1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "set_remote_hap_token_info_test.h"
17 #include <thread>
18
19 #include "access_token.h"
20 #include "accesstoken_kit.h"
21 #include "accesstoken_common_log.h"
22 #include "access_token_error.h"
23 #include "nativetoken_kit.h"
24 #include "test_common.h"
25 #include "token_setproc.h"
26
27 using namespace testing::ext;
28 using namespace OHOS::Security::AccessToken;
29
30 namespace {
31 static const std::string TEST_BUNDLE_NAME = "ohos";
32 static const std::string TEST_PKG_NAME = "com.softbus.test";
33 static uint64_t g_selfTokenId = 0;
34 static AccessTokenID g_testTokenId = 0x20100000;
35
36 HapTokenInfo g_baseInfo = {
37 .ver = 1,
38 .userID = 1,
39 .bundleName = "com.ohos.access_token",
40 .instIndex = 1,
41 .tokenID = g_testTokenId,
42 .tokenAttr = 0
43 };
44
45 #ifdef TOKEN_SYNC_ENABLE
46 static const int32_t FAKE_SYNC_RET = 0xabcdef;
47 class TokenSyncCallbackImpl : public TokenSyncKitInterface {
48 public:
~TokenSyncCallbackImpl()49 ~TokenSyncCallbackImpl()
50 {}
51
GetRemoteHapTokenInfo(const std::string & deviceID,AccessTokenID tokenID) const52 int32_t GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) const override
53 {
54 LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo called.");
55 return FAKE_SYNC_RET;
56 };
57
DeleteRemoteHapTokenInfo(AccessTokenID tokenID) const58 int32_t DeleteRemoteHapTokenInfo(AccessTokenID tokenID) const override
59 {
60 LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteHapTokenInfo called.");
61 return FAKE_SYNC_RET;
62 };
63
UpdateRemoteHapTokenInfo(const HapTokenInfoForSync & tokenInfo) const64 int32_t UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) const override
65 {
66 LOGI(ATM_DOMAIN, ATM_TAG, "UpdateRemoteHapTokenInfo called.");
67 return FAKE_SYNC_RET;
68 };
69 };
70 #endif
71 }
72
SetUpTestCase()73 void SetRemoteHapTokenInfoTest::SetUpTestCase()
74 {
75 g_selfTokenId = GetSelfTokenID();
76 TestCommon::SetTestEvironment(g_selfTokenId);
77
78 #ifdef TOKEN_SYNC_ENABLE
79 {
80 MockNativeToken mock("foundation");
81 std::shared_ptr<TestDmInitCallback> ptrDmInitCallback = std::make_shared<TestDmInitCallback>();
82 int32_t res =
83 DistributedHardware::DeviceManager::GetInstance().InitDeviceManager(TEST_PKG_NAME, ptrDmInitCallback);
84 ASSERT_EQ(res, RET_SUCCESS);
85 }
86 #endif
87 }
88
TearDownTestCase()89 void SetRemoteHapTokenInfoTest::TearDownTestCase()
90 {
91 #ifdef TOKEN_SYNC_ENABLE
92 {
93 MockNativeToken mock("foundation");
94 int32_t res = DistributedHardware::DeviceManager::GetInstance().UnInitDeviceManager(TEST_PKG_NAME);
95 ASSERT_EQ(res, RET_SUCCESS);
96 }
97 #endif
98 EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId));
99 TestCommon::ResetTestEvironment();
100 }
101
SetUp()102 void SetRemoteHapTokenInfoTest::SetUp()
103 {
104 #ifdef TOKEN_SYNC_ENABLE
105 MockNativeToken mock("foundation"); // distribute permission
106 DistributedHardware::DmDeviceInfo deviceInfo;
107 int32_t res = DistributedHardware::DeviceManager::GetInstance().GetLocalDeviceInfo(TEST_PKG_NAME, deviceInfo);
108 ASSERT_EQ(res, RET_SUCCESS);
109
110 networkId_ = std::string(deviceInfo.networkId);
111 ASSERT_NE(networkId_, "");
112
113 res = DistributedHardware::DeviceManager::GetInstance().GetUdidByNetworkId(TEST_PKG_NAME, networkId_, udid_);
114 ASSERT_EQ(res, RET_SUCCESS);
115 ASSERT_NE(udid_, "");
116 #endif
117
118 LOGI(ATM_DOMAIN, ATM_TAG, "SetUp ok.");
119 }
120
TearDown()121 void SetRemoteHapTokenInfoTest::TearDown()
122 {
123 EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId));
124 udid_.clear();
125 networkId_.clear();
126 }
127
128 #ifdef TOKEN_SYNC_ENABLE
129 /**
130 * @tc.name: SetRemoteHapTokenInfoFuncTest001
131 * @tc.desc: set remote hap token info success
132 * @tc.type: FUNC
133 * @tc.require:issue I5R4UF
134 */
135 HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest001, TestSize.Level0)
136 {
137 MockNativeToken mock("token_sync_service");
138 LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest001 start.");
139 std::string deviceID1 = udid_;
140 AccessTokenKit::DeleteRemoteToken(deviceID1, g_testTokenId);
141 PermissionStatus infoManagerTestState2 = {
142 .permissionName = "ohos.permission.CAMERA",
143 .grantStatus = PermissionState::PERMISSION_GRANTED,
144 .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED};
145 std::vector<PermissionStatus> permStateList1;
146 permStateList1.emplace_back(infoManagerTestState2);
147
148 HapTokenInfoForSync remoteTokenInfo1 = {
149 .baseInfo = g_baseInfo,
150 .permStateList = permStateList1
151 };
152
153 int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID1, remoteTokenInfo1);
154 ASSERT_EQ(ret, RET_SUCCESS);
155
156 // Get local map token ID
157 AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, g_testTokenId);
158 ASSERT_NE(mapID, 0);
159
160 // check local map token
161 HapTokenInfo resultInfo;
162 ret = AccessTokenKit::GetHapTokenInfo(mapID, resultInfo);
163 ASSERT_EQ(ret, RET_SUCCESS);
164 ASSERT_EQ(resultInfo.ver, remoteTokenInfo1.baseInfo.ver);
165 ASSERT_EQ(resultInfo.userID, remoteTokenInfo1.baseInfo.userID);
166 ASSERT_EQ(resultInfo.bundleName, remoteTokenInfo1.baseInfo.bundleName);
167 ASSERT_EQ(resultInfo.instIndex, remoteTokenInfo1.baseInfo.instIndex);
168 ASSERT_NE(resultInfo.tokenID, remoteTokenInfo1.baseInfo.tokenID); // tokenID already is map tokenID
169 ASSERT_EQ(resultInfo.tokenAttr, remoteTokenInfo1.baseInfo.tokenAttr);
170
171 ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.CAMERA", false);
172 ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
173
174 ret = AccessTokenKit::DeleteRemoteToken(deviceID1, g_testTokenId);
175 ASSERT_EQ(ret, RET_SUCCESS);
176 }
177
SetRemoteHapTokenInfoWithWrongInfo1(HapTokenInfo & wrongBaseInfo,const HapTokenInfo & rightBaseInfo,HapTokenInfoForSync & remoteTokenInfo,const std::string & deviceID)178 void SetRemoteHapTokenInfoWithWrongInfo1(HapTokenInfo &wrongBaseInfo, const HapTokenInfo &rightBaseInfo,
179 HapTokenInfoForSync &remoteTokenInfo, const std::string &deviceID)
180 {
181 std::string wrongStr(10241, 'x'); // 10241 means the invalid string length
182
183 wrongBaseInfo = rightBaseInfo;
184 wrongBaseInfo.bundleName = wrongStr; // wrong bundleName
185 remoteTokenInfo.baseInfo = wrongBaseInfo;
186 int32_t ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
187 EXPECT_NE(ret, RET_SUCCESS);
188
189 wrongBaseInfo = rightBaseInfo;
190 wrongBaseInfo.tokenID = 0; // wrong tokenID
191 remoteTokenInfo.baseInfo = wrongBaseInfo;
192 ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
193 EXPECT_NE(ret, RET_SUCCESS);
194 }
195
196 /**
197 * @tc.name: SetRemoteHapTokenInfoFuncTest002
198 * @tc.desc: set remote hap token info, token info is wrong
199 * @tc.type: FUNC
200 * @tc.require:issue I5R4UF
201 */
202 HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest002, TestSize.Level0)
203 {
204 MockNativeToken mock("token_sync_service");
205 LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest002 start.");
206 std::string deviceID2 = udid_;
207 AccessTokenKit::DeleteRemoteToken(deviceID2, g_testTokenId);
208 HapTokenInfo rightBaseInfo = {
209 .ver = 1,
210 .userID = 1,
211 .bundleName = "com.ohos.access_token",
212 .instIndex = 1,
213 .tokenID = g_testTokenId,
214 .tokenAttr = 0
215 };
216
217 HapTokenInfo wrongBaseInfo = rightBaseInfo;
218 wrongBaseInfo.userID = -11; // wrong userid
219
220 PermissionStatus infoManagerTestState_2 = {
221 .permissionName = "ohos.permission.test1",
222 .grantStatus = PermissionState::PERMISSION_GRANTED,
223 .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED};
224 std::vector<PermissionStatus> permStateList2;
225 permStateList2.emplace_back(infoManagerTestState_2);
226
227 HapTokenInfoForSync remoteTokenInfo2 = {
228 .baseInfo = wrongBaseInfo,
229 .permStateList = permStateList2
230 };
231
232 int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID2, remoteTokenInfo2);
233 ASSERT_NE(ret, RET_SUCCESS);
234
235 SetRemoteHapTokenInfoWithWrongInfo1(wrongBaseInfo, rightBaseInfo, remoteTokenInfo2, deviceID2);
236 }
237
238 /**
239 * @tc.name: SetRemoteHapTokenInfoFuncTest003
240 * @tc.desc: set remote hap token wrong permission grant
241 * @tc.type: FUNC
242 * @tc.require:issue I5R4UF
243 */
244 HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest003, TestSize.Level0)
245 {
246 MockNativeToken mock("token_sync_service");
247 LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest003 start.");
248 std::string deviceID3 = udid_;
249 AccessTokenKit::DeleteRemoteToken(deviceID3, g_testTokenId);
250
251 PermissionStatus infoManagerTestState_3 = {
252 .permissionName = "ohos.permission.test1",
253 .grantStatus = PermissionState::PERMISSION_GRANTED,
254 .grantFlag = 11, // wrong flags
255 };
256 std::vector<PermissionStatus> permStateList3;
257 permStateList3.emplace_back(infoManagerTestState_3);
258
259 HapTokenInfoForSync remoteTokenInfo3 = {
260 .baseInfo = g_baseInfo,
261 .permStateList = permStateList3
262 };
263
264 int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID3, remoteTokenInfo3);
265 ASSERT_EQ(ret, RET_SUCCESS);
266
267 // Get local map token ID
268 AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, g_testTokenId);
269 ASSERT_NE(mapID, 0);
270
271 ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1", false);
272 ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
273
274 ret = AccessTokenKit::DeleteRemoteToken(deviceID3, g_testTokenId);
275 ASSERT_EQ(ret, RET_SUCCESS);
276 }
277
278 /**
279 * @tc.name: SetRemoteHapTokenInfoFuncTest004
280 * @tc.desc: update remote hap token when remote exist
281 * @tc.type: FUNC
282 * @tc.require:issue I5R4UF
283 */
284 HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest004, TestSize.Level0)
285 {
286 MockNativeToken mock("token_sync_service");
287 LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest004 start.");
288 std::string deviceID4 = udid_;
289 AccessTokenKit::DeleteRemoteToken(deviceID4, g_testTokenId);
290 PermissionStatus infoManagerTestState_4 = {
291 .permissionName = "ohos.permission.CAMERA",
292 .grantStatus = PermissionState::PERMISSION_DENIED, // first denied
293 .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED};
294 std::vector<PermissionStatus> permStateList4;
295 permStateList4.emplace_back(infoManagerTestState_4);
296
297 HapTokenInfoForSync remoteTokenInfo4 = {
298 .baseInfo = g_baseInfo,
299 .permStateList = permStateList4
300 };
301
302 int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID4, remoteTokenInfo4);
303 ASSERT_EQ(ret, RET_SUCCESS);
304
305 // Get local map token ID
306 AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, g_testTokenId);
307 ASSERT_NE(mapID, 0);
308
309 ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.CAMERA", false);
310 ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
311
312 remoteTokenInfo4.permStateList[0].grantStatus = PermissionState::PERMISSION_GRANTED; // second granted
313 ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID4, remoteTokenInfo4);
314 ASSERT_EQ(ret, RET_SUCCESS);
315
316 ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.CAMERA", false);
317 ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
318
319 ret = AccessTokenKit::DeleteRemoteToken(deviceID4, g_testTokenId);
320 ASSERT_EQ(ret, RET_SUCCESS);
321 }
322
323 /**
324 * @tc.name: SetRemoteHapTokenInfoSpecTest001
325 * @tc.desc: add remote hap token, it can not grant by GrantPermission
326 * @tc.type: FUNC
327 * @tc.require:issue I5R4UF
328 */
329 HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest001, TestSize.Level0)
330 {
331 MockNativeToken mock("token_sync_service");
332 LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest001 start.");
333 std::string deviceID5 = udid_;
334 AccessTokenKit::DeleteRemoteToken(deviceID5, g_testTokenId);
335 PermissionStatus infoManagerTestState5 = {
336 .permissionName = "ohos.permission.test1",
337 .grantStatus = PermissionState::PERMISSION_DENIED, // first denied
338 .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED};
339 std::vector<PermissionStatus> permStateList5;
340 permStateList5.emplace_back(infoManagerTestState5);
341
342 HapTokenInfoForSync remoteTokenInfo5 = {
343 .baseInfo = g_baseInfo,
344 .permStateList = permStateList5
345 };
346
347 int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID5, remoteTokenInfo5);
348 ASSERT_EQ(ret, RET_SUCCESS);
349
350 // Get local map token ID
351 AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, g_testTokenId);
352 ASSERT_NE(mapID, 0);
353
354 ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1", false);
355 ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
356
357 {
358 std::vector<std::string> reqPerm;
359 reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
360 MockHapToken mock("SetRemoteHapTokenInfoSpecTest001", reqPerm);
361 ret = AccessTokenKit::GrantPermission(mapID, "ohos.permission.test1", PermissionFlag::PERMISSION_SYSTEM_FIXED);
362 ASSERT_EQ(ret, ERR_PERMISSION_NOT_EXIST);
363 }
364
365 ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1", false);
366 ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
367
368 ret = AccessTokenKit::DeleteRemoteToken(deviceID5, g_testTokenId);
369 ASSERT_EQ(ret, RET_SUCCESS);
370 }
371
372 /**
373 * @tc.name: SetRemoteHapTokenInfoSpecTest002
374 * @tc.desc: add remote hap token, it can not revoke by RevokePermission
375 * @tc.type: FUNC
376 * @tc.require:issue I5R4UF
377 */
378 HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest002, TestSize.Level0)
379 {
380 MockNativeToken mock("token_sync_service");
381 LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest002 start.");
382 std::string deviceID6 = udid_;
383 AccessTokenKit::DeleteRemoteToken(deviceID6, g_testTokenId);
384 PermissionStatus infoManagerTestState6 = {
385 .permissionName = "ohos.permission.READ_AUDIO",
386 .grantStatus = PermissionState::PERMISSION_GRANTED, // first grant
387 .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED};
388 PermissionStatus infoManagerTestState7 = {
389 .permissionName = "ohos.permission.test1",
390 .grantStatus = PermissionState::PERMISSION_GRANTED, // first grant
391 .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED};
392 std::vector<PermissionStatus> permStateList6;
393 permStateList6.emplace_back(infoManagerTestState6);
394 permStateList6.emplace_back(infoManagerTestState7);
395
396 HapTokenInfoForSync remoteTokenInfo6 = {
397 .baseInfo = g_baseInfo,
398 .permStateList = permStateList6
399 };
400
401 int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID6, remoteTokenInfo6);
402 ASSERT_EQ(ret, RET_SUCCESS);
403
404 // Get local map token ID
405 AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, g_testTokenId);
406 ASSERT_NE(mapID, 0);
407
408 ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.READ_AUDIO", false);
409 EXPECT_EQ(ret, PermissionState::PERMISSION_GRANTED);
410
411 {
412 std::vector<std::string> reqPerm;
413 reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
414 MockHapToken mock("SetRemoteHapTokenInfoSpecTest002", reqPerm);
415 ret = AccessTokenKit::RevokePermission(mapID, "ohos.permission.test1", PermissionFlag::PERMISSION_SYSTEM_FIXED);
416 ASSERT_EQ(ret, ERR_PERMISSION_NOT_EXIST);
417 }
418
419 ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.READ_AUDIO", false);
420 EXPECT_EQ(ret, PermissionState::PERMISSION_GRANTED);
421
422 ret = AccessTokenKit::DeleteRemoteToken(deviceID6, g_testTokenId);
423 EXPECT_EQ(ret, RET_SUCCESS);
424 }
425
426 /**
427 * @tc.name: SetRemoteHapTokenInfoSpecTest003
428 * @tc.desc: add remote hap token, it can not delete by DeleteToken
429 * @tc.type: FUNC
430 * @tc.require:issue I5R4UF
431 */
432 HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest003, TestSize.Level0)
433 {
434 MockNativeToken mock("token_sync_service");
435 LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest003 start.");
436 std::string deviceID7 = udid_;
437 AccessTokenKit::DeleteRemoteToken(deviceID7, g_testTokenId);
438 PermissionStatus infoManagerTestState7 = {
439 .permissionName = "ohos.permission.READ_AUDIO",
440 .grantStatus = PermissionState::PERMISSION_DENIED, // first denied
441 .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED};
442 std::vector<PermissionStatus> permStateList7;
443 permStateList7.emplace_back(infoManagerTestState7);
444
445 HapTokenInfoForSync remoteTokenInfo7 = {
446 .baseInfo = g_baseInfo,
447 .permStateList = permStateList7
448 };
449
450 int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID7, remoteTokenInfo7);
451 ASSERT_EQ(ret, RET_SUCCESS);
452
453 // Get local map token ID
454 AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, g_testTokenId);
455 ASSERT_NE(mapID, 0);
456
457 ret = AccessTokenKit::DeleteToken(mapID);
458 ASSERT_NE(ret, RET_SUCCESS);
459
460 ret = AccessTokenKit::DeleteRemoteToken(deviceID7, g_testTokenId);
461 ASSERT_EQ(ret, RET_SUCCESS);
462 }
463
464 /**
465 * @tc.name: SetRemoteHapTokenInfoSpecTest004
466 * @tc.desc: add remote hap token, it can not update by UpdateHapToken
467 * @tc.type: FUNC
468 * @tc.require:issue I5R4UF
469 */
470 HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest004, TestSize.Level0)
471 {
472 MockNativeToken mock("token_sync_service");
473 LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest004 start.");
474 std::string deviceID8 = udid_;
475 AccessTokenKit::DeleteRemoteToken(deviceID8, g_testTokenId);
476 int32_t DEFAULT_API_VERSION = 8;
477 PermissionStatus infoManagerTestState8 = {
478 .permissionName = "ohos.permission.test1",
479 .grantStatus = PermissionState::PERMISSION_DENIED, // first denied
480 .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED};
481 std::vector<PermissionStatus> permStateList8;
482 permStateList8.emplace_back(infoManagerTestState8);
483
484 HapTokenInfoForSync remoteTokenInfo8 = {
485 .baseInfo = g_baseInfo,
486 .permStateList = permStateList8
487 };
488
489 int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID8, remoteTokenInfo8);
490 ASSERT_EQ(ret, RET_SUCCESS);
491
492 // Get local map token ID
493 AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, g_testTokenId);
494 ASSERT_NE(mapID, 0);
495 AccessTokenIDEx tokenIdEx {
496 .tokenIdExStruct.tokenID = mapID,
497 .tokenIdExStruct.tokenAttr = 0,
498 };
499 HapPolicyParams policy;
500 UpdateHapInfoParams info;
501 info.appIDDesc = std::string("updateFailed");
502 info.apiVersion = DEFAULT_API_VERSION;
503 info.isSystemApp = false;
504 ret = AccessTokenKit::UpdateHapToken(tokenIdEx, info, policy);
505 ASSERT_EQ(ret, AccessTokenError::ERR_PARAM_INVALID);
506
507 ret = AccessTokenKit::DeleteRemoteToken(deviceID8, g_testTokenId);
508 ASSERT_EQ(ret, RET_SUCCESS);
509 }
510
511 /**
512 * @tc.name: SetRemoteHapTokenInfoSpecTest005
513 * @tc.desc: add remote hap token, it can not clear by ClearUserGrantedPermissionState
514 * @tc.type: FUNC
515 * @tc.require:issue I5R4UF
516 */
517 HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest005, TestSize.Level0)
518 {
519 MockNativeToken mock("token_sync_service");
520 LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest005 start.");
521 std::string deviceID9 = udid_;
522 AccessTokenKit::DeleteRemoteToken(deviceID9, g_testTokenId);
523 PermissionStatus infoManagerTestState9 = {
524 .permissionName = "ohos.permission.CAMERA",
525 .grantStatus = PermissionState::PERMISSION_GRANTED,
526 .grantFlag = PermissionFlag::PERMISSION_USER_SET};
527 std::vector<PermissionStatus> permStateList9;
528 permStateList9.emplace_back(infoManagerTestState9);
529
530 HapTokenInfoForSync remoteTokenInfo9 = {
531 .baseInfo = g_baseInfo,
532 .permStateList = permStateList9
533 };
534
535 int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID9, remoteTokenInfo9);
536 ASSERT_EQ(ret, RET_SUCCESS);
537
538 // Get local map token ID
539 AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, g_testTokenId);
540 ASSERT_NE(mapID, 0);
541
542 ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.CAMERA", false);
543 ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
544
545 {
546 MockNativeToken mock("foundation");
547 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::ClearUserGrantedPermissionState(mapID));
548 }
549
550 ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.CAMERA", false);
551 ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
552
553 ret = AccessTokenKit::DeleteRemoteToken(deviceID9, g_testTokenId);
554 ASSERT_EQ(ret, RET_SUCCESS);
555 }
556
557 /**
558 * @tc.name: SetRemoteHapTokenInfoSpecTest006
559 * @tc.desc: tokenID is not hap token
560 * @tc.type: FUNC
561 * @tc.require:issue I5R4UF
562 */
563 HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest006, TestSize.Level0)
564 {
565 MockNativeToken mock("token_sync_service");
566 LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest006 start.");
567 std::string deviceID = udid_;
568 HapTokenInfo baseInfo = {
569 .ver = 1,
570 .userID = 1,
571 .bundleName = "com.ohos.access_token",
572 .instIndex = 1,
573 .tokenID = 0x28100000,
574 .tokenAttr = 0
575 };
576
577 PermissionStatus infoManagerTestState = {
578 .permissionName = "ohos.permission.test1",
579 .grantStatus = PermissionState::PERMISSION_GRANTED,
580 .grantFlag = PermissionFlag::PERMISSION_USER_SET};
581 std::vector<PermissionStatus> permStateList;
582 permStateList.emplace_back(infoManagerTestState);
583
584 HapTokenInfoForSync remoteTokenInfo = {
585 .baseInfo = baseInfo,
586 .permStateList = permStateList
587 };
588
589 int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
590 ASSERT_NE(ret, RET_SUCCESS);
591 }
592
593 /**
594 * @tc.name: SetRemoteHapTokenInfoAbnormalTest001
595 * @tc.desc: SetRemoteHapTokenInfo with no permission
596 * @tc.type: FUNC
597 * @tc.require:
598 */
599 HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoAbnormalTest001, TestSize.Level0)
600 {
601 LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoAbnormalTest001 start.");
602 std::string device = "device";
603 HapTokenInfoForSync hapSync;
604 ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::SetRemoteHapTokenInfo(device, hapSync));
605 }
606 #endif