1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "app_installation_optimized_test.h"
17 #include <thread>
18
19 #include "access_token_error.h"
20 #include "accesstoken_common_log.h"
21 #include "iaccess_token_manager.h"
22 #include "nativetoken_kit.h"
23 #include "permission_grant_info.h"
24 #include "permission_state_change_info_parcel.h"
25 #include "string_ex.h"
26 #include "test_common.h"
27 #include "tokenid_kit.h"
28 #include "token_setproc.h"
29
30 using namespace testing::ext;
31 namespace OHOS {
32 namespace Security {
33 namespace AccessToken {
34 namespace {
35 const std::string CERT_PERMISSION = "ohos.permission.ACCESS_CERT_MANAGER";
36 const std::string CALENDAR_PERMISSION = "ohos.permission.WRITE_CALENDAR";
37 const std::string APP_TRACKING_PERMISSION = "ohos.permission.APP_TRACKING_CONSENT";
38 const std::string ACCESS_BLUETOOTH_PERMISSION = "ohos.permission.ACCESS_BLUETOOTH";
39 static constexpr int32_t DEFAULT_API_VERSION = 8;
40 static constexpr int32_t MAX_PERM_LIST_SIZE = 1024;
41 static MockNativeToken* g_mock;
42
43 PermissionStateFull g_infoManagerCameraState = {
44 .permissionName = APP_TRACKING_PERMISSION,
45 .isGeneral = true,
46 .resDeviceID = {"local2"},
47 .grantStatus = {PermissionState::PERMISSION_DENIED},
48 .grantFlags = {0}
49 };
50
51 PermissionStateFull g_infoBlueToothManagerState = {
52 .permissionName = ACCESS_BLUETOOTH_PERMISSION,
53 .isGeneral = true,
54 .resDeviceID = {"local2"},
55 .grantStatus = {PermissionState::PERMISSION_DENIED},
56 .grantFlags = {0}
57 };
58
59 PermissionStateFull g_infoManagerMicrophoneState = {
60 .permissionName = CALENDAR_PERMISSION,
61 .isGeneral = true,
62 .resDeviceID = {"local2"},
63 .grantStatus = {PermissionState::PERMISSION_DENIED},
64 .grantFlags = {0}
65 };
66
67 PermissionStateFull g_infoManagerCertState = {
68 .permissionName = CERT_PERMISSION,
69 .isGeneral = true,
70 .resDeviceID = {"local3"},
71 .grantStatus = {PermissionState::PERMISSION_DENIED},
72 .grantFlags = {0}
73 };
74
75 PermissionStateFull g_infoManagerTestState4 = {
76 .permissionName = "ohos.permission.ACCESS_BUNDLE_DIR",
77 .isGeneral = true,
78 .resDeviceID = {"local3"},
79 .grantStatus = {PermissionState::PERMISSION_DENIED},
80 .grantFlags = {0}
81 };
82
83 PermissionStateFull g_infoManagerTestStateMdm = {
84 .permissionName = "ohos.permission.SET_ENTERPRISE_INFO",
85 .isGeneral = true,
86 .resDeviceID = {"local3"},
87 .grantStatus = {PermissionState::PERMISSION_DENIED},
88 .grantFlags = {0}
89 };
90
91 HapInfoParams g_testHapInfoParams = {
92 .userID = 1,
93 .bundleName = "testName",
94 .instIndex = 0,
95 .appIDDesc = "test2",
96 .apiVersion = 11 // api version is 11
97 };
98
99 HapPolicyParams g_testPolicyParams = {
100 .apl = APL_NORMAL,
101 .domain = "test.domain2",
102 .permStateList = {
103 g_infoManagerCameraState,
104 g_infoManagerMicrophoneState,
105 g_infoManagerCertState
106 }
107 };
108 uint64_t g_selfShellTokenId;
109 }
110
SetUpTestCase()111 void AppInstallationOptimizedTest::SetUpTestCase()
112 {
113 g_selfShellTokenId = GetSelfTokenID();
114 TestCommon::SetTestEvironment(g_selfShellTokenId);
115 g_mock = new (std::nothrow) MockNativeToken("foundation");
116
117 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(
118 g_testHapInfoParams.userID, g_testHapInfoParams.bundleName, g_testHapInfoParams.instIndex);
119 AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
120 }
121
TearDownTestCase()122 void AppInstallationOptimizedTest::TearDownTestCase()
123 {
124 if (g_mock != nullptr) {
125 delete g_mock;
126 g_mock = nullptr;
127 }
128 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(
129 g_testHapInfoParams.userID, g_testHapInfoParams.bundleName, g_testHapInfoParams.instIndex);
130 AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID);
131
132 EXPECT_EQ(0, SetSelfTokenID(g_selfShellTokenId));
133 TestCommon::ResetTestEvironment();
134 }
135
SetUp()136 void AppInstallationOptimizedTest::SetUp()
137 {
138 LOGI(ATM_DOMAIN, ATM_TAG, "SetUp ok.");
139 }
140
TearDown()141 void AppInstallationOptimizedTest::TearDown()
142 {
143 }
144
145 /**
146 * @tc.name: InitHapToken001
147 * @tc.desc:Init a tokenId successfully, delete it successfully the first time and fail to delete it again.
148 * @tc.type: FUNC
149 * @tc.require: Issue Number
150 */
151 HWTEST_F(AppInstallationOptimizedTest, InitHapToken001, TestSize.Level0)
152 {
153 AccessTokenIDEx fullTokenId;
154 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, g_testPolicyParams, fullTokenId);
155 EXPECT_EQ(RET_SUCCESS, ret);
156 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
157 ASSERT_NE(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
158 }
159
160 /**
161 * @tc.name: InitHapToken002
162 * @tc.desc:
163 * @tc.type: FUNC
164 * @tc.require: Issue Number
165 */
166 HWTEST_F(AppInstallationOptimizedTest, InitHapToken002, TestSize.Level0)
167 {
168 HapPolicyParams testPolicyParams = {
169 .apl = APL_SYSTEM_BASIC,
170 .domain = "test.domain2",
171 .permStateList = {g_infoManagerCertState}
172 };
173 AccessTokenIDEx fullTokenId;
174 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams, fullTokenId);
175 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
176 EXPECT_EQ(RET_SUCCESS, res);
177 int32_t ret = AccessTokenKit::VerifyAccessToken(
178 fullTokenId.tokenIdExStruct.tokenID, CERT_PERMISSION);
179 EXPECT_EQ(ret, PERMISSION_GRANTED);
180 std::vector<PermissionStateFull> permStatList;
181 res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList, true);
182 ASSERT_EQ(RET_SUCCESS, res);
183 EXPECT_EQ(static_cast<uint32_t>(1), permStatList.size());
184 EXPECT_EQ(CERT_PERMISSION, permStatList[0].permissionName);
185 EXPECT_EQ(permStatList[0].grantFlags[0], PERMISSION_SYSTEM_FIXED);
186 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
187 }
188
189 /**
190 * @tc.name: InitHapToken003
191 * @tc.desc:
192 * @tc.type: FUNC
193 * @tc.require: Issue Number
194 */
195 HWTEST_F(AppInstallationOptimizedTest, InitHapToken003, TestSize.Level0)
196 {
197 HapPolicyParams testPolicyParams = {
198 .apl = APL_NORMAL,
199 .domain = "test.domain2",
200 .permStateList = {g_infoManagerMicrophoneState}
201 };
202 AccessTokenIDEx fullTokenId;
203 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams, fullTokenId);
204 EXPECT_EQ(RET_SUCCESS, res);
205 int32_t ret = AccessTokenKit::VerifyAccessToken(
206 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION);
207 EXPECT_EQ(ret, PERMISSION_DENIED);
208 uint32_t flag;
209 TestCommon::GetPermissionFlagByTest(fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION, flag);
210 EXPECT_EQ(flag, PERMISSION_DEFAULT_FLAG);
211 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
212 }
213
214 /**
215 * @tc.name: InitHapToken004
216 * @tc.desc:
217 * @tc.type: FUNC
218 * @tc.require: Issue Number
219 */
220 HWTEST_F(AppInstallationOptimizedTest, InitHapToken004, TestSize.Level0)
221 {
222 PreAuthorizationInfo info1 = {
223 .permissionName = CALENDAR_PERMISSION,
224 .userCancelable = false
225 };
226 HapPolicyParams testPolicyParams = {
227 .apl = APL_NORMAL,
228 .domain = "test.domain2",
229 .permStateList = {g_infoManagerMicrophoneState},
230 .preAuthorizationInfo = {info1},
231 };
232 AccessTokenIDEx fullTokenId;
233 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams, fullTokenId);
234 EXPECT_EQ(RET_SUCCESS, res);
235 int32_t ret = AccessTokenKit::VerifyAccessToken(
236 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION);
237 EXPECT_EQ(ret, PERMISSION_GRANTED);
238 std::vector<PermissionStateFull> permStatList;
239 res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList, false);
240 EXPECT_EQ(RET_SUCCESS, res);
241 EXPECT_EQ(static_cast<uint32_t>(1), permStatList.size());
242 EXPECT_EQ(CALENDAR_PERMISSION, permStatList[0].permissionName);
243 EXPECT_EQ(permStatList[0].grantFlags[0], PERMISSION_SYSTEM_FIXED);
244 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
245 }
246
247
248 /**
249 * @tc.name: InitHapToken005
250 * @tc.desc:
251 * @tc.type: FUNC
252 * @tc.require: Issue Number
253 */
254 HWTEST_F(AppInstallationOptimizedTest, InitHapToken005, TestSize.Level0)
255 {
256 PreAuthorizationInfo info1 = {
257 .permissionName = CALENDAR_PERMISSION,
258 .userCancelable = true
259 };
260 HapPolicyParams testPolicyParams = {
261 .apl = APL_NORMAL,
262 .domain = "test.domain2",
263 .permStateList = {g_infoManagerMicrophoneState},
264 .preAuthorizationInfo = {info1},
265 };
266 AccessTokenIDEx fullTokenId;
267 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams, fullTokenId);
268 EXPECT_EQ(RET_SUCCESS, res);
269 int32_t ret = AccessTokenKit::VerifyAccessToken(
270 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION);
271 EXPECT_EQ(ret, PERMISSION_GRANTED);
272
273 std::vector<PermissionStateFull> permStatList;
274 res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList, false);
275 EXPECT_EQ(RET_SUCCESS, res);
276 EXPECT_EQ(static_cast<uint32_t>(1), permStatList.size());
277 EXPECT_EQ(CALENDAR_PERMISSION, permStatList[0].permissionName);
278 EXPECT_EQ(permStatList[0].grantFlags[0], PERMISSION_PRE_AUTHORIZED_CANCELABLE);
279 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
280 }
281
282 /**
283 * @tc.name: InitHapToken006
284 * @tc.desc:
285 * @tc.type: FUNC
286 * @tc.require: Issue Number
287 */
288 HWTEST_F(AppInstallationOptimizedTest, InitHapToken006, TestSize.Level0)
289 {
290 HapPolicyParams testPolicyParam = {
291 .apl = APL_SYSTEM_BASIC,
292 .domain = "test.domain2",
293 .permStateList = {g_infoManagerTestStateMdm},
294 };
295 g_testHapInfoParams.appDistributionType = "enterprise_mdm";
296 AccessTokenIDEx fullTokenId;
297 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
298 EXPECT_EQ(RET_SUCCESS, res);
299 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
300 }
301
302 /**
303 * @tc.name: InitHapToken007
304 * @tc.desc:
305 * @tc.type: FUNC
306 * @tc.require: Issue Number
307 */
308 HWTEST_F(AppInstallationOptimizedTest, InitHapToken007, TestSize.Level0)
309 {
310 HapPolicyParams testPolicyParam = {
311 .apl = APL_SYSTEM_BASIC,
312 .domain = "test.domain2",
313 .permStateList = {g_infoManagerTestStateMdm},
314 };
315 g_testHapInfoParams.appDistributionType = "";
316 AccessTokenIDEx fullTokenId;
317 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
318 EXPECT_EQ(ERR_PERM_REQUEST_CFG_FAILED, res);
319 }
320
321 /**
322 * @tc.name: InitHapToken008
323 * @tc.desc:
324 * @tc.type: FUNC
325 * @tc.require: Issue Number
326 */
327 HWTEST_F(AppInstallationOptimizedTest, InitHapToken008, TestSize.Level0)
328 {
329 HapPolicyParams testPolicyParam = {
330 .apl = APL_SYSTEM_BASIC,
331 .domain = "test.domain2",
332 .permStateList = {g_infoManagerTestStateMdm},
333 };
334 g_testHapInfoParams.appDistributionType = "none";
335 AccessTokenIDEx fullTokenId;
336 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
337 EXPECT_EQ(RET_SUCCESS, res);
338 }
339
340 /**
341 * @tc.name: InitHapToken009
342 * @tc.desc:
343 * @tc.type: FUNC
344 * @tc.require: Issue Number
345 */
346 HWTEST_F(AppInstallationOptimizedTest, InitHapToken009, TestSize.Level0)
347 {
348 HapPolicyParams testPolicyParam = {
349 .apl = APL_NORMAL,
350 .domain = "test.domain2",
351 .permStateList = {g_infoManagerTestState4},
352 };
353
354 AccessTokenIDEx fullTokenId;
355 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
356 EXPECT_EQ(ERR_PERM_REQUEST_CFG_FAILED, res);
357 }
358
359 /**
360 * @tc.name: InitHapToken010
361 * @tc.desc:
362 * @tc.type: FUNC
363 * @tc.require: Issue Number
364 */
365 HWTEST_F(AppInstallationOptimizedTest, InitHapToken010, TestSize.Level0)
366 {
367 HapPolicyParams testPolicyParam = {
368 .apl = APL_SYSTEM_BASIC,
369 .domain = "test.domain2",
370 .permStateList = {g_infoManagerTestState4},
371 };
372 g_testHapInfoParams.appDistributionType = "";
373 AccessTokenIDEx fullTokenId;
374 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
375 EXPECT_EQ(RET_SUCCESS, res);
376 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
377 }
378
379 #ifdef SUPPORT_SANDBOX_APP
380 /**
381 * @tc.name: InitHapToken011
382 * @tc.desc: InitHapToken with dlp type.
383 * @tc.type: FUNC
384 * @tc.require: Issue Number
385 */
386 HWTEST_F(AppInstallationOptimizedTest, InitHapToken011, TestSize.Level0)
387 {
388 HapPolicyParams testPolicyParams = {
389 .apl = APL_SYSTEM_BASIC,
390 .domain = "test.domain2",
391 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState, g_infoManagerCertState}
392 };
393 AccessTokenIDEx fullTokenId;
394 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams, fullTokenId);
395 EXPECT_EQ(RET_SUCCESS, res);
396
397 HapInfoParams testHapInfoParams1 = g_testHapInfoParams;
398 testHapInfoParams1.dlpType = DLP_FULL_CONTROL;
399 testHapInfoParams1.instIndex++;
400 AccessTokenIDEx dlpFullTokenId1;
401 res = AccessTokenKit::InitHapToken(testHapInfoParams1, testPolicyParams, dlpFullTokenId1);
402 EXPECT_EQ(RET_SUCCESS, res);
403
404 res = AccessTokenKit::VerifyAccessToken(dlpFullTokenId1.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
405 EXPECT_EQ(res, PERMISSION_DENIED);
406
407 (void)TestCommon::GrantPermissionByTest(
408 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION, PERMISSION_USER_SET);
409 (void)TestCommon::RevokePermissionByTest(
410 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION, PERMISSION_USER_SET);
411
412 testHapInfoParams1.instIndex++;
413 AccessTokenIDEx dlpFullTokenId2;
414 res = AccessTokenKit::InitHapToken(testHapInfoParams1, testPolicyParams, dlpFullTokenId2);
415 EXPECT_EQ(RET_SUCCESS, res);
416 res = AccessTokenKit::VerifyAccessToken(dlpFullTokenId2.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
417 EXPECT_EQ(res, PERMISSION_GRANTED);
418 res = AccessTokenKit::VerifyAccessToken(dlpFullTokenId1.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
419 EXPECT_EQ(res, PERMISSION_GRANTED);
420
421 std::vector<PermissionStateFull> permStatList1;
422 res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList1, false);
423 ASSERT_EQ(RET_SUCCESS, res);
424 std::vector<PermissionStateFull> permStatList2;
425 res = TestCommon::GetReqPermissionsByTest(dlpFullTokenId2.tokenIdExStruct.tokenID, permStatList2, false);
426 EXPECT_EQ(permStatList2.size(), permStatList1.size());
427 EXPECT_EQ(APP_TRACKING_PERMISSION, permStatList2[0].permissionName);
428 EXPECT_EQ(permStatList2[0].grantStatus[0], PERMISSION_GRANTED);
429 EXPECT_EQ(permStatList2[0].grantFlags[0], PERMISSION_USER_SET);
430 EXPECT_EQ(CALENDAR_PERMISSION, permStatList2[1].permissionName);
431 EXPECT_EQ(permStatList2[1].grantStatus[0], PERMISSION_DENIED);
432 EXPECT_EQ(permStatList2[1].grantFlags[0], PERMISSION_USER_SET);
433 EXPECT_EQ(RET_SUCCESS, res);
434 }
435 #endif
436
437 /**
438 * @tc.name: UpdateHapToken001
439 * @tc.desc:
440 * @tc.type: FUNC
441 * @tc.require: Issue Number
442 */
443 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken001, TestSize.Level0)
444 {
445 HapPolicyParams testPolicyParams1 = {
446 .apl = APL_NORMAL,
447 .domain = "test.domain2",
448 .permStateList = {g_infoManagerCameraState, g_infoBlueToothManagerState, g_infoManagerCertState}
449 };
450 AccessTokenIDEx fullTokenId;
451 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
452 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
453 EXPECT_EQ(RET_SUCCESS, ret);
454 ret = AccessTokenKit::VerifyAccessToken(
455 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
456 EXPECT_EQ(PERMISSION_DENIED, ret);
457 ret = AccessTokenKit::VerifyAccessToken(
458 fullTokenId.tokenIdExStruct.tokenID, CERT_PERMISSION);
459 EXPECT_EQ(PERMISSION_GRANTED, ret);
460
461 ret = TestCommon::GrantPermissionByTest(fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION, 0);
462 EXPECT_EQ(RET_SUCCESS, ret);
463 ret = AccessTokenKit::VerifyAccessToken(fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
464 EXPECT_EQ(PERMISSION_GRANTED, ret);
465 ret = TestCommon::GrantPermissionByTest(
466 fullTokenId.tokenIdExStruct.tokenID, ACCESS_BLUETOOTH_PERMISSION, PERMISSION_SYSTEM_FIXED);
467 EXPECT_EQ(RET_SUCCESS, ret);
468 ret = AccessTokenKit::VerifyAccessToken(
469 fullTokenId.tokenIdExStruct.tokenID, ACCESS_BLUETOOTH_PERMISSION);
470 EXPECT_EQ(PERMISSION_GRANTED, ret);
471
472 UpdateHapInfoParams info;
473 info.appIDDesc = "TEST";
474 info.apiVersion = DEFAULT_API_VERSION;
475 info.isSystemApp = false;
476 HapPolicyParams testPolicyParams2 = {
477 .apl = APL_NORMAL,
478 .domain = "test.domain2",
479 .permStateList = {g_infoManagerCameraState, g_infoBlueToothManagerState, g_infoManagerMicrophoneState}
480 };
481 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
482 ASSERT_EQ(RET_SUCCESS, ret);
483 ret = AccessTokenKit::VerifyAccessToken(fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
484 EXPECT_EQ(PERMISSION_GRANTED, ret);
485 ret = AccessTokenKit::VerifyAccessToken(fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION);
486 EXPECT_EQ(PERMISSION_DENIED, ret);
487 ret = AccessTokenKit::VerifyAccessToken(fullTokenId.tokenIdExStruct.tokenID, ACCESS_BLUETOOTH_PERMISSION);
488 EXPECT_EQ(PERMISSION_DENIED, ret);
489 ret = AccessTokenKit::VerifyAccessToken(fullTokenId.tokenIdExStruct.tokenID, CERT_PERMISSION);
490 EXPECT_EQ(PERMISSION_DENIED, ret);
491
492 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
493 }
494
495 /**
496 * @tc.name: UpdateHapToken002
497 * @tc.desc:
498 * @tc.type: FUNC
499 * @tc.require: Issue Number
500 */
501 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken002, TestSize.Level0)
502 {
503 HapPolicyParams testPolicyParams1 = {
504 .apl = APL_NORMAL,
505 .domain = "test.domain2",
506 .permStateList = {g_infoManagerCameraState}
507 };
508 AccessTokenIDEx fullTokenId;
509 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
510 EXPECT_EQ(RET_SUCCESS, ret);
511 ret = TestCommon::RevokePermissionByTest(
512 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION, PERMISSION_USER_FIXED);
513 EXPECT_EQ(RET_SUCCESS, ret);
514
515 std::vector<PermissionStateFull> permStatList;
516 int32_t res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList, false);
517 ASSERT_EQ(RET_SUCCESS, res);
518 EXPECT_EQ(static_cast<uint32_t>(1), permStatList.size());
519 EXPECT_EQ(APP_TRACKING_PERMISSION, permStatList[0].permissionName);
520 EXPECT_EQ(permStatList[0].grantStatus[0], PERMISSION_DENIED);
521 EXPECT_EQ(permStatList[0].grantFlags[0], PERMISSION_USER_FIXED);
522
523 UpdateHapInfoParams info;
524 info.appIDDesc = "TEST";
525 info.apiVersion = DEFAULT_API_VERSION;
526 info.isSystemApp = false;
527 HapPolicyParams testPolicyParams2 = {
528 .apl = APL_NORMAL,
529 .domain = "test.domain2",
530 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState}
531 };
532 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
533 ASSERT_EQ(RET_SUCCESS, ret);
534 std::vector<PermissionStateFull> permStatList1;
535 res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList1, false);
536 ASSERT_EQ(RET_SUCCESS, res);
537 EXPECT_EQ(static_cast<uint32_t>(2), permStatList1.size());
538 EXPECT_EQ(APP_TRACKING_PERMISSION, permStatList1[0].permissionName);
539 EXPECT_EQ(permStatList1[0].grantStatus[0], PERMISSION_DENIED);
540 EXPECT_EQ(permStatList1[0].grantFlags[0], PERMISSION_USER_FIXED);
541 EXPECT_EQ(CALENDAR_PERMISSION, permStatList1[1].permissionName);
542 EXPECT_EQ(permStatList1[1].grantStatus[0], PERMISSION_DENIED);
543 EXPECT_EQ(permStatList1[1].grantFlags[0], PERMISSION_DEFAULT_FLAG);
544
545 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
546 }
547
548 /**
549 * @tc.name: UpdateHapToken003
550 * @tc.desc:
551 * @tc.type: FUNC
552 * @tc.require: Issue Number
553 */
554 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken003, TestSize.Level0)
555 {
556 HapPolicyParams testPolicyParams1 = {
557 .apl = APL_NORMAL,
558 .domain = "test.domain2",
559 .permStateList = {g_infoManagerCameraState}
560 };
561 AccessTokenIDEx fullTokenId;
562 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
563 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
564 EXPECT_EQ(RET_SUCCESS, ret);
565 ret = AccessTokenKit::VerifyAccessToken(
566 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION);
567 EXPECT_EQ(PERMISSION_DENIED, ret);
568
569 UpdateHapInfoParams info;
570 info.appIDDesc = "TEST";
571 info.apiVersion = DEFAULT_API_VERSION;
572 info.isSystemApp = false;
573 PreAuthorizationInfo info1 = {
574 .permissionName = CALENDAR_PERMISSION,
575 .userCancelable = true
576 };
577 HapPolicyParams testPolicyParams2 = {
578 .apl = APL_NORMAL,
579 .domain = "test.domain2",
580 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState},
581 .preAuthorizationInfo = {info1}
582 };
583 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
584 ASSERT_EQ(RET_SUCCESS, ret);
585 std::vector<PermissionStateFull> permStatList1;
586 int32_t res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, permStatList1, false);
587 ASSERT_EQ(RET_SUCCESS, res);
588 EXPECT_EQ(static_cast<uint32_t>(2), permStatList1.size());
589 EXPECT_EQ(APP_TRACKING_PERMISSION, permStatList1[0].permissionName);
590 EXPECT_EQ(permStatList1[0].grantStatus[0], PERMISSION_DENIED);
591 EXPECT_EQ(permStatList1[0].grantFlags[0], PERMISSION_DEFAULT_FLAG);
592 EXPECT_EQ(CALENDAR_PERMISSION, permStatList1[1].permissionName);
593 EXPECT_EQ(permStatList1[1].grantStatus[0], PERMISSION_GRANTED);
594 EXPECT_EQ(permStatList1[1].grantFlags[0], PERMISSION_PRE_AUTHORIZED_CANCELABLE);
595
596 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
597 }
598
599 /**
600 * @tc.name: UpdateHapToken004
601 * @tc.desc:
602 * @tc.type: FUNC
603 * @tc.require: Issue Number
604 */
605 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken004, TestSize.Level0)
606 {
607 HapPolicyParams testPolicyParams1 = {
608 .apl = APL_NORMAL,
609 .domain = "test.domain2",
610 .permStateList = {g_infoManagerCameraState}
611 };
612 AccessTokenIDEx fullTokenId;
613 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
614 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
615 EXPECT_EQ(RET_SUCCESS, ret);
616
617 UpdateHapInfoParams info;
618 info.appIDDesc = "TEST";
619 info.apiVersion = DEFAULT_API_VERSION;
620 info.isSystemApp = true;
621 PreAuthorizationInfo info1 = {
622 .permissionName = CALENDAR_PERMISSION,
623 .userCancelable = false
624 };
625 HapPolicyParams testPolicyParams2 = {
626 .apl = APL_NORMAL,
627 .domain = "test.domain2",
628 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState},
629 .preAuthorizationInfo = {info1}
630 };
631 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
632 ASSERT_EQ(RET_SUCCESS, ret);
633 std::vector<PermissionStateFull> state;
634 int32_t res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
635 ASSERT_EQ(RET_SUCCESS, res);
636 EXPECT_EQ(static_cast<uint32_t>(2), state.size());
637 EXPECT_EQ(CALENDAR_PERMISSION, state[1].permissionName);
638 EXPECT_EQ(state[1].grantStatus[0], PERMISSION_GRANTED);
639 EXPECT_EQ(state[1].grantFlags[0], PERMISSION_SYSTEM_FIXED);
640
641 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
642 }
643
644 /**
645 * @tc.name: UpdateHapToken005
646 * @tc.desc:
647 * @tc.type: FUNC
648 * @tc.require: Issue Number
649 */
650 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken005, TestSize.Level0)
651 {
652 HapPolicyParams testPolicyParam = {
653 .apl = APL_SYSTEM_BASIC,
654 .domain = "test.domain2",
655 .permStateList = {g_infoManagerCameraState}
656 };
657 AccessTokenIDEx fullTokenId;
658 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
659 EXPECT_EQ(RET_SUCCESS, res);
660
661 HapPolicyParams testPolicyParam2 = {
662 .apl = APL_SYSTEM_BASIC,
663 .domain = "test.domain2",
664 .permStateList = {g_infoManagerCameraState, g_infoManagerTestStateMdm},
665 };
666 UpdateHapInfoParams info = {
667 .appIDDesc = "TEST",
668 .apiVersion = DEFAULT_API_VERSION,
669 .isSystemApp = false
670 };
671 info.appDistributionType = "enterprise_mdm";
672 res = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParam2);
673 EXPECT_EQ(RET_SUCCESS, res);
674 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
675 }
676
677 /**
678 * @tc.name: UpdateHapToken006
679 * @tc.desc:
680 * @tc.type: FUNC
681 * @tc.require: Issue Number
682 */
683 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken006, TestSize.Level0)
684 {
685 HapPolicyParams testPolicyParam = {
686 .apl = APL_SYSTEM_BASIC,
687 .domain = "test.domain2",
688 .permStateList = {g_infoManagerCameraState}
689 };
690 AccessTokenIDEx fullTokenId;
691 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
692 EXPECT_EQ(RET_SUCCESS, res);
693
694 HapPolicyParams testPolicyParam2 = {
695 .apl = APL_SYSTEM_BASIC,
696 .domain = "test.domain2",
697 .permStateList = {g_infoManagerCameraState, g_infoManagerTestStateMdm},
698 };
699 UpdateHapInfoParams info = {
700 .appIDDesc = "TEST",
701 .apiVersion = DEFAULT_API_VERSION,
702 .isSystemApp = false
703 };
704 info.appDistributionType = "";
705 res = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParam2);
706 EXPECT_EQ(ERR_PERM_REQUEST_CFG_FAILED, res);
707 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
708 }
709
710 /**
711 * @tc.name: UpdateHapToken007
712 * @tc.desc:
713 * @tc.type: FUNC
714 * @tc.require: Issue Number
715 */
716 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken007, TestSize.Level0)
717 {
718 HapPolicyParams testPolicyParam = {
719 .apl = APL_SYSTEM_BASIC,
720 .domain = "test.domain2",
721 .permStateList = {g_infoManagerCameraState}
722 };
723 AccessTokenIDEx fullTokenId;
724 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
725 EXPECT_EQ(RET_SUCCESS, res);
726
727 HapPolicyParams testPolicyParam2 = {
728 .apl = APL_SYSTEM_BASIC,
729 .domain = "test.domain2",
730 .permStateList = {g_infoManagerCameraState, g_infoManagerTestStateMdm},
731 };
732 UpdateHapInfoParams info = {
733 .appIDDesc = "TEST",
734 .apiVersion = DEFAULT_API_VERSION,
735 .isSystemApp = false
736 };
737 info.appDistributionType = "none";
738 res = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParam2);
739 EXPECT_EQ(RET_SUCCESS, res);
740 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
741 }
742
743 /**
744 * @tc.name: UpdateHapToken008
745 * @tc.desc:
746 * @tc.type: FUNC
747 * @tc.require: Issue Number
748 */
749 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken008, TestSize.Level0)
750 {
751 HapPolicyParams testPolicyParam = {
752 .apl = APL_NORMAL,
753 .domain = "test.domain2",
754 .permStateList = {g_infoManagerCameraState}
755 };
756 AccessTokenIDEx fullTokenId;
757 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
758 EXPECT_EQ(RET_SUCCESS, res);
759
760 HapPolicyParams testPolicyParam2 = {
761 .apl = APL_SYSTEM_BASIC,
762 .domain = "test.domain2",
763 .permStateList = {g_infoManagerCameraState, g_infoManagerTestState4},
764 };
765 UpdateHapInfoParams info = {
766 .appIDDesc = "TEST",
767 .apiVersion = DEFAULT_API_VERSION,
768 .isSystemApp = true
769 };
770 res = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParam2);
771 EXPECT_EQ(RET_SUCCESS, res);
772 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
773 }
774
775 /**
776 * @tc.name: UpdateHapToken009
777 * @tc.desc:
778 * @tc.type: FUNC
779 * @tc.require: Issue Number
780 */
781 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken009, TestSize.Level0)
782 {
783 HapPolicyParams testPolicyParam = {
784 .apl = APL_NORMAL,
785 .domain = "test.domain2",
786 .permStateList = {g_infoManagerCameraState}
787 };
788 AccessTokenIDEx fullTokenId;
789 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
790 EXPECT_EQ(RET_SUCCESS, res);
791
792 HapPolicyParams testPolicyParam1 = {
793 .apl = APL_NORMAL,
794 .domain = "test.domain2",
795 .permStateList = {g_infoManagerCameraState, g_infoManagerTestState4},
796 };
797 UpdateHapInfoParams info = {
798 .appIDDesc = "TEST",
799 .apiVersion = DEFAULT_API_VERSION,
800 .isSystemApp = true
801 };
802 res = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParam1);
803 EXPECT_NE(RET_SUCCESS, res);
804 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
805 }
806
807 /**
808 * @tc.name: UpdateHapToken010
809 * @tc.desc:
810 * @tc.type: FUNC
811 * @tc.require: Issue Number
812 */
813 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken010, TestSize.Level0)
814 {
815 HapPolicyParams testPolicyParams1 = {
816 .apl = APL_NORMAL,
817 .domain = "test.domain2",
818 .permStateList = {g_infoManagerCameraState}
819 };
820 AccessTokenIDEx fullTokenId;
821 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
822 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
823 EXPECT_EQ(RET_SUCCESS, ret);
824
825 UpdateHapInfoParams info;
826 info.appIDDesc = "TEST";
827 info.apiVersion = DEFAULT_API_VERSION;
828 info.isSystemApp = true;
829 PreAuthorizationInfo info1 = {
830 .permissionName = APP_TRACKING_PERMISSION,
831 .userCancelable = false
832 };
833 HapPolicyParams testPolicyParams2 = {
834 .apl = APL_NORMAL,
835 .domain = "test.domain2",
836 .permStateList = {g_infoManagerCameraState},
837 .preAuthorizationInfo = {info1}
838 };
839 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
840 ASSERT_EQ(RET_SUCCESS, ret);
841 std::vector<PermissionStateFull> state;
842 int32_t res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
843 ASSERT_EQ(RET_SUCCESS, res);
844 EXPECT_EQ(static_cast<uint32_t>(1), state.size());
845 EXPECT_EQ(APP_TRACKING_PERMISSION, state[0].permissionName);
846 EXPECT_EQ(state[0].grantStatus[0], PERMISSION_GRANTED);
847 EXPECT_EQ(state[0].grantFlags[0], PERMISSION_SYSTEM_FIXED);
848
849 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
850 }
851
852 /**
853 * @tc.name: UpdateHapToken011
854 * @tc.desc: app user_grant permission has not been operated, update with pre-authorization
855 * @tc.type: FUNC
856 * @tc.require: Issue Number
857 */
858 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken011, TestSize.Level0)
859 {
860 HapPolicyParams testPolicyParams1 = {
861 .apl = APL_NORMAL,
862 .domain = "test.domain2",
863 .permStateList = {g_infoManagerCameraState}
864 };
865 AccessTokenIDEx fullTokenId;
866 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
867 GTEST_LOG_(INFO) << "tokenID :" << fullTokenId.tokenIdExStruct.tokenID;
868 EXPECT_EQ(RET_SUCCESS, ret);
869
870 UpdateHapInfoParams info;
871 info.appIDDesc = "TEST";
872 info.apiVersion = DEFAULT_API_VERSION;
873 info.isSystemApp = true;
874 PreAuthorizationInfo info1 = {
875 .permissionName = APP_TRACKING_PERMISSION,
876 .userCancelable = false
877 };
878 HapPolicyParams testPolicyParams2 = {
879 .apl = APL_NORMAL,
880 .domain = "test.domain2",
881 .permStateList = {g_infoManagerCameraState},
882 .preAuthorizationInfo = {info1}
883 };
884 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
885 ASSERT_EQ(RET_SUCCESS, ret);
886 std::vector<PermissionStateFull> state;
887 int32_t res = TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
888 ASSERT_EQ(RET_SUCCESS, res);
889 EXPECT_EQ(static_cast<uint32_t>(1), state.size());
890 EXPECT_EQ(APP_TRACKING_PERMISSION, state[0].permissionName);
891 EXPECT_EQ(state[0].grantStatus[0], PERMISSION_GRANTED);
892 EXPECT_EQ(state[0].grantFlags[0], PERMISSION_SYSTEM_FIXED);
893
894 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
895 }
896
897 /**
898 * @tc.name: UpdateHapToken012
899 * @tc.desc: app user_grant permission has been granted or revoked by user, update with pre-authorization
900 * @tc.type: FUNC
901 * @tc.require: Issue Number
902 */
903 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken012, TestSize.Level0)
904 {
905 HapPolicyParams testPolicyParams1 = {
906 .apl = APL_NORMAL,
907 .domain = "test.domain2",
908 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState}
909 };
910 AccessTokenIDEx fullTokenId;
911 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
912 EXPECT_EQ(RET_SUCCESS, ret);
913
914 ret = TestCommon::GrantPermissionByTest(
915 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION, PERMISSION_USER_FIXED);
916 EXPECT_EQ(RET_SUCCESS, ret);
917 ret = TestCommon::RevokePermissionByTest(
918 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION, PERMISSION_USER_FIXED);
919 EXPECT_EQ(RET_SUCCESS, ret);
920
921 UpdateHapInfoParams info;
922 info.appIDDesc = "TEST";
923 info.apiVersion = DEFAULT_API_VERSION;
924 info.isSystemApp = true;
925 PreAuthorizationInfo info1 = {
926 .permissionName = APP_TRACKING_PERMISSION,
927 .userCancelable = false
928 };
929 PreAuthorizationInfo info2 = {
930 .permissionName = CALENDAR_PERMISSION,
931 .userCancelable = false
932 };
933 HapPolicyParams testPolicyParams2 = {
934 .apl = APL_NORMAL,
935 .domain = "test.domain2",
936 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState},
937 .preAuthorizationInfo = {info1, info2}
938 };
939 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams2);
940 ASSERT_EQ(RET_SUCCESS, ret);
941 std::vector<PermissionStateFull> state;
942 TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
943 EXPECT_EQ(static_cast<uint32_t>(2), state.size());
944 EXPECT_EQ(APP_TRACKING_PERMISSION, state[0].permissionName);
945 EXPECT_EQ(state[0].grantStatus[0], PERMISSION_GRANTED);
946 EXPECT_EQ(state[0].grantFlags[0], PERMISSION_USER_FIXED);
947 EXPECT_EQ(CALENDAR_PERMISSION, state[1].permissionName);
948 EXPECT_EQ(state[1].grantStatus[0], PERMISSION_DENIED);
949 EXPECT_EQ(state[1].grantFlags[0], PERMISSION_USER_FIXED);
950
951 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
952 }
953
954
955 /**
956 * @tc.name: UpdateHapToken013
957 * @tc.desc: app user_grant permission has been pre-authorized with
958 * userUnCancelable flag, update with userCancelable pre-authorization
959 * @tc.type: FUNC
960 * @tc.require: Issue Number
961 */
962 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken013, TestSize.Level0)
963 {
964 PreAuthorizationInfo info1 = {
965 .permissionName = APP_TRACKING_PERMISSION,
966 .userCancelable = false
967 };
968 PreAuthorizationInfo info2 = {
969 .permissionName = CALENDAR_PERMISSION,
970 .userCancelable = false
971 };
972 HapPolicyParams testPolicyParams1 = {
973 .apl = APL_NORMAL,
974 .domain = "test.domain2",
975 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState},
976 .preAuthorizationInfo = {info1, info2}
977 };
978 AccessTokenIDEx fullTokenId;
979 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
980 EXPECT_EQ(RET_SUCCESS, ret);
981
982 ret = TestCommon::GrantPermissionByTest(
983 fullTokenId.tokenIdExStruct.tokenID, APP_TRACKING_PERMISSION, PERMISSION_USER_FIXED);
984 EXPECT_NE(RET_SUCCESS, ret);
985 ret = TestCommon::RevokePermissionByTest(
986 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION, PERMISSION_USER_FIXED);
987 EXPECT_NE(RET_SUCCESS, ret);
988
989 UpdateHapInfoParams info;
990 info.appIDDesc = "TEST";
991 info.apiVersion = DEFAULT_API_VERSION;
992 info.isSystemApp = true;
993 info1.userCancelable = true;
994 testPolicyParams1.preAuthorizationInfo = {info1};
995
996 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams1);
997 ASSERT_EQ(RET_SUCCESS, ret);
998 std::vector<PermissionStateFull> state;
999 TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
1000 EXPECT_EQ(static_cast<uint32_t>(2), state.size());
1001 EXPECT_EQ(state[0].grantStatus[0], PERMISSION_GRANTED);
1002 EXPECT_EQ(state[0].grantFlags[0], PERMISSION_PRE_AUTHORIZED_CANCELABLE);
1003 EXPECT_EQ(state[1].grantStatus[0], PERMISSION_DENIED);
1004 EXPECT_EQ(state[1].grantFlags[0], PERMISSION_DEFAULT_FLAG);
1005
1006 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
1007 }
1008
1009 /**
1010 * @tc.name: UpdateHapToken014
1011 * @tc.desc: app user_grant permission has been pre-authorized with userCancelable flag,
1012 * update with userCancelable pre-authorization
1013 * @tc.type: FUNC
1014 * @tc.require: Issue Number
1015 */
1016 HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken014, TestSize.Level0)
1017 {
1018 PreAuthorizationInfo info1 = {
1019 .permissionName = APP_TRACKING_PERMISSION,
1020 .userCancelable = true
1021 };
1022 PreAuthorizationInfo info2 = {
1023 .permissionName = CALENDAR_PERMISSION,
1024 .userCancelable = true
1025 };
1026 HapPolicyParams testPolicyParams1 = {
1027 .apl = APL_NORMAL,
1028 .domain = "test.domain2",
1029 .permStateList = {g_infoManagerCameraState, g_infoManagerMicrophoneState},
1030 .preAuthorizationInfo = {info1, info2}
1031 };
1032 AccessTokenIDEx fullTokenId;
1033 int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParams1, fullTokenId);
1034 EXPECT_EQ(RET_SUCCESS, ret);
1035
1036 ret = TestCommon::RevokePermissionByTest(
1037 fullTokenId.tokenIdExStruct.tokenID, CALENDAR_PERMISSION, PERMISSION_USER_FIXED);
1038 EXPECT_EQ(RET_SUCCESS, ret);
1039
1040 UpdateHapInfoParams info;
1041 info.appIDDesc = "TEST";
1042 info.apiVersion = DEFAULT_API_VERSION;
1043 info.isSystemApp = true;
1044 info1.userCancelable = false;
1045 testPolicyParams1.preAuthorizationInfo = {info1};
1046
1047 ret = AccessTokenKit::UpdateHapToken(fullTokenId, info, testPolicyParams1);
1048 ASSERT_EQ(RET_SUCCESS, ret);
1049 std::vector<PermissionStateFull> state;
1050 TestCommon::GetReqPermissionsByTest(fullTokenId.tokenIdExStruct.tokenID, state, false);
1051 EXPECT_EQ(static_cast<uint32_t>(2), state.size());
1052 EXPECT_EQ(state[0].grantStatus[0], PERMISSION_GRANTED);
1053 EXPECT_EQ(state[0].grantFlags[0], PERMISSION_SYSTEM_FIXED);
1054 EXPECT_EQ(state[1].grantStatus[0], PERMISSION_DENIED);
1055 EXPECT_EQ(state[1].grantFlags[0], PERMISSION_USER_FIXED | PERMISSION_PRE_AUTHORIZED_CANCELABLE);
1056
1057 EXPECT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
1058 }
1059
1060 /**
1061 * @tc.name: InitHapTokenAbnormal001
1062 * @tc.desc:
1063 * @tc.type: FUNC
1064 * @tc.require: Issue Number
1065 */
1066 HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal001, TestSize.Level0)
1067 {
1068 HapPolicyParams testPolicyParam = {
1069 .apl = APL_NORMAL,
1070 .domain = "test.domain2",
1071 .permStateList = {g_infoManagerCameraState},
1072 .aclRequestedList = {}
1073 };
1074 for (uint32_t i = 0; i < MAX_PERM_LIST_SIZE; i++) {
1075 testPolicyParam.aclRequestedList.emplace_back("ohos.permission.CAMERA");
1076 }
1077 AccessTokenIDEx fullTokenId;
1078 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
1079 EXPECT_EQ(RET_SUCCESS, res);
1080 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
1081 testPolicyParam.aclRequestedList.emplace_back("ohos.permission.CAMERA");
1082
1083 res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
1084 EXPECT_NE(RET_SUCCESS, res);
1085 }
1086
1087 /**
1088 * @tc.name: InitHapTokenAbnormal002
1089 * @tc.desc:
1090 * @tc.type: FUNC
1091 * @tc.require: Issue Number
1092 */
1093 HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal002, TestSize.Level0)
1094 {
1095 HapPolicyParams testPolicyParam = {
1096 .apl = APL_NORMAL,
1097 .domain = "test.domain2",
1098 .permStateList = {g_infoManagerCameraState},
1099 .aclRequestedList = {},
1100 };
1101 PreAuthorizationInfo info = {
1102 .permissionName = CALENDAR_PERMISSION,
1103 .userCancelable = false
1104 };
1105 for (uint32_t i = 0; i < MAX_PERM_LIST_SIZE; i++) {
1106 testPolicyParam.preAuthorizationInfo.emplace_back(info);
1107 }
1108 AccessTokenIDEx fullTokenId;
1109 int32_t res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
1110 EXPECT_EQ(RET_SUCCESS, res);
1111 ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(fullTokenId.tokenIdExStruct.tokenID));
1112 testPolicyParam.preAuthorizationInfo.emplace_back(info);
1113
1114 res = AccessTokenKit::InitHapToken(g_testHapInfoParams, testPolicyParam, fullTokenId);
1115 EXPECT_NE(RET_SUCCESS, res);
1116 }
1117
1118 /**
1119 * @tc.name: InitHapTokenAbnormal003
1120 * @tc.desc:
1121 * @tc.type: FUNC
1122 * @tc.require: Issue Number
1123 */
1124 HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal003, TestSize.Level0)
1125 {
1126 HapInfoParams testHapInfoParams = g_testHapInfoParams;
1127 HapPolicyParams testPolicyParam = {
1128 .apl = APL_NORMAL,
1129 .domain = "test.domain2",
1130 .permStateList = {g_infoManagerCameraState},
1131 .aclRequestedList = {},
1132 .preAuthorizationInfo = {}
1133 };
1134
1135 // invalid userID
1136 testHapInfoParams.userID = -1;
1137 AccessTokenIDEx fullTokenId;
1138 int32_t res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1139 EXPECT_EQ(ERR_PARAM_INVALID, res);
1140 testHapInfoParams.userID = g_testHapInfoParams.userID;
1141
1142 // invalid bundleName
1143 testHapInfoParams.bundleName = "";
1144 res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1145 EXPECT_EQ(ERR_PARAM_INVALID, res);
1146 testHapInfoParams.bundleName = g_testHapInfoParams.bundleName;
1147
1148 // invalid dlpType
1149 testHapInfoParams.dlpType = -1;
1150 res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1151 EXPECT_EQ(ERR_PARAM_INVALID, res);
1152 testHapInfoParams.dlpType = g_testHapInfoParams.dlpType;
1153
1154 int32_t invalidAppIdLen = 10241; // 10241 is invalid appid length
1155 // invalid dlpType
1156 std::string invalidAppIDDesc (invalidAppIdLen, 'x');
1157 testHapInfoParams.appIDDesc = invalidAppIDDesc;
1158 res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1159 EXPECT_EQ(ERR_PARAM_INVALID, res);
1160 testHapInfoParams.appIDDesc = g_testHapInfoParams.appIDDesc;
1161 }
1162
1163 /**
1164 * @tc.name: InitHapTokenAbnormal004
1165 * @tc.desc:
1166 * @tc.type: FUNC
1167 * @tc.require: Issue Number
1168 */
1169 HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal004, TestSize.Level0)
1170 {
1171 HapInfoParams testHapInfoParams = g_testHapInfoParams;
1172 HapPolicyParams testPolicyParam = g_testPolicyParams;
1173
1174 // invalid apl 8
1175 testPolicyParam.apl = static_cast<AccessToken::TypeATokenAplEnum>(8);
1176 AccessTokenIDEx fullTokenId;
1177 int32_t res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1178 EXPECT_NE(RET_SUCCESS, res);
1179 testPolicyParam.apl = g_testPolicyParams.apl;
1180
1181 // invalid domain 1025
1182 const static int32_t MAX_DCAP_LENGTH = 1025;
1183 std::string invalidDomain (MAX_DCAP_LENGTH, 'x');
1184 testPolicyParam.domain = invalidDomain;
1185 res = AccessTokenKit::InitHapToken(testHapInfoParams, testPolicyParam, fullTokenId);
1186 EXPECT_NE(RET_SUCCESS, res);
1187 testPolicyParam.domain = g_testPolicyParams.domain;
1188 }
1189
1190 } // namespace AccessToken
1191 } // namespace Security
1192 } // namespace OHOS
1193