data.WriteInterfaceToken(u"this is a test interface");
2116 EXPECT_EQ(ERROR_IPC_REQUEST_FAIL, atManagerService_->OnRemoteRequest(code, data, reply, option));
2117
2118 std::map<uint32_t, AccessTokenManagerStub::RequestFuncType> oldMap = atManagerService_->requestFuncMap_;
2119 atManagerService_->requestFuncMap_.clear();
2120 atManagerService_->requestFuncMap_[1] = nullptr;
2121
2122 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
2123 EXPECT_NE(NO_ERROR, atManagerService_->OnRemoteRequest(code, data, reply, option));
2124
2125 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
2126 EXPECT_NE(NO_ERROR, atManagerService_->OnRemoteRequest(1, data, reply, option));
2127
2128 atManagerService_->requestFuncMap_ = oldMap;
2129 }
2130
2131 /**
2132 * @tc.name: VerifyNativeAccessToken001
2133 * @tc.desc: AccessTokenInfoManagerTest::VerifyNativeAccessToken function test
2134 * @tc.type: FUNC
2135 * @tc.require:
2136 */
2137 HWTEST_F(AccessTokenInfoManagerTest, VerifyNativeAccessToken001, TestSize.Level1)
2138 {
2139 AccessTokenID tokenId = 0x280bc142; // 0x280bc142 is random input
2140 std::string permissionName = "ohos.permission.INVALID_AA";
2141 AccessTokenID tokenId1 = AccessTokenInfoManager::GetInstance().GetNativeTokenId("accesstoken_service");
2142 // tokenId is not exist
2143 ASSERT_EQ(PermissionState::PERMISSION_DENIED,
2144 AccessTokenInfoManager::GetInstance().VerifyNativeAccessToken(tokenId, permissionName));
2145
2146 permissionName = "ohos.permission.CAMERA";
2147 // permission is not request
2148 ASSERT_EQ(PermissionState::PERMISSION_DENIED,
2149 AccessTokenInfoManager::GetInstance().VerifyNativeAccessToken(tokenId1, permissionName));
2150
2151 // tokenId is native token, and permission is defined
2152 ASSERT_EQ(PermissionState::PERMISSION_DENIED,
2153 AccessTokenInfoManager::GetInstance().VerifyNativeAccessToken(tokenId1, permissionName));
2154
2155 permissionName = "ohos.permission.KILL_APP_PROCESSES";
2156 ASSERT_EQ(PermissionState::PERMISSION_GRANTED,
2157 AccessTokenInfoManager::GetInstance().VerifyNativeAccessToken(tokenId1, permissionName));
2158 }
2159
2160 /**
2161 * @tc.name: VerifyAccessToken001
2162 * @tc.desc: AccessTokenInfoManagerTest::VerifyAccessToken function test
2163 * @tc.type: FUNC
2164 * @tc.require:
2165 */
2166 HWTEST_F(AccessTokenInfoManagerTest, VerifyAccessToken001, TestSize.Level1)
2167 {
2168 AccessTokenID tokenId = 0;
2169 std::string permissionName;
2170 // tokenID invalid
2171 ASSERT_EQ(PERMISSION_DENIED, AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, permissionName));
2172
2173 tokenId = 940572671; // 940572671 is max butt tokenId: 001 11 0 000000 11111111111111111111
2174 // permissionName invalid
2175 ASSERT_EQ(PERMISSION_DENIED, AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, permissionName));
2176
2177 // tokenID invalid
2178 permissionName = "ohos.permission.CAMERA";
2179 ASSERT_EQ(PERMISSION_DENIED, AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, permissionName));
2180 }
2181
2182 /**
2183 * @tc.name: GetAppId001
2184 * @tc.desc: AccessTokenInfoManagerTest::VerifyAccessToken function test
2185 * @tc.type: FUNC
2186 * @tc.require:
2187 */
2188 HWTEST_F(AccessTokenInfoManagerTest, GetAppId001, TestSize.Level1)
2189 {
2190 HapInfoParams info = {
2191 .userID = USER_ID,
2192 .bundleName = "accesstoken_info_manager_test",
2193 .instIndex = INST_INDEX,
2194 .appIDDesc = "accesstoken_info_manager_test"
2195 };
2196 HapPolicy policy = {
2197 .apl = APL_NORMAL,
2198 .domain = "domain"
2199 };
2200 AccessTokenIDEx tokenIdEx = {0};
2201 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx));
2202 std::string appId;
2203 int ret = AccessTokenInfoManager::GetInstance().GetHapAppIdByTokenId(tokenIdEx.tokenIdExStruct.tokenID, appId);
2204 ASSERT_EQ(ret, RET_SUCCESS);
2205 ASSERT_EQ(appId, "accesstoken_info_manager_test");
2206 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID));
2207 }
2208
2209
2210 /**
2211 * @tc.name: SetPermissionRequestToggleStatus001
2212 * @tc.desc: PermissionManager::SetPermissionRequestToggleStatus function test with invalid permissionName, invalid
2213 * status and invalid userID.
2214 * @tc.type: FUNC
2215 * @tc.require:
2216 */
2217 HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus001, TestSize.Level1)
2218 {
2219 int32_t userID = -1;
2220 uint32_t status = PermissionRequestToggleStatus::CLOSED;
2221 std::string permissionName = "ohos.permission.CAMERA";
2222
2223 // UserId is invalid.
2224 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2225 permissionName, status, userID));
2226
2227 // Permission name is invalid.
2228 userID = 123;
2229 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2230 "", status, userID));
2231
2232 // PermissionName is not defined.
2233 permissionName = "ohos.permission.invalid";
2234 ASSERT_EQ(ERR_PERMISSION_NOT_EXIST, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2235 permissionName, status, userID));
2236
2237 // Permission is system_grant.
2238 permissionName = "ohos.permission.USE_BLUETOOTH";
2239 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2240 permissionName, status, userID));
2241
2242 // Status is invalid.
2243 status = -1;
2244 permissionName = "ohos.permission.CAMERA";
2245 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2246 permissionName, status, userID));
2247 }
2248
2249 /**
2250 * @tc.name: SetPermissionRequestToggleStatus002
2251 * @tc.desc: PermissionManager::SetPermissionRequestToggleStatus function test with normal process.
2252 * @tc.type: FUNC
2253 * @tc.require:
2254 */
2255 HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus002, TestSize.Level1)
2256 {
2257 int32_t userID = 123;
2258 uint32_t status = PermissionRequestToggleStatus::CLOSED;
2259 std::string permissionName = "ohos.permission.CAMERA";
2260
2261 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2262 permissionName, status, userID));
2263
2264 status = PermissionRequestToggleStatus::OPEN;
2265 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2266 permissionName, status, userID));
2267 }
2268
2269 /**
2270 * @tc.name: GetPermissionRequestToggleStatus001
2271 * @tc.desc: PermissionManager::GetPermissionRequestToggleStatus function test with invalid userID, invalid permission
2272 * name.
2273 * @tc.type: FUNC
2274 * @tc.require:
2275 */
2276 HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus001, TestSize.Level1)
2277 {
2278 int32_t userID = -1;
2279 uint32_t status;
2280 std::string permissionName = "ohos.permission.CAMERA";
2281
2282 // UserId is invalid.
2283 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2284 permissionName, status, userID));
2285
2286 // PermissionName is invalid.
2287 userID = 123;
2288 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2289 "", status, userID));
2290
2291 // PermissionName is not defined.
2292 permissionName = "ohos.permission.invalid";
2293 ASSERT_EQ(ERR_PERMISSION_NOT_EXIST, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2294 permissionName, status, userID));
2295
2296 // Permission is system_grant.
2297 permissionName = "ohos.permission.USE_BLUETOOTH";
2298 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2299 permissionName, status, userID));
2300 }
2301
2302 /**
2303 * @tc.name: GetPermissionRequestToggleStatus002
2304 * @tc.desc: PermissionManager::GetPermissionRequestToggleStatus function test with normal process.
2305 * @tc.type: FUNC
2306 * @tc.require:
2307 */
2308 HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus002, TestSize.Level1)
2309 {
2310 int32_t userID = 123;
2311 uint32_t setStatusClose = PermissionRequestToggleStatus::CLOSED;
2312 uint32_t setStatusOpen = PermissionRequestToggleStatus::OPEN;
2313 uint32_t getStatus;
2314
2315 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2316 "ohos.permission.CAMERA", getStatus, userID));
2317
2318 ASSERT_EQ(setStatusOpen, getStatus);
2319
2320 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2321 "ohos.permission.CAMERA", setStatusClose, userID));
2322
2323 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2324 "ohos.permission.CAMERA", getStatus, userID));
2325
2326 ASSERT_EQ(setStatusClose, getStatus);
2327
2328 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2329 "ohos.permission.CAMERA", setStatusOpen, userID));
2330
2331 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2332 "ohos.permission.CAMERA", getStatus, userID));
2333
2334 ASSERT_EQ(setStatusOpen, getStatus);
2335 }
2336 } // namespace AccessToken
2337 } // namespace Security
2338 } // namespace OHOS
2339