1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "get_permission_flag_test.h"
17 #include "gtest/gtest.h"
18 #include <thread>
19 #include <unistd.h>
20
21 #include "access_token.h"
22 #include "access_token_error.h"
23 #include "accesstoken_common_log.h"
24 #include "iaccess_token_manager.h"
25 #include "permission_grant_info.h"
26 #include "permission_state_change_info_parcel.h"
27 #include "string_ex.h"
28 #include "test_common.h"
29 #include "tokenid_kit.h"
30 #include "token_setproc.h"
31
32 using namespace testing::ext;
33 namespace OHOS {
34 namespace Security {
35 namespace AccessToken {
36 namespace {
37 static uint64_t g_selfTokenId = 0;
38 static const std::string TEST_BUNDLE_NAME = "ohos";
39 static const unsigned int TEST_TOKENID_INVALID = 0;
40 static const int TEST_USER_ID = 0;
41 static constexpr int32_t DEFAULT_API_VERSION = 8;
42 static const int INVALID_PERMNAME_LEN = 260;
43 static const int CYCLE_TIMES = 100;
44 static const std::string PERMISSION_MICROPHONE = "ohos.permission.MICROPHONE";
45 static const std::string GRANT_SENSITIVE_PERMISSION = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS";
46 static MockHapToken* g_mock = nullptr;
47 }
48
SetUpTestCase()49 void GetPermissionFlagTest::SetUpTestCase()
50 {
51 g_selfTokenId = GetSelfTokenID();
52 TestCommon::SetTestEvironment(g_selfTokenId);
53
54 // clean up test cases
55 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
56 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
57 if (tokenID != INVALID_TOKENID) {
58 TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
59 }
60
61 std::vector<std::string> reqPerm;
62 reqPerm.emplace_back(GRANT_SENSITIVE_PERMISSION);
63 g_mock = new (std::nothrow) MockHapToken("GetPermissionFlagTest", reqPerm, true);
64 }
65
TearDownTestCase()66 void GetPermissionFlagTest::TearDownTestCase()
67 {
68 // clean up test cases
69 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
70 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
71 if (tokenID != INVALID_TOKENID) {
72 TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
73 }
74 if (g_mock != nullptr) {
75 delete g_mock;
76 g_mock = nullptr;
77 }
78 SetSelfTokenID(g_selfTokenId);
79 TestCommon::ResetTestEvironment();
80 }
81
SetUp()82 void GetPermissionFlagTest::SetUp()
83 {
84 LOGI(ATM_DOMAIN, ATM_TAG, "SetUp ok.");
85
86 setuid(0);
87 HapInfoParams info = {
88 .userID = TEST_USER_ID,
89 .bundleName = TEST_BUNDLE_NAME,
90 .instIndex = 0,
91 .appIDDesc = "appIDDesc",
92 .apiVersion = DEFAULT_API_VERSION
93 };
94
95 HapPolicyParams policy = {
96 .apl = APL_NORMAL,
97 .domain = "domain"
98 };
99 PermissionStateFull permStatMicro = {
100 .permissionName = PERMISSION_MICROPHONE,
101 .isGeneral = true,
102 .resDeviceID = {"device3"},
103 .grantStatus = {PermissionState::PERMISSION_DENIED},
104 .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
105 };
106
107 policy.permStateList.emplace_back(permStatMicro);
108
109 AccessTokenIDEx tokenIdEx = {0};
110 EXPECT_EQ(RET_SUCCESS, TestCommon::AllocTestHapToken(info, policy, tokenIdEx));
111 EXPECT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
112 }
113
TearDown()114 void GetPermissionFlagTest::TearDown()
115 {
116 // clean up test cases
117 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
118 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
119 if (tokenID != INVALID_TOKENID) {
120 TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID);
121 }
122 }
123
124 /**
125 * @tc.name: GetPermissionFlagFuncTest001
126 * @tc.desc: Get permission flag after grant permission.
127 * @tc.type: FUNC
128 * @tc.require: Issue Number
129 */
130 HWTEST_F(GetPermissionFlagTest, GetPermissionFlagFuncTest001, TestSize.Level0)
131 {
132 LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionFlagFuncTest001");
133 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
134 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
135 ASSERT_NE(INVALID_TOKENID, tokenID);
136 ASSERT_EQ(
137 RET_SUCCESS, AccessTokenKit::GrantPermission(tokenID, "ohos.permission.MICROPHONE", PERMISSION_USER_FIXED));
138
139 uint32_t flag;
140 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetPermissionFlag(tokenID, PERMISSION_MICROPHONE, flag));
141 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
142
143 ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
144 }
145
146 /**
147 * @tc.name: GetPermissionFlagAbnormalTest001
148 * @tc.desc: Get permission flag that tokenID or permission is invalid.
149 * @tc.type: FUNC
150 * @tc.require: Issue Number
151 */
152 HWTEST_F(GetPermissionFlagTest, GetPermissionFlagAbnormalTest001, TestSize.Level0)
153 {
154 LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionFlagAbnormalTest001");
155
156 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
157 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
158 ASSERT_NE(INVALID_TOKENID, tokenID);
159
160 uint32_t flag;
161 int ret = AccessTokenKit::GetPermissionFlag(tokenID, "ohos.permission.GAMMA", flag);
162 EXPECT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
163
164 ret = AccessTokenKit::GetPermissionFlag(tokenID, "", flag);
165 EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
166
167 std::string invalidPerm(INVALID_PERMNAME_LEN, 'a');
168 ret = AccessTokenKit::GetPermissionFlag(tokenID, invalidPerm, flag);
169 EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
170
171 ret = AccessTokenKit::GetPermissionFlag(TEST_TOKENID_INVALID, PERMISSION_MICROPHONE, flag);
172 EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
173
174 EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
175
176 ret = AccessTokenKit::GetPermissionFlag(tokenID, "ohos.permission.ALPHA", flag);
177 EXPECT_EQ(AccessTokenError::ERR_PERMISSION_NOT_EXIST, ret);
178 }
179
180 /**
181 * @tc.name: GetPermissionFlagSpecTest001
182 * @tc.desc: GetPermissionFlag is invoked multiple times.
183 * @tc.type: FUNC
184 * @tc.require: Issue Number
185 */
186 HWTEST_F(GetPermissionFlagTest, GetPermissionFlagSpecTest001, TestSize.Level0)
187 {
188 LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionFlagSpecTest001");
189
190 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
191 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
192 ASSERT_NE(INVALID_TOKENID, tokenID);
193 uint32_t flag;
194 for (int i = 0; i < CYCLE_TIMES; i++) {
195 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GrantPermission(tokenID, PERMISSION_MICROPHONE, PERMISSION_USER_FIXED));
196
197 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetPermissionFlag(tokenID, PERMISSION_MICROPHONE, flag));
198 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
199 }
200 ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID));
201 }
202
203 /**
204 * @tc.name: GetPermissionFlagSpecTest002
205 * @tc.desc: GetPermissionFlag caller is normal app.
206 * @tc.type: FUNC
207 * @tc.require: issueI66BH3
208 */
209 HWTEST_F(GetPermissionFlagTest, GetPermissionFlagSpecTest002, TestSize.Level0)
210 {
211 LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionFlagSpecTest002");
212
213 bool isSystemApp = false;
214 std::vector<std::string> reqPerm;
215 reqPerm.emplace_back(GRANT_SENSITIVE_PERMISSION);
216 MockHapToken mock("GetPermissionFlagSpecTest002", reqPerm, isSystemApp);
217
218 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
219 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
220
221 uint32_t flag;
222 EXPECT_EQ(ERR_NOT_SYSTEM_APP, AccessTokenKit::GetPermissionFlag(tokenID, PERMISSION_MICROPHONE, flag));
223 }
224
225 /**
226 * @tc.name: GetPermissionFlagSpecTest003
227 * @tc.desc: GetPermissionFlag caller is system app.
228 * @tc.type: FUNC
229 * @tc.require: issueI66BH3
230 */
231 HWTEST_F(GetPermissionFlagTest, GetPermissionFlagSpecTest003, TestSize.Level0)
232 {
233 LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionFlagSpecTest003");
234
235 bool isSystemApp = true;
236 std::vector<std::string> reqPerm;
237 reqPerm.emplace_back(GRANT_SENSITIVE_PERMISSION);
238 MockHapToken mock("GetPermissionFlagSpecTest003", reqPerm, isSystemApp);
239
240 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
241 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
242 ASSERT_NE(INVALID_TOKENID, tokenID);
243 ASSERT_EQ(
244 RET_SUCCESS, AccessTokenKit::GrantPermission(tokenID, "ohos.permission.MICROPHONE", PERMISSION_USER_FIXED));
245
246 uint32_t flag;
247 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetPermissionFlag(tokenID, PERMISSION_MICROPHONE, flag));
248 ASSERT_EQ(PERMISSION_USER_FIXED, flag);
249 }
250 } // namespace AccessToken
251 } // namespace Security
252 } // namespace OHOS