1 /*
2 * Copyright (c) 2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "get_self_permission_status_test.h"
16 #include "access_token_error.h"
17 #include "nativetoken_kit.h"
18 #include "test_common.h"
19 #include "token_setproc.h"
20
21 namespace OHOS {
22 namespace Security {
23 namespace AccessToken {
24 using namespace testing::ext;
25 namespace {
26 static const std::string TEST_BUNDLE_NAME = "ohos";
27 static const int TEST_USER_ID = 0;
28 static const std::string APPROXIMATELY_LOCATION_PERMISSION = "ohos.permission.APPROXIMATELY_LOCATION";
29 static const std::string LOCATION_PERMISSION = "ohos.permission.LOCATION";
30
31 PermissionStateFull g_permTestState1 = {
32 .permissionName = APPROXIMATELY_LOCATION_PERMISSION,
33 .isGeneral = true,
34 .resDeviceID = {"local"},
35 .grantStatus = {PermissionState::PERMISSION_DENIED},
36 .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG},
37 };
38
39 PermissionStateFull g_permTestState2 = {
40 .permissionName = "ohos.permission.MICROPHONE",
41 .isGeneral = true,
42 .resDeviceID = {"local"},
43 .grantStatus = {PermissionState::PERMISSION_DENIED},
44 .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
45 };
46
47 PermissionStateFull g_permTestState3 = {
48 .permissionName = "ohos.permission.WRITE_CALENDAR",
49 .isGeneral = true,
50 .resDeviceID = {"local"},
51 .grantStatus = {PermissionState::PERMISSION_DENIED},
52 .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED}
53 };
54
55 PermissionStateFull g_permTestState4 = {
56 .permissionName = "ohos.permission.READ_IMAGEVIDEO",
57 .isGeneral = true,
58 .resDeviceID = {"local"},
59 .grantStatus = {PermissionState::PERMISSION_GRANTED},
60 .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
61 };
62
63 PermissionStateFull g_permTestState5 = {
64 .permissionName = LOCATION_PERMISSION,
65 .isGeneral = true,
66 .resDeviceID = {"local"},
67 .grantStatus = {PermissionState::PERMISSION_DENIED},
68 .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG},
69 };
70
71 PermissionStateFull g_permTestState6 = {
72 .permissionName = "ohos.permission.READ_CALENDAR",
73 .isGeneral = true,
74 .resDeviceID = {"local"},
75 .grantStatus = {PermissionState::PERMISSION_DENIED},
76 .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG},
77 };
78
79 HapPolicyParams g_policy = {
80 .apl = APL_NORMAL,
81 .domain = "domain",
82 .permStateList = {g_permTestState1, g_permTestState2, g_permTestState3, g_permTestState4, g_permTestState5,
83 g_permTestState6}
84 };
85
86 static uint64_t g_selfTokenId = 0;
87 }
88
SetUpTestCase()89 void GetSelfPermissionStatusTest::SetUpTestCase()
90 {
91 g_selfTokenId = GetSelfTokenID();
92 TestCommon::SetTestEvironment(g_selfTokenId);
93 }
94
TearDownTestCase()95 void GetSelfPermissionStatusTest::TearDownTestCase()
96 {
97 ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(g_selfTokenId));
98 TestCommon::ResetTestEvironment();
99 }
100
SetUp()101 void GetSelfPermissionStatusTest::SetUp()
102 {
103 HapInfoParams info = {
104 .userID = TEST_USER_ID,
105 .bundleName = TEST_BUNDLE_NAME,
106 .instIndex = 0,
107 .appIDDesc = "appIDDesc",
108 .apiVersion = 20 // 20: api version
109 };
110
111 AccessTokenIDEx tokenIdEx = TestCommon::AllocAndGrantHapTokenByTest(info, g_policy);
112 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
113 ASSERT_NE(tokenId, INVALID_TOKENID);
114 ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx));
115 }
116
TearDown()117 void GetSelfPermissionStatusTest::TearDown()
118 {
119 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
120 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
121 if (tokenId != INVALID_TOKENID) {
122 EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenId));
123 }
124 }
125
126 /**
127 * @tc.name: GetSelfPermissionStatus001
128 * @tc.desc: default permission status
129 * @tc.type: FUNC
130 * @tc.require: Issue Number
131 */
132 HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus001, TestSize.Level0)
133 {
134 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
135 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
136 ASSERT_NE(INVALID_TOKENID, tokenID);
137
138 // default flag, user not operation
139 PermissionOper status;
140 int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
141 EXPECT_EQ(RET_SUCCESS, ret);
142 EXPECT_EQ(DYNAMIC_OPER, status);
143
144 // user set DENIED
145 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status);
146 EXPECT_EQ(RET_SUCCESS, ret);
147 EXPECT_EQ(DYNAMIC_OPER, status);
148
149 // user fixed DENIED
150 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
151 EXPECT_EQ(RET_SUCCESS, ret);
152 EXPECT_EQ(SETTING_OPER, status);
153
154 // user set GRANTED
155 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status);
156 EXPECT_EQ(RET_SUCCESS, ret);
157 EXPECT_EQ(PASS_OPER, status);
158
159 // not request permission CAMERA
160 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status);
161 EXPECT_EQ(RET_SUCCESS, ret);
162 EXPECT_EQ(INVALID_OPER, status);
163 }
164
165 /**
166 * @tc.name: GetSelfPermissionStatus002
167 * @tc.desc: forbidden permission status
168 * @tc.type: FUNC
169 * @tc.require: Issue Number
170 */
171 HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus002, TestSize.Level0)
172 {
173 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
174 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
175 ASSERT_NE(INVALID_TOKENID, tokenID);
176
177 {
178 std::vector<std::string> reqPerm;
179 reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG");
180 MockHapToken mock("GetSelfPermissionStatus002", reqPerm, true);
181
182 HapBaseInfo hapBaseInfo = {
183 .userID = TEST_USER_ID,
184 .bundleName = TEST_BUNDLE_NAME,
185 .instIndex = 0,
186 };
187
188 ASSERT_EQ(0, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true));
189 }
190
191 // default flag, user not operation
192 PermissionOper status;
193 int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
194 EXPECT_EQ(RET_SUCCESS, ret);
195 EXPECT_EQ(FORBIDDEN_OPER, status);
196
197 // user set DENIED
198 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status);
199 EXPECT_EQ(RET_SUCCESS, ret);
200 EXPECT_EQ(FORBIDDEN_OPER, status);
201
202 // user fixed DENIED
203 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
204 EXPECT_EQ(RET_SUCCESS, ret);
205 EXPECT_EQ(FORBIDDEN_OPER, status);
206
207 // user set GRANTED
208 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status);
209 EXPECT_EQ(RET_SUCCESS, ret);
210 EXPECT_EQ(FORBIDDEN_OPER, status);
211
212 // not request permission CAMERA
213 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status);
214 EXPECT_EQ(RET_SUCCESS, ret);
215 EXPECT_EQ(INVALID_OPER, status);
216 }
217
218 /**
219 * @tc.name: GetSelfPermissionStatus003
220 * @tc.desc: grant permission status
221 * @tc.type: FUNC
222 * @tc.require: Issue Number
223 */
224 HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus003, TestSize.Level0)
225 {
226 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
227 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
228 ASSERT_NE(INVALID_TOKENID, tokenID);
229
230 {
231 std::vector<std::string> reqPerm;
232 reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
233 MockHapToken mock("GetSelfPermissionStatus003", reqPerm, true);
234
235 // grant user set
236 ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET));
237 }
238
239 // grant permission
240 PermissionOper status;
241 int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
242 EXPECT_EQ(RET_SUCCESS, ret);
243 EXPECT_EQ(PASS_OPER, status);
244
245 // user set DENIED
246 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status);
247 EXPECT_EQ(RET_SUCCESS, ret);
248 EXPECT_EQ(DYNAMIC_OPER, status);
249
250 // user fixed DENIED
251 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
252 EXPECT_EQ(RET_SUCCESS, ret);
253 EXPECT_EQ(SETTING_OPER, status);
254
255 // user set GRANTED
256 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status);
257 EXPECT_EQ(RET_SUCCESS, ret);
258 EXPECT_EQ(PASS_OPER, status);
259
260 // not request permission CAMERA
261 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status);
262 EXPECT_EQ(RET_SUCCESS, ret);
263 EXPECT_EQ(INVALID_OPER, status);
264 }
265
266 /**
267 * @tc.name: GetSelfPermissionStatus004
268 * @tc.desc: revoke user set permission status
269 * @tc.type: FUNC
270 * @tc.require: Issue Number
271 */
272 HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus004, TestSize.Level0)
273 {
274 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
275 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
276 ASSERT_NE(INVALID_TOKENID, tokenID);
277
278 {
279 std::vector<std::string> reqPerm;
280 reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
281 MockHapToken mock("GetSelfPermissionStatus004", reqPerm, true);
282
283 // revoke user set
284 ASSERT_EQ(0, AccessTokenKit::RevokePermission(tokenID, "ohos.permission.READ_IMAGEVIDEO", PERMISSION_USER_SET));
285 }
286
287 // default flag, user not operation
288 PermissionOper status;
289 int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
290 EXPECT_EQ(RET_SUCCESS, ret);
291 EXPECT_EQ(DYNAMIC_OPER, status);
292
293 // user set DENIED
294 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status);
295 EXPECT_EQ(RET_SUCCESS, ret);
296 EXPECT_EQ(DYNAMIC_OPER, status);
297
298 // user fixed DENIED
299 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
300 EXPECT_EQ(RET_SUCCESS, ret);
301 EXPECT_EQ(SETTING_OPER, status);
302
303 // revoke user set
304 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status);
305 EXPECT_EQ(RET_SUCCESS, ret);
306 EXPECT_EQ(DYNAMIC_OPER, status);
307
308 // not request permission CAMERA
309 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status);
310 EXPECT_EQ(RET_SUCCESS, ret);
311 EXPECT_EQ(INVALID_OPER, status);
312 }
313
314 /**
315 * @tc.name: GetSelfPermissionStatus005
316 * @tc.desc: revoke user fixed permission status
317 * @tc.type: FUNC
318 * @tc.require: Issue Number
319 */
320 HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus005, TestSize.Level0)
321 {
322 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
323 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
324 ASSERT_NE(INVALID_TOKENID, tokenID);
325
326 {
327 std::vector<std::string> reqPerm;
328 reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
329 MockHapToken mock("GetSelfPermissionStatus005", reqPerm, true);
330
331 // revoke user fixed
332 ASSERT_EQ(0,
333 AccessTokenKit::RevokePermission(tokenID, "ohos.permission.READ_IMAGEVIDEO", PERMISSION_USER_FIXED));
334 }
335
336 // default flag, user not operation
337 PermissionOper status;
338 int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
339 EXPECT_EQ(RET_SUCCESS, ret);
340 EXPECT_EQ(DYNAMIC_OPER, status);
341
342 // user set DENIED
343 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status);
344 EXPECT_EQ(RET_SUCCESS, ret);
345 EXPECT_EQ(DYNAMIC_OPER, status);
346
347 // user fixed DENIED
348 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
349 EXPECT_EQ(RET_SUCCESS, ret);
350 EXPECT_EQ(SETTING_OPER, status);
351
352 // revoke user fixed
353 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status);
354 EXPECT_EQ(RET_SUCCESS, ret);
355 EXPECT_EQ(SETTING_OPER, status);
356
357 // not request permission CAMERA
358 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status);
359 EXPECT_EQ(RET_SUCCESS, ret);
360 EXPECT_EQ(INVALID_OPER, status);
361 }
362
363 /**
364 * @tc.name: GetSelfPermissionStatus006
365 * @tc.desc: invalid permission
366 * @tc.type: FUNC
367 * @tc.require: Issue Number
368 */
369 HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus006, TestSize.Level0)
370 {
371 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
372 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
373 ASSERT_NE(INVALID_TOKENID, tokenID);
374
375 PermissionOper status;
376 // invalid permission
377 int32_t ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.TTTTT", status);
378 EXPECT_EQ(RET_SUCCESS, ret);
379 EXPECT_EQ(INVALID_OPER, status);
380
381 // not request permission
382 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.ACCESS_NEARLINK", status);
383 EXPECT_EQ(RET_SUCCESS, ret);
384 EXPECT_EQ(INVALID_OPER, status);
385
386 // empty permission
387 std::string testPerm1;
388 ret = AccessTokenKit::GetSelfPermissionStatus(testPerm1, status);
389 EXPECT_EQ(ERR_PARAM_INVALID, ret);
390
391 // oversize permission
392 std::string testPerm2(257, 'a');
393 ret = AccessTokenKit::GetSelfPermissionStatus(testPerm2, status);
394 EXPECT_EQ(ERR_PARAM_INVALID, ret);
395 }
396
397 /**
398 * @tc.name: GetSelfPermissionStatus007
399 * @tc.desc: location permission test
400 * @tc.type: FUNC
401 * @tc.require: Issue Number
402 */
403 HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus007, TestSize.Level0)
404 {
405 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
406 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
407 ASSERT_NE(INVALID_TOKENID, tokenID);
408
409 // default flag, user not operation
410 PermissionOper status;
411 int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
412 EXPECT_EQ(RET_SUCCESS, ret);
413 EXPECT_EQ(DYNAMIC_OPER, status);
414
415 // APPROXIMATELY_LOCATION not set, LOCATION status is INVALID_OPER
416 ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status);
417 EXPECT_EQ(RET_SUCCESS, ret);
418 EXPECT_EQ(INVALID_OPER, status);
419
420 {
421 std::vector<std::string> reqPerm;
422 reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
423 MockHapToken mock("GetSelfPermissionStatus0071", reqPerm, true);
424
425 // grant user set
426 ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET));
427 }
428
429 // grant permission
430 ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
431 EXPECT_EQ(RET_SUCCESS, ret);
432 EXPECT_EQ(PASS_OPER, status);
433
434 // APPROXIMATELY_LOCATION already set, LOCATION status is DYNAMIC_OPER
435 ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status);
436 EXPECT_EQ(RET_SUCCESS, ret);
437 EXPECT_EQ(DYNAMIC_OPER, status);
438
439 {
440 std::vector<std::string> reqPerm;
441 reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
442 MockHapToken mock("GetSelfPermissionStatus0072", reqPerm, true);
443
444 // grant user set
445 ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, LOCATION_PERMISSION, PERMISSION_USER_SET));
446 }
447
448 // grant permission
449 ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status);
450 EXPECT_EQ(RET_SUCCESS, ret);
451 EXPECT_EQ(PASS_OPER, status);
452 }
453
454 /**
455 * @tc.name: GetSelfPermissionStatus008
456 * @tc.desc: only change flag
457 * @tc.type: FUNC
458 * @tc.require: Issue Number
459 */
460 HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus008, TestSize.Level0)
461 {
462 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
463 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
464 ASSERT_NE(INVALID_TOKENID, tokenID);
465
466 // default flag, user not operation
467 PermissionOper status;
468 int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
469 EXPECT_EQ(RET_SUCCESS, ret);
470 EXPECT_EQ(DYNAMIC_OPER, status);
471
472 {
473 std::vector<std::string> reqPerm;
474 reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
475 MockHapToken mock("GetSelfPermissionStatus0081", reqPerm, true);
476
477 // grant user set
478 ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET));
479 }
480
481 // grant permission
482 ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
483 EXPECT_EQ(RET_SUCCESS, ret);
484 EXPECT_EQ(PASS_OPER, status);
485
486 {
487 std::vector<std::string> reqPerm;
488 reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
489 MockHapToken mock("GetSelfPermissionStatus0082", reqPerm, true);
490
491 // revoke user fixed
492 ASSERT_EQ(0, AccessTokenKit::RevokePermission(
493 tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_FIXED));
494 }
495
496 // revoke permission
497 ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
498 EXPECT_EQ(RET_SUCCESS, ret);
499 EXPECT_EQ(SETTING_OPER, status);
500
501 {
502 std::vector<std::string> reqPerm;
503 reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS");
504 MockHapToken mock("GetSelfPermissionStatus0083", reqPerm, true);
505
506 // revoke to default flag
507 ASSERT_EQ(0, AccessTokenKit::RevokePermission(
508 tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_DEFAULT_FLAG));
509 }
510
511 ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status);
512 EXPECT_EQ(RET_SUCCESS, ret);
513 EXPECT_EQ(DYNAMIC_OPER, status);
514 }
515
516 /**
517 * @tc.name: GetSelfPermissionStatus009
518 * @tc.desc: test permission group
519 * @tc.type: FUNC
520 * @tc.require: Issue Number
521 */
522 HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus009, TestSize.Level0)
523 {
524 AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
525 AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
526 ASSERT_NE(INVALID_TOKENID, tokenID);
527
528 PermissionOper status;
529
530 // default
531 int32_t ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_CALENDAR", status);
532 EXPECT_EQ(RET_SUCCESS, ret);
533 EXPECT_EQ(DYNAMIC_OPER, status);
534
535 // default denied
536 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
537 EXPECT_EQ(RET_SUCCESS, ret);
538 EXPECT_EQ(SETTING_OPER, status);
539
540 {
541 std::vector<std::string> reqPerm;
542 reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
543 MockHapToken mock("GetSelfPermissionStatus009", reqPerm, true);
544
545 // grant user set
546 ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, "ohos.permission.WRITE_CALENDAR", PERMISSION_USER_SET));
547 }
548
549 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_CALENDAR", status);
550 EXPECT_EQ(RET_SUCCESS, ret);
551 EXPECT_EQ(DYNAMIC_OPER, status);
552
553 // no change
554 ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status);
555 EXPECT_EQ(RET_SUCCESS, ret);
556 EXPECT_EQ(PASS_OPER, status);
557 }
558 } // namespace AccessToken
559 } // namespace Security
560 } // namespace OHOS
561