1 /*
2 * Copyright (C) 2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "medialibrary_mock_tocken.h"
17
18 using namespace std;
19 namespace OHOS::Media {
20 using namespace testing::ext;
21
22 uint64_t MediaLibraryMockTokenUtils::shellToken_ = 0;
23 std::mutex MediaLibraryMockTokenUtils::lockShellToken;
24
RestoreShellToken(uint64_t shellTokenId)25 void MediaLibraryMockTokenUtils::RestoreShellToken(uint64_t shellTokenId)
26 {
27 lock_guard<std::mutex> guard(lockShellToken);
28 shellToken_ = shellTokenId;
29 }
30
ResetToken()31 void MediaLibraryMockTokenUtils::ResetToken()
32 {
33 lock_guard<std::mutex> guard(lockShellToken);
34 shellToken_ = 0;
35 }
36
GetShellToken()37 uint64_t MediaLibraryMockTokenUtils::GetShellToken()
38 {
39 lock_guard<std::mutex> guard(lockShellToken);
40 return shellToken_;
41 }
42
AllocTestHapToken(const HapInfoParams & hapInfo,HapPolicyParams & hapPolicy)43 AccessTokenIDEx MediaLibraryMockTokenUtils::AllocTestHapToken(const HapInfoParams &hapInfo, HapPolicyParams &hapPolicy)
44 {
45 AccessTokenIDEx tokenIdEx = {0};
46 uint64_t selfTokenId = GetSelfTokenID();
47 for (auto &permissionStateFull : hapPolicy.permStateList) {
48 PermissionDef permDefResult;
49 if (AccessTokenKit::GetDefPermission(permissionStateFull.permissionName, permDefResult) != RET_SUCCESS) {
50 continue;
51 }
52 if (permDefResult.availableLevel > hapPolicy.apl) {
53 hapPolicy.aclRequestedList.emplace_back(permissionStateFull.permissionName);
54 }
55 }
56 if (MediaLibraryMockTokenUtils::GetNativeTokenIdFromProcess("foundation") == selfTokenId) {
57 AccessTokenKit::InitHapToken(hapInfo, hapPolicy, tokenIdEx);
58 } else {
59 // set sh token for self
60 MediaLibraryMockNativeToken mock("foundation");
61 AccessTokenKit::InitHapToken(hapInfo, hapPolicy, tokenIdEx);
62 // restore
63 EXPECT_EQ(0, SetSelfTokenID(selfTokenId));
64 }
65 return tokenIdEx;
66 }
67
DeleteTestHapToken(AccessTokenID tokenID)68 int32_t MediaLibraryMockTokenUtils::DeleteTestHapToken(AccessTokenID tokenID)
69 {
70 uint64_t selfTokenId = GetSelfTokenID();
71 if (MediaLibraryMockTokenUtils::GetNativeTokenIdFromProcess("foundation") == selfTokenId) {
72 return AccessTokenKit::DeleteToken(tokenID);
73 }
74 // set sh token for self
75 MediaLibraryMockNativeToken mock("foundation");
76 int32_t ret = AccessTokenKit::DeleteToken(tokenID);
77 // restore
78 EXPECT_EQ(0, SetSelfTokenID(selfTokenId));
79 return ret;
80 }
81
GetNativeTokenIdFromProcess(const std::string & process)82 AccessTokenID MediaLibraryMockTokenUtils::GetNativeTokenIdFromProcess(const std::string &process)
83 {
84 uint64_t selfTokenId = GetSelfTokenID();
85 EXPECT_EQ(0, SetSelfTokenID(MediaLibraryMockTokenUtils::GetShellToken())); // set shell token
86
87 std::string dumpInfo;
88 AtmToolsParamInfo info;
89 info.processName = process;
90 AccessTokenKit::DumpTokenInfo(info, dumpInfo);
91 size_t pos = dumpInfo.find("\"tokenID\": ");
92 if (pos == std::string::npos) {
93 return 0;
94 }
95 pos += std::string("\"tokenID\": ").length();
96 std::string numStr;
97 while (pos < dumpInfo.length() && std::isdigit(dumpInfo[pos])) {
98 numStr += dumpInfo[pos];
99 ++pos;
100 }
101 // restore
102 EXPECT_EQ(0, SetSelfTokenID(selfTokenId));
103
104 std::istringstream iss(numStr);
105 AccessTokenID tokenID;
106 iss >> tokenID;
107 return tokenID;
108 }
109
110 // need call by native process
GetHapTokenIdFromBundle(int32_t userID,const std::string & bundleName,int32_t instIndex)111 AccessTokenIDEx MediaLibraryMockTokenUtils::GetHapTokenIdFromBundle(int32_t userID,
112 const std::string &bundleName, int32_t instIndex)
113 {
114 uint64_t selfTokenId = GetSelfTokenID();
115 ATokenTypeEnum type = AccessTokenKit::GetTokenTypeFlag(static_cast<AccessTokenID>(selfTokenId));
116 if (type != TOKEN_NATIVE) {
117 AccessTokenID tokenId1 = GetNativeTokenIdFromProcess("privacy_service");
118 EXPECT_EQ(0, SetSelfTokenID(tokenId1));
119 }
120 AccessTokenIDEx tokenIdEx = AccessTokenKit::GetHapTokenIDEx(userID, bundleName, instIndex);
121 EXPECT_EQ(0, SetSelfTokenID(selfTokenId));
122 return tokenIdEx;
123 }
124
GrantPermissionByTest(AccessTokenID tokenID,const std::string & permission,uint32_t flag)125 int32_t MediaLibraryMockTokenUtils::GrantPermissionByTest(AccessTokenID tokenID,
126 const std::string &permission, uint32_t flag)
127 {
128 std::vector<std::string> reqPerm;
129 reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
130 MediaLibraryMockHapToken mock("AccessTokenTestGrant", reqPerm);
131 return AccessTokenKit::GrantPermission(tokenID, permission, flag);
132 }
133
MediaLibraryMockNativeToken(const std::string & process)134 MediaLibraryMockNativeToken::MediaLibraryMockNativeToken(const std::string &process)
135 {
136 shellToken = GetSelfTokenID();
137 uint64_t tokenId = MediaLibraryMockTokenUtils::GetNativeTokenIdFromProcess(process);
138 SetSelfTokenID(tokenId);
139 }
140
~MediaLibraryMockNativeToken()141 MediaLibraryMockNativeToken::~MediaLibraryMockNativeToken()
142 {
143 SetSelfTokenID(shellToken);
144 }
145
MediaLibraryMockHapToken(const std::string & bundle,const std::vector<std::string> & reqPerm,bool isSystemApp)146 MediaLibraryMockHapToken::MediaLibraryMockHapToken(const std::string &bundle,
147 const std::vector<std::string> &reqPerm, bool isSystemApp)
148 {
149 // get shell token befor mock
150 shellToken = GetSelfTokenID();
151 HapInfoParams infoParams = {
152 .userID = 0,
153 .bundleName = bundle,
154 .instIndex = 0,
155 .appIDDesc = "AccessTokenTestAppID",
156 .apiVersion = MediaLibraryMockTokenUtils::DEFAULT_API_VERSION,
157 .isSystemApp = isSystemApp,
158 .appDistributionType = "",
159 };
160
161 HapPolicyParams policyParams = {
162 .apl = APL_NORMAL,
163 .domain = "accesstoken_test_domain",
164 };
165
166 for (size_t i = 0; i < reqPerm.size(); ++i) {
167 PermissionDef permDefResult;
168 if (AccessTokenKit::GetDefPermission(reqPerm[i], permDefResult) != RET_SUCCESS) {
169 continue;
170 }
171 PermissionStateFull permState = {.permissionName = reqPerm[i],
172 .isGeneral = true,
173 .resDeviceID = {"local3"},
174 .grantStatus = {PermissionState::PERMISSION_DENIED},
175 .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}};
176 policyParams.permStateList.emplace_back(permState);
177 if (permDefResult.availableLevel > policyParams.apl) {
178 policyParams.aclRequestedList.emplace_back(reqPerm[i]);
179 }
180 }
181 // mock hap token
182 AccessTokenIDEx tokenIdEx = MediaLibraryMockTokenUtils::AllocTestHapToken(infoParams, policyParams);
183 mockToken_ = tokenIdEx.tokenIdExStruct.tokenID;
184 EXPECT_NE(mockToken_, INVALID_TOKENID);
185 // reset token
186 EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx));
187 }
188
~MediaLibraryMockHapToken()189 MediaLibraryMockHapToken::~MediaLibraryMockHapToken()
190 {
191 if (mockToken_ != INVALID_TOKENID) {
192 EXPECT_EQ(0, MediaLibraryMockTokenUtils::DeleteTestHapToken(mockToken_));
193 }
194 EXPECT_EQ(0, SetSelfTokenID(shellToken));
195 }
196 }