1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "accesstoken_info_manager_test.h"
17
18 #include <fcntl.h>
19 #include <gmock/gmock.h>
20
21 #include "accesstoken_id_manager.h"
22 #include "access_token_error.h"
23 #define private public
24 #include "accesstoken_callback_stubs.h"
25 #include "accesstoken_info_manager.h"
26 #include "accesstoken_remote_token_manager.h"
27 #include "libraryloader.h"
28 #include "token_field_const.h"
29 #ifdef TOKEN_SYNC_ENABLE
30 #include "token_sync_kit_loader.h"
31 #endif
32 #include "permission_manager.h"
33 #include "token_modify_notifier.h"
34 #undef private
35 #include "permission_validator.h"
36 #include "string_ex.h"
37 #include "token_setproc.h"
38 #include "system_ability_definition.h"
39
40 using namespace testing::ext;
41 using namespace OHOS;
42
43 namespace OHOS {
44 namespace Security {
45 namespace AccessToken {
46 namespace {
47 static constexpr int32_t DEFAULT_API_VERSION = 8;
48 static constexpr int USER_ID = 100;
49 static constexpr int INST_INDEX = 0;
50 static constexpr int32_t MAX_EXTENDED_MAP_SIZE = 512;
51 static constexpr int32_t MAX_VALUE_LENGTH = 1024;
52 static AccessTokenID g_selfTokenId = 0;
53 static PermissionDef g_infoManagerTestPermDef1 = {
54 .permissionName = "open the door",
55 .bundleName = "accesstoken_test",
56 .grantMode = 1,
57 .availableLevel = APL_NORMAL,
58 .provisionEnable = false,
59 .distributedSceneEnable = false,
60 .label = "label",
61 .labelId = 1,
62 .description = "open the door",
63 .descriptionId = 1
64 };
65
66 static PermissionDef g_infoManagerTestPermDef2 = {
67 .permissionName = "break the door",
68 .bundleName = "accesstoken_test",
69 .grantMode = 1,
70 .availableLevel = APL_NORMAL,
71 .provisionEnable = false,
72 .distributedSceneEnable = false,
73 .label = "label",
74 .labelId = 1,
75 .description = "break the door",
76 .descriptionId = 1
77 };
78
79 static PermissionStatus g_infoManagerTestState1 = {
80 .permissionName = "open the door",
81 .grantStatus = 1,
82 .grantFlag = 1
83 };
84
85 static PermissionStatus g_infoManagerTestState2 = {
86 .permissionName = "break the door",
87 .grantStatus = 1,
88 .grantFlag = 1
89 };
90
91 static HapInfoParams g_infoManagerTestInfoParms = {
92 .userID = 1,
93 .bundleName = "accesstoken_test",
94 .instIndex = 0,
95 .appIDDesc = "testtesttesttest"
96 };
97
98 static HapPolicy g_infoManagerTestPolicyPrams1 = {
99 .apl = APL_NORMAL,
100 .domain = "test.domain",
101 .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2},
102 .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2}
103 };
104
105 static PermissionStatus g_permState = {
106 .permissionName = "ohos.permission.CAMERA",
107 .grantStatus = PermissionState::PERMISSION_DENIED,
108 .grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG
109 };
110
111 #ifdef TOKEN_SYNC_ENABLE
112 static uint32_t tokenSyncId_ = 0;
113 static const int32_t FAKE_SYNC_RET = 0xabcdef;
114 class TokenSyncCallbackMock : public TokenSyncCallbackStub {
115 public:
116 TokenSyncCallbackMock() = default;
117 virtual ~TokenSyncCallbackMock() = default;
118
119 MOCK_METHOD(int32_t, GetRemoteHapTokenInfo, (const std::string&, AccessTokenID), (override));
120 MOCK_METHOD(int32_t, DeleteRemoteHapTokenInfo, (AccessTokenID), (override));
121 MOCK_METHOD(int32_t, UpdateRemoteHapTokenInfo, (const HapTokenInfoForSync&), (override));
122 };
123 #endif
124 }
125
SetUpTestCase()126 void AccessTokenInfoManagerTest::SetUpTestCase()
127 {
128 g_selfTokenId = GetSelfTokenID();
129 uint32_t hapSize = 0;
130 uint32_t nativeSize = 0;
131 uint32_t pefDefSize = 0;
132 uint32_t dlpSize = 0;
133 std::map<int32_t, TokenIdInfo> tokenIdAplMap;
134 AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize, tokenIdAplMap);
135 }
136
TearDownTestCase()137 void AccessTokenInfoManagerTest::TearDownTestCase()
138 {
139 sleep(3); // delay 3 minutes
140 SetSelfTokenID(g_selfTokenId);
141 }
142
SetUp()143 void AccessTokenInfoManagerTest::SetUp()
144 {
145 atManagerService_ = DelayedSingleton<AccessTokenManagerService>::GetInstance();
146 EXPECT_NE(nullptr, atManagerService_);
147 }
148
TearDown()149 void AccessTokenInfoManagerTest::TearDown()
150 {
151 atManagerService_ = nullptr;
152 }
153
154 /**
155 * @tc.name: HapTokenInfoInner001
156 * @tc.desc: HapTokenInfoInner::HapTokenInfoInner.
157 * @tc.type: FUNC
158 * @tc.require:
159 */
160 HWTEST_F(AccessTokenInfoManagerTest, HapTokenInfoInner001, TestSize.Level0)
161 {
162 AccessTokenID id = 0x20240112;
163 HapTokenInfo info = {
164 .ver = 1,
165 .userID = 1,
166 .bundleName = "com.ohos.access_token",
167 .instIndex = 1,
168 .tokenID = id,
169 .tokenAttr = 0
170 };
171 std::vector<PermissionStatus> permStateList;
172 std::shared_ptr<HapTokenInfoInner> hap = std::make_shared<HapTokenInfoInner>(id, info, permStateList);
173 ASSERT_EQ(hap->IsRemote(), false);
174 hap->SetRemote(true);
175 std::vector<GenericValues> valueList;
176 hap->StoreHapInfo(valueList, "test", APL_NORMAL);
177
178 hap->StorePermissionPolicy(valueList);
179 ASSERT_EQ(hap->IsRemote(), true);
180 hap->SetRemote(false);
181 int32_t version = hap->GetApiVersion(5608);
182 ASSERT_EQ(static_cast<int32_t>(608), version);
183 }
184
185 /**
186 * @tc.name: CreateHapTokenInfo001
187 * @tc.desc: Verify the CreateHapTokenInfo add one hap token function.
188 * @tc.type: FUNC
189 * @tc.require:
190 */
191 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level0)
192 {
193 AccessTokenIDEx tokenIdEx = {0};
194 std::vector<GenericValues> undefValues;
195 int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
196 g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
197 ASSERT_EQ(RET_SUCCESS, ret);
198 GTEST_LOG_(INFO) << "add a hap token";
199
200 std::shared_ptr<HapTokenInfoInner> tokenInfo;
201 tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID);
202 ASSERT_NE(nullptr, tokenInfo);
203
204 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
205 ASSERT_EQ(RET_SUCCESS, ret);
206 GTEST_LOG_(INFO) << "remove the token info";
207
208 tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID);
209 ASSERT_EQ(nullptr, tokenInfo);
210 }
211
212 /**
213 * @tc.name: CreateHapTokenInfo002
214 * @tc.desc: Verify the CreateHapTokenInfo add one hap token twice function.
215 * @tc.type: FUNC
216 * @tc.require:
217 */
218 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level0)
219 {
220 AccessTokenIDEx tokenIdEx = {0};
221 std::vector<GenericValues> undefValues;
222 int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
223 g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
224 ASSERT_EQ(RET_SUCCESS, ret);
225 GTEST_LOG_(INFO) << "add a hap token";
226
227 AccessTokenIDEx tokenIdEx1 = {0};
228 ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
229 g_infoManagerTestPolicyPrams1, tokenIdEx1, undefValues);
230 ASSERT_EQ(RET_SUCCESS, ret);
231 ASSERT_NE(tokenIdEx.tokenIdExStruct.tokenID, tokenIdEx1.tokenIdExStruct.tokenID);
232 GTEST_LOG_(INFO) << "add same hap token";
233
234 std::shared_ptr<HapTokenInfoInner> tokenInfo;
235 tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx1.tokenIdExStruct.tokenID);
236 ASSERT_NE(nullptr, tokenInfo);
237
238 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx1.tokenIdExStruct.tokenID);
239 ASSERT_EQ(RET_SUCCESS, ret);
240 GTEST_LOG_(INFO) << "remove the token info";
241 }
242
243 /**
244 * @tc.name: CreateHapTokenInfo003
245 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test userID invalid
246 * @tc.type: FUNC
247 * @tc.require:
248 */
249 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo003, TestSize.Level0)
250 {
251 HapInfoParams info = {
252 .userID = -1
253 };
254 HapPolicy policy;
255 AccessTokenIDEx tokenIdEx;
256 std::vector<GenericValues> undefValues;
257
258 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx,
259 undefValues));
260 }
261
262 /**
263 * @tc.name: CreateHapTokenInfo004
264 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test bundleName invalid
265 * @tc.type: FUNC
266 * @tc.require:
267 */
268 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo004, TestSize.Level0)
269 {
270 HapInfoParams info = {
271 .userID = USER_ID,
272 .bundleName = ""
273 };
274 HapPolicy policy;
275 AccessTokenIDEx tokenIdEx;
276 std::vector<GenericValues> undefValues;
277
278 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx,
279 undefValues));
280 }
281
282 /**
283 * @tc.name: CreateHapTokenInfo005
284 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test appIDDesc invalid
285 * @tc.type: FUNC
286 * @tc.require:
287 */
288 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo005, TestSize.Level0)
289 {
290 HapInfoParams info = {
291 .userID = USER_ID,
292 .bundleName = "ohos.com.testtesttest",
293 .appIDDesc = ""
294 };
295 HapPolicy policy;
296 AccessTokenIDEx tokenIdEx;
297 std::vector<GenericValues> undefValues;
298
299 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx,
300 undefValues));
301 }
302
303 /**
304 * @tc.name: CreateHapTokenInfo006
305 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test domain invalid
306 * @tc.type: FUNC
307 * @tc.require:
308 */
309 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo006, TestSize.Level0)
310 {
311 HapInfoParams info = {
312 .userID = USER_ID,
313 .bundleName = "ohos.com.testtesttest",
314 .appIDDesc = "who cares"
315 };
316 HapPolicy policy = {
317 .domain = ""
318 };
319 AccessTokenIDEx tokenIdEx;
320 std::vector<GenericValues> undefValues;
321
322 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx,
323 undefValues));
324 }
325
326 /**
327 * @tc.name: CreateHapTokenInfo007
328 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test dlpType invalid
329 * @tc.type: FUNC
330 * @tc.require:
331 */
332 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo007, TestSize.Level0)
333 {
334 HapInfoParams info = {
335 .userID = USER_ID,
336 .bundleName = "ohos.com.testtesttest",
337 .dlpType = -1,
338 .appIDDesc = "who cares"
339 };
340 HapPolicy policy = {
341 .domain = "who cares"
342 };
343 AccessTokenIDEx tokenIdEx;
344 std::vector<GenericValues> undefValues;
345
346 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx,
347 undefValues));
348 }
349
350 /**
351 * @tc.name: CreateHapTokenInfo008
352 * @tc.desc: AccessTokenInfoManager::CreateHapTokenInfo function test grant mode invalid
353 * @tc.type: FUNC
354 * @tc.require:
355 */
356 HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo008, TestSize.Level0)
357 {
358 static PermissionDef permDef = {
359 .permissionName = "ohos.permission.test",
360 .bundleName = "accesstoken_test",
361 .grantMode = -1, // -1:invalid grant mode
362 .availableLevel = APL_NORMAL,
363 .provisionEnable = false,
364 .distributedSceneEnable = false,
365 .label = "label",
366 .labelId = 1,
367 .description = "open the door",
368 .descriptionId = 1
369 };
370 HapInfoParams info = {
371 .userID = USER_ID,
372 .bundleName = "ohos.com.testtesttest",
373 .appIDDesc = ""
374 };
375 HapPolicy policy = {
376 .apl = APL_NORMAL,
377 .domain = "test.domain",
378 .permList = {permDef}
379 };
380 AccessTokenIDEx tokenIdEx;
381 std::vector<GenericValues> undefValues;
382 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx,
383 undefValues));
384 }
385
386 /**
387 * @tc.name: InitHapToken001
388 * @tc.desc: InitHapToken function test with invalid userID
389 * @tc.type: FUNC
390 * @tc.require:
391 */
392 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken001, TestSize.Level0)
393 {
394 HapInfoParcel hapinfoParcel;
395 hapinfoParcel.hapInfoParameter = {
396 .userID = -1,
397 .bundleName = "accesstoken_test",
398 .instIndex = 0,
399 .dlpType = DLP_COMMON,
400 .appIDDesc = "testtesttesttest",
401 .apiVersion = DEFAULT_API_VERSION,
402 .isSystemApp = false,
403 };
404 HapPolicyParcel hapPolicyParcel;
405 hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL;
406 hapPolicyParcel.hapPolicy.domain = "test.domain";
407 uint64_t fullTokenId;
408 HapInfoCheckResultIdl result;
409 ASSERT_EQ(ERR_PARAM_INVALID,
410 atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, fullTokenId, result));
411 }
412
413 /**
414 * @tc.name: InitHapToken002
415 * @tc.desc: InitHapToken function test with invalid userID
416 * @tc.type: FUNC
417 * @tc.require:
418 */
419 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken002, TestSize.Level0)
420 {
421 HapInfoParcel hapinfoParcel;
422 hapinfoParcel.hapInfoParameter = {
423 .userID = -1,
424 .bundleName = "accesstoken_test",
425 .instIndex = 0,
426 .dlpType = DLP_READ,
427 .appIDDesc = "testtesttesttest",
428 .apiVersion = DEFAULT_API_VERSION,
429 .isSystemApp = false,
430 };
431 HapPolicyParcel hapPolicyParcel;
432 hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL;
433 hapPolicyParcel.hapPolicy.domain = "test.domain";
434 uint64_t fullTokenId;
435 HapInfoCheckResultIdl result;
436 ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED,
437 atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, fullTokenId, result));
438 }
439
440 /**
441 * @tc.name: InitHapToken003
442 * @tc.desc: InitHapToken function test with invalid apl permission
443 * @tc.type: FUNC
444 * @tc.require:
445 */
446 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken003, TestSize.Level0)
447 {
448 HapInfoParcel info;
449 info.hapInfoParameter = {
450 .userID = 0,
451 .bundleName = "accesstoken_test",
452 .instIndex = 0,
453 .dlpType = DLP_COMMON,
454 .appIDDesc = "testtesttesttest",
455 .apiVersion = DEFAULT_API_VERSION,
456 .isSystemApp = false,
457 };
458 HapPolicyParcel policy;
459 PermissionStatus permissionStateA = {
460 .permissionName = "ohos.permission.GET_ALL_APP_ACCOUNTS",
461 .grantStatus = 1,
462 .grantFlag = 1
463 };
464 PermissionStatus permissionStateB = {
465 .permissionName = "ohos.permission.test",
466 .grantStatus = 1,
467 .grantFlag = 1
468 };
469 policy.hapPolicy = {
470 .apl = APL_NORMAL,
471 .domain = "test",
472 .permList = {},
473 .permStateList = { permissionStateA, permissionStateB }
474 };
475 uint64_t fullTokenId;
476 HapInfoCheckResultIdl resultInfoIdl;
477 HapInfoCheckResult result;
478
479 ASSERT_EQ(0,
480 atManagerService_->InitHapToken(info, policy, fullTokenId, resultInfoIdl));
481
482 PermissionInfoCheckResult permCheckResult;
483 permCheckResult.permissionName = resultInfoIdl.permissionName;
484 int32_t rule = static_cast<int32_t>(resultInfoIdl.rule);
485 permCheckResult.rule = PermissionRulesEnum(rule);
486 result.permCheckResult = permCheckResult;
487 ASSERT_EQ(result.permCheckResult.permissionName, "ohos.permission.GET_ALL_APP_ACCOUNTS");
488 ASSERT_EQ(result.permCheckResult.rule, PERMISSION_ACL_RULE);
489 permissionStateA.permissionName = "ohos.permission.ENTERPRISE_MANAGE_SETTINGS";
490 policy.hapPolicy.aclRequestedList = { "ohos.permission.ENTERPRISE_MANAGE_SETTINGS" };
491 policy.hapPolicy.permStateList = { permissionStateA, permissionStateB };
492 ASSERT_EQ(0,
493 atManagerService_->InitHapToken(info, policy, fullTokenId, resultInfoIdl));
494
495 ASSERT_EQ(resultInfoIdl.permissionName, "ohos.permission.ENTERPRISE_MANAGE_SETTINGS");
496 rule = static_cast<int32_t>(resultInfoIdl.rule);
497 ASSERT_EQ(PermissionRulesEnum(rule), PERMISSION_EDM_RULE);
498 }
499
GetHapParams(HapInfoParams & infoParams,HapPolicy & policyParams)500 static void GetHapParams(HapInfoParams& infoParams, HapPolicy& policyParams)
501 {
502 infoParams.userID = 0;
503 infoParams.bundleName = "com.ohos.AccessTokenTestBundle";
504 infoParams.instIndex = 0;
505 infoParams.appIDDesc = "AccessTokenTestAppID";
506 infoParams.apiVersion = DEFAULT_API_VERSION;
507 infoParams.isSystemApp = true;
508 infoParams.appDistributionType = "";
509
510 policyParams.apl = APL_SYSTEM_CORE;
511 policyParams.domain = "accesstoken_test_domain";
512 }
513
TestPrepareKernelPermissionStatus(HapPolicy & policyParams)514 void TestPrepareKernelPermissionStatus(HapPolicy& policyParams)
515 {
516 PermissionStatus permissionStatusBasic = {
517 .permissionName = "ohos.permission.test_basic",
518 .grantStatus = PERMISSION_GRANTED,
519 .grantFlag = PERMISSION_SYSTEM_FIXED,
520 };
521
522 PermissionStatus PermissionStatus001 = permissionStatusBasic;
523 PermissionStatus001.permissionName = "ohos.permission.KERNEL_ATM_SELF_USE";
524 PermissionStatus PermissionStatus002 = permissionStatusBasic;
525 PermissionStatus002.permissionName = "ohos.permission.MICROPHONE";
526 PermissionStatus PermissionStatus003 = permissionStatusBasic;
527 PermissionStatus003.permissionName = "ohos.permission.CAMERA";
528 policyParams.permStateList = {PermissionStatus001, PermissionStatus002, PermissionStatus003};
529 policyParams.aclExtendedMap["ohos.permission.KERNEL_ATM_SELF_USE"] = "123";
530 policyParams.aclExtendedMap["ohos.permission.MICROPHONE"] = "456"; // filtered
531 policyParams.aclExtendedMap["ohos.permission.CAMERA"] = "789"; // filtered
532 }
533
534 /**
535 * @tc.name: InitHapToken004
536 * @tc.desc: aclExtendedMap size test
537 * @tc.type: FUNC
538 * @tc.require:
539 */
540 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken004, TestSize.Level0)
541 {
542 HapInfoParcel info;
543 HapPolicyParcel policy;
544 GetHapParams(info.hapInfoParameter, policy.hapPolicy);
545
546 uint64_t fullTokenId;
547 HapInfoCheckResultIdl result;
548 int32_t ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
549 ASSERT_EQ(RET_SUCCESS, ret);
550
551 for (size_t i = 0; i < MAX_EXTENDED_MAP_SIZE - 1; i++) {
552 policy.hapPolicy.aclExtendedMap[std::to_string(i)] = std::to_string(i);
553 }
554 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
555 ASSERT_EQ(RET_SUCCESS, ret);
556
557 policy.hapPolicy.aclExtendedMap[std::to_string(MAX_EXTENDED_MAP_SIZE - 1)] =
558 std::to_string(MAX_EXTENDED_MAP_SIZE - 1);
559 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
560 ASSERT_EQ(RET_SUCCESS, ret);
561 AccessTokenIDEx tokenIDEx = {fullTokenId};
562 AccessTokenID tokenID = tokenIDEx.tokenIdExStruct.tokenID;
563
564 policy.hapPolicy.aclExtendedMap[std::to_string(MAX_EXTENDED_MAP_SIZE)] =
565 std::to_string(MAX_EXTENDED_MAP_SIZE);
566 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
567 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
568
569 ret = atManagerService_->DeleteToken(tokenID);
570 EXPECT_EQ(RET_SUCCESS, ret);
571 }
572
573 /**
574 * @tc.name: InitHapToken005
575 * @tc.desc: aclExtendedMap size test
576 * @tc.type: FUNC
577 * @tc.require:
578 */
579 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken005, TestSize.Level0)
580 {
581 HapInfoParcel info;
582 HapPolicyParcel policy;
583 GetHapParams(info.hapInfoParameter, policy.hapPolicy);
584
585 uint64_t fullTokenId;
586 HapInfoCheckResultIdl result;
587 policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = "";
588 int32_t ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
589 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
590
591 std::string testValue(MAX_VALUE_LENGTH - 1, '1');
592 policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue;
593 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
594 ASSERT_EQ(RET_SUCCESS, ret);
595
596 testValue.push_back('1');
597 policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue;
598 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
599 ASSERT_EQ(RET_SUCCESS, ret);
600 AccessTokenIDEx tokenIDEx = {fullTokenId};
601 AccessTokenID tokenID = tokenIDEx.tokenIdExStruct.tokenID;
602
603 testValue.push_back('1');
604 policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue;
605 ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result);
606 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret);
607
608 ret = atManagerService_->DeleteToken(tokenID);
609 EXPECT_EQ(RET_SUCCESS, ret);
610 }
611
612 /**
613 * @tc.name: InitHapToken006
614 * @tc.desc: InitHapToken permission with value
615 * @tc.type: FUNC
616 * @tc.require:
617 */
618 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken006, TestSize.Level0)
619 {
620 HapInfoParcel info;
621 HapPolicyParcel policy;
622 GetHapParams(info.hapInfoParameter, policy.hapPolicy);
623 uint64_t fullTokenId;
624 HapInfoCheckResultIdl result;
625
626 TestPrepareKernelPermissionStatus(policy.hapPolicy);
627 ASSERT_EQ(RET_SUCCESS, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
628 AccessTokenID tokenID = static_cast<AccessTokenID>(fullTokenId);
629
630 std::vector<PermissionWithValueIdl> kernelPermList;
631 EXPECT_EQ(RET_SUCCESS, atManagerService_->GetKernelPermissions(tokenID, kernelPermList));
632 EXPECT_EQ(1, kernelPermList.size());
633
634 std::string value;
635 EXPECT_EQ(RET_SUCCESS, atManagerService_->GetReqPermissionByName(
636 tokenID, "ohos.permission.KERNEL_ATM_SELF_USE", value));
637 EXPECT_EQ("123", value);
638
639 EXPECT_EQ(AccessTokenError::ERR_PERMISSION_WITHOUT_VALUE, atManagerService_->GetReqPermissionByName(
640 tokenID, "ohos.permission.MICROPHONE", value));
641 EXPECT_EQ(AccessTokenError::ERR_PERMISSION_WITHOUT_VALUE, atManagerService_->GetReqPermissionByName(
642 tokenID, "ohos.permission.CAMERA", value));
643
644 ASSERT_EQ(RET_SUCCESS, atManagerService_->DeleteToken(tokenID));
645 }
646
647
648 /**
649 * @tc.name: InitHapToken007
650 * @tc.desc: InitHapToken app.apl > policy.apl, extended permission not in aclExtendedMap
651 * @tc.type: FUNC
652 * @tc.require:
653 */
654 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken007, TestSize.Level0)
655 {
656 HapInfoParcel info;
657 HapPolicyParcel policy;
658 GetHapParams(info.hapInfoParameter, policy.hapPolicy);
659 uint64_t fullTokenId;
660 HapInfoCheckResultIdl result;
661
662 TestPrepareKernelPermissionStatus(policy.hapPolicy);
663 policy.hapPolicy.aclExtendedMap.erase("ohos.permission.KERNEL_ATM_SELF_USE");
664 ASSERT_EQ(RET_SUCCESS, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
665 AccessTokenID tokenID = static_cast<AccessTokenID>(fullTokenId);
666
667 std::vector<PermissionWithValueIdl> kernelPermList;
668 EXPECT_EQ(RET_SUCCESS, atManagerService_->GetKernelPermissions(tokenID, kernelPermList));
669 EXPECT_EQ(1, kernelPermList.size());
670
671 std::string value;
672 EXPECT_EQ(RET_SUCCESS, atManagerService_->GetReqPermissionByName(
673 tokenID, "ohos.permission.KERNEL_ATM_SELF_USE", value));
674 EXPECT_EQ("", value);
675
676 ASSERT_EQ(RET_SUCCESS, atManagerService_->DeleteToken(tokenID));
677 }
678
679 /**
680 * @tc.name: InitHapToken008
681 * @tc.desc: InitHapToken function test with invalid apl permission
682 * @tc.type: FUNC
683 * @tc.require:
684 */
685 HWTEST_F(AccessTokenInfoManagerTest, InitHapToken008, TestSize.Level0)
686 {
687 HapInfoParcel info;
688 info.hapInfoParameter = {
689 .userID = 0,
690 .bundleName = "accesstoken_test",
691 .instIndex = 0,
692 .dlpType = DLP_COMMON,
693 .appIDDesc = "testtesttesttest",
694 .apiVersion = DEFAULT_API_VERSION,
695 .isSystemApp = false,
696 };
697 HapPolicyParcel policy;
698 PermissionStatus permissionStateA = {
699 .permissionName = "ohos.permission.GET_ALL_APP_ACCOUNTS",
700 .grantStatus = 1,
701 .grantFlag = 1
702 };
703 PermissionStatus permissionStateB = {
704 .permissionName = "ohos.permission.test",
705 .grantStatus = 1,
706 .grantFlag = 1
707 };
708 policy.hapPolicy = {
709 .apl = APL_NORMAL,
710 .domain = "test",
711 .permList = {},
712 .permStateList = { permissionStateA, permissionStateB }
713 };
714 uint64_t fullTokenId;
715 HapInfoCheckResultIdl resultInfoIdl;
716 HapInfoCheckResult result;
717
718 ASSERT_EQ(0,
719 atManagerService_->InitHapToken(info, policy, fullTokenId, resultInfoIdl));
720
721 PermissionInfoCheckResult permCheckResult;
722 permCheckResult.permissionName = resultInfoIdl.permissionName;
723 int32_t rule = static_cast<int32_t>(resultInfoIdl.rule);
724 permCheckResult.rule = PermissionRulesEnum(rule);
725 result.permCheckResult = permCheckResult;
726 ASSERT_EQ(result.permCheckResult.permissionName, "ohos.permission.GET_ALL_APP_ACCOUNTS");
727 ASSERT_EQ(result.permCheckResult.rule, PERMISSION_ACL_RULE);
728 permissionStateA.permissionName = "ohos.permission.FILE_GUARD_MANAGER";
729 policy.hapPolicy.aclRequestedList = { "ohos.permission.FILE_GUARD_MANAGER" };
730 policy.hapPolicy.permStateList = { permissionStateA, permissionStateB };
731 ASSERT_EQ(0, atManagerService_->InitHapToken(info, policy, fullTokenId, resultInfoIdl));
732 }
733
734 /**
735 * @tc.name: IsTokenIdExist001
736 * @tc.desc: Verify the IsTokenIdExist exist accesstokenid.
737 * @tc.type: FUNC
738 * @tc.require:
739 */
740 HWTEST_F(AccessTokenInfoManagerTest, IsTokenIdExist001, TestSize.Level0)
741 {
742 AccessTokenID testId = 1;
743 ASSERT_EQ(AccessTokenInfoManager::GetInstance().IsTokenIdExist(testId), false);
744 }
745
746 /**
747 * @tc.name: GetHapTokenInfo001
748 * @tc.desc: Verify the GetHapTokenInfo abnormal and normal branch.
749 * @tc.type: FUNC
750 * @tc.require:
751 */
752 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfo001, TestSize.Level0)
753 {
754 AccessTokenIDEx tokenIdEx = {0};
755 int result;
756 HapTokenInfo hapInfo;
757 result = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapInfo);
758 ASSERT_EQ(result, ERR_TOKENID_NOT_EXIST);
759
760 std::vector<GenericValues> undefValues;
761 result = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
762 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
763 ASSERT_EQ(RET_SUCCESS, result);
764 GTEST_LOG_(INFO) << "add a hap token";
765 result = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapInfo);
766 ASSERT_EQ(result, RET_SUCCESS);
767 result = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
768 ASSERT_EQ(RET_SUCCESS, result);
769 GTEST_LOG_(INFO) << "remove the token info";
770 }
771
772 /**
773 * @tc.name: RemoveHapTokenInfo001
774 * @tc.desc: Verify the RemoveHapTokenInfo abnormal branch tokenID type is not true.
775 * @tc.type: FUNC
776 * @tc.require:
777 */
778 HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level0)
779 {
780 AccessTokenIDEx tokenIdEx = {0};
781 // type != TOKEN_HAP
782 ASSERT_EQ(
783 ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID));
784
785 AccessTokenID tokenId = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
786 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP));
787 // hapTokenInfoMap_.count(id) == 0
788 ASSERT_EQ(ERR_TOKENID_NOT_EXIST, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
789
790 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP));
791 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = nullptr;
792 ASSERT_EQ(ERR_TOKEN_INVALID, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId)); // info == nullptr
793 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId);
794
795 std::shared_ptr<HapTokenInfoInner> info = std::make_shared<HapTokenInfoInner>();
796 info->tokenInfoBasic_.userID = USER_ID;
797 info->tokenInfoBasic_.bundleName = "com.ohos.TEST";
798 info->tokenInfoBasic_.instIndex = INST_INDEX;
799 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = info;
800 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP));
801 // count(HapUniqueKey) == 0
802 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
803
804 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP)); // removed above
805 AccessTokenID tokenId2 = 537919486; // 537919486: 001 00 0 000000 11111111111111111110
806 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = info;
807 std::string hapUniqueKey = "com.ohos.TEST&" + std::to_string(USER_ID) + "&" + std::to_string(INST_INDEX);
808 AccessTokenInfoManager::GetInstance().hapTokenIdMap_[hapUniqueKey] = tokenId2;
809 // hapTokenIdMap_[HapUniqueKey] != id
810 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
811 AccessTokenInfoManager::GetInstance().hapTokenIdMap_.erase(hapUniqueKey);
812 }
813
814 /**
815 * @tc.name: GetHapTokenID001
816 * @tc.desc: Verify the GetHapTokenID by userID/bundleName/instIndex, function.
817 * @tc.type: FUNC
818 * @tc.require:
819 */
820 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID001, TestSize.Level0)
821 {
822 AccessTokenIDEx tokenIdEx = {0};
823 std::vector<GenericValues> undefValues;
824 int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
825 g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
826 ASSERT_EQ(RET_SUCCESS, ret);
827 GTEST_LOG_(INFO) << "add a hap token";
828
829 tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(g_infoManagerTestInfoParms.userID,
830 g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex);
831 ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIdExStruct.tokenID);
832 GTEST_LOG_(INFO) << "find hap info";
833
834 std::shared_ptr<HapTokenInfoInner> tokenInfo;
835 tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID);
836 ASSERT_NE(nullptr, tokenInfo);
837 GTEST_LOG_(INFO) << "remove the token info";
838
839 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
840 ASSERT_EQ(RET_SUCCESS, ret);
841 GTEST_LOG_(INFO) << "remove the token info";
842 }
843
844 /**
845 * @tc.name: UpdateHapToken001
846 * @tc.desc: Verify the UpdateHapToken token function.
847 * @tc.type: FUNC
848 * @tc.require:
849 */
850 HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level0)
851 {
852 AccessTokenIDEx tokenIdEx = {0};
853 std::vector<GenericValues> undefValues;
854 int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
855 g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
856 ASSERT_EQ(RET_SUCCESS, ret);
857 GTEST_LOG_(INFO) << "add a hap token";
858
859 HapPolicy policy = g_infoManagerTestPolicyPrams1;
860 policy.apl = APL_SYSTEM_BASIC;
861 UpdateHapInfoParams info;
862 info.appIDDesc = std::string("updateAppId");
863 info.apiVersion = DEFAULT_API_VERSION;
864 info.isSystemApp = false;
865 ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(
866 tokenIdEx, info, policy.permStateList, policy, undefValues);
867 ASSERT_EQ(RET_SUCCESS, ret);
868 GTEST_LOG_(INFO) << "update the hap token";
869
870 std::shared_ptr<HapTokenInfoInner> tokenInfo;
871 tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID);
872 ASSERT_NE(nullptr, tokenInfo);
873
874 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
875 ASSERT_EQ(RET_SUCCESS, ret);
876 GTEST_LOG_(INFO) << "remove the token info";
877 }
878
879 /**
880 * @tc.name: UpdateHapToken002
881 * @tc.desc: Verify the UpdateHapToken token function abnormal branch.
882 * @tc.type: FUNC
883 * @tc.require:
884 */
885 HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level0)
886 {
887 AccessTokenIDEx tokenIdEx = {0};
888 HapPolicy policy = g_infoManagerTestPolicyPrams1;
889 policy.apl = APL_SYSTEM_BASIC;
890 UpdateHapInfoParams info;
891 info.appIDDesc = std::string("");
892 info.apiVersion = DEFAULT_API_VERSION;
893 info.isSystemApp = false;
894 std::vector<GenericValues> undefValues;
895 int ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(
896 tokenIdEx, info, policy.permStateList, policy, undefValues);
897 ASSERT_EQ(ERR_PARAM_INVALID, ret);
898
899 info.appIDDesc = std::string("updateAppId");
900 ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(
901 tokenIdEx, info, policy.permStateList, policy, undefValues);
902 ASSERT_EQ(ERR_TOKENID_NOT_EXIST, ret);
903 }
904
905 /**
906 * @tc.name: UpdateHapToken003
907 * @tc.desc: AccessTokenInfoManager::UpdateHapToken function test IsRemote_ true
908 * @tc.type: FUNC
909 * @tc.require:
910 */
911 HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level0)
912 {
913 AccessTokenID tokenId = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
914 AccessTokenIDEx tokenIdEx = {0};
915 tokenIdEx.tokenIdExStruct.tokenID = tokenId;
916 std::shared_ptr<HapTokenInfoInner> info = std::make_shared<HapTokenInfoInner>();
917 info->isRemote_ = true;
918 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = info;
919 HapPolicy policy;
920 UpdateHapInfoParams hapInfoParams;
921 hapInfoParams.appIDDesc = "who cares";
922 hapInfoParams.apiVersion = DEFAULT_API_VERSION;
923 hapInfoParams.isSystemApp = false;
924 std::vector<GenericValues> undefValues;
925 ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, AccessTokenInfoManager::GetInstance().UpdateHapToken(
926 tokenIdEx, hapInfoParams, policy.permStateList, policy, undefValues));
927 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId);
928 }
929
930 /**
931 * @tc.name: UpdateHapToken004
932 * @tc.desc: UpdateHapToken permission with value
933 * @tc.type: FUNC
934 * @tc.require:
935 */
936 HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken004, TestSize.Level0)
937 {
938 HapInfoParcel info;
939 HapPolicyParcel policy;
940 GetHapParams(info.hapInfoParameter, policy.hapPolicy);
941 uint64_t fullTokenId;
942 HapInfoCheckResultIdl result;
943
944 TestPrepareKernelPermissionStatus(policy.hapPolicy);
945 ASSERT_EQ(RET_SUCCESS, atManagerService_->InitHapToken(info, policy, fullTokenId, result));
946 AccessTokenID tokenID = static_cast<AccessTokenID>(fullTokenId);
947
948 policy.hapPolicy.aclExtendedMap["ohos.permission.KERNEL_ATM_SELF_USE"] = "1"; // modified value
949 UpdateHapInfoParamsIdl updateInfoParams = {
950 .appIDDesc = "AccessTokenTestAppID",
951 .apiVersion = DEFAULT_API_VERSION,
952 .isSystemApp = true,
953 .appDistributionType = "",
954 };
955 EXPECT_EQ(RET_SUCCESS, atManagerService_->UpdateHapToken(fullTokenId, updateInfoParams, policy, result));
956
957 std::vector<PermissionWithValueIdl> kernelPermList;
958 EXPECT_EQ(RET_SUCCESS, atManagerService_->GetKernelPermissions(tokenID, kernelPermList));
959 EXPECT_EQ(1, kernelPermList.size());
960
961 std::string value;
962 EXPECT_EQ(RET_SUCCESS, atManagerService_->GetReqPermissionByName(
963 tokenID, "ohos.permission.KERNEL_ATM_SELF_USE", value));
964 EXPECT_EQ("1", value);
965
966 EXPECT_EQ(AccessTokenError::ERR_PERMISSION_WITHOUT_VALUE, atManagerService_->GetReqPermissionByName(
967 tokenID, "ohos.permission.MICROPHONE", value));
968 EXPECT_EQ(AccessTokenError::ERR_PERMISSION_WITHOUT_VALUE, atManagerService_->GetReqPermissionByName(
969 tokenID, "ohos.permission.CAMERA", value));
970
971 ASSERT_EQ(RET_SUCCESS, atManagerService_->DeleteToken(tokenID));
972 }
973
974
975 #ifdef TOKEN_SYNC_ENABLE
976 /**
977 * @tc.name: GetHapTokenSync001
978 * @tc.desc: Verify the GetHapTokenSync token function and abnormal branch.
979 * @tc.type: FUNC
980 * @tc.require:
981 */
982 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync001, TestSize.Level0)
983 {
984 AccessTokenIDEx tokenIdEx = {0};
985 int result;
986 std::vector<GenericValues> undefValues;
987 result = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
988 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
989 ASSERT_EQ(RET_SUCCESS, result);
990 GTEST_LOG_(INFO) << "add a hap token";
991
992 HapTokenInfoForSync hapSync;
993 result = AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
994 ASSERT_EQ(result, RET_SUCCESS);
995
996 result = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
997 ASSERT_EQ(RET_SUCCESS, result);
998 GTEST_LOG_(INFO) << "remove the token info";
999
1000 result = AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
1001 ASSERT_NE(result, RET_SUCCESS);
1002 }
1003
1004 /**
1005 * @tc.name: GetHapTokenSync002
1006 * @tc.desc: AccessTokenInfoManager::GetHapTokenSync function test permSetPtr is null
1007 * @tc.type: FUNC
1008 * @tc.require:
1009 */
1010 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync002, TestSize.Level0)
1011 {
1012 AccessTokenID tokenId = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
1013 std::shared_ptr<HapTokenInfoInner> info = std::make_shared<HapTokenInfoInner>();
1014 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = info;
1015 HapTokenInfoForSync hapSync;
1016 ASSERT_NE(0, AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenId, hapSync));
1017 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId);
1018 }
1019
1020 /**
1021 * @tc.name: GetHapTokenInfoFromRemote001
1022 * @tc.desc: Verify the GetHapTokenInfoFromRemote token function .
1023 * @tc.type: FUNC
1024 * @tc.require:
1025 */
1026 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Level0)
1027 {
1028 AccessTokenIDEx tokenIdEx = {0};
1029 std::vector<GenericValues> undefValues;
1030 int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
1031 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
1032 ASSERT_EQ(RET_SUCCESS, ret);
1033 GTEST_LOG_(INFO) << "add a hap token";
1034
1035 HapTokenInfoForSync hapSync;
1036 ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
1037 ASSERT_EQ(ret, RET_SUCCESS);
1038
1039 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
1040 ASSERT_EQ(RET_SUCCESS, ret);
1041 GTEST_LOG_(INFO) << "remove the token info";
1042 }
1043
1044 /**
1045 * @tc.name: RemoteHapTest001001
1046 * @tc.desc: Verify the RemoteHap token function .
1047 * @tc.type: FUNC
1048 * @tc.require: issueI5RJBB
1049 */
1050 HWTEST_F(AccessTokenInfoManagerTest, RemoteHapTest001, TestSize.Level0)
1051 {
1052 AccessTokenIDEx tokenIdEx = {0};
1053 std::vector<GenericValues> undefValues;
1054 int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
1055 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
1056 ASSERT_EQ(RET_SUCCESS, ret);
1057 GTEST_LOG_(INFO) << "add a hap token";
1058
1059 std::string deviceId = "device_1";
1060 std::string deviceId2 = "device_2";
1061 AccessTokenID mapID =
1062 AccessTokenInfoManager::GetInstance().AllocLocalTokenID(deviceId, tokenIdEx.tokenIdExStruct.tokenID);
1063 ASSERT_EQ(mapID, 0);
1064 HapTokenInfoForSync hapSync;
1065 ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
1066 ASSERT_EQ(RET_SUCCESS, ret);
1067 ret = AccessTokenInfoManager::GetInstance().SetRemoteHapTokenInfo(deviceId, hapSync);
1068 ASSERT_EQ(RET_SUCCESS, ret);
1069 ret = AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceId);
1070 ASSERT_EQ(RET_SUCCESS, ret);
1071 ret = AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceId2);
1072 ASSERT_EQ(ERR_DEVICE_NOT_EXIST, ret);
1073
1074 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
1075 ASSERT_EQ(RET_SUCCESS, ret);
1076 GTEST_LOG_(INFO) << "remove the token info";
1077 }
1078
1079 /**
1080 * @tc.name: DeleteRemoteToken001
1081 * @tc.desc: Verify the DeleteRemoteToken normal and abnormal branch.
1082 * @tc.type: FUNC
1083 * @tc.require: issueI5RJBB
1084 */
1085 HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken001, TestSize.Level0)
1086 {
1087 AccessTokenIDEx tokenIdEx = {0};
1088 std::vector<GenericValues> undefValues;
1089 int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
1090 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
1091 ASSERT_EQ(RET_SUCCESS, ret);
1092 GTEST_LOG_(INFO) << "add a hap token";
1093
1094 std::string deviceId = "device_1";
1095 std::string deviceId2 = "device_2";
1096 AccessTokenID mapId =
1097 AccessTokenInfoManager::GetInstance().AllocLocalTokenID(deviceId, tokenIdEx.tokenIdExStruct.tokenID);
1098 ASSERT_EQ(mapId == 0, true);
1099 HapTokenInfoForSync hapSync;
1100 ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
1101 ASSERT_EQ(RET_SUCCESS, ret);
1102 ret = AccessTokenInfoManager::GetInstance().SetRemoteHapTokenInfo(deviceId, hapSync);
1103 ASSERT_EQ(RET_SUCCESS, ret);
1104 ret = AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceId, tokenIdEx.tokenIdExStruct.tokenID);
1105 ASSERT_EQ(RET_SUCCESS, ret);
1106 ret = AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceId2, tokenIdEx.tokenIdExStruct.tokenID);
1107 ASSERT_NE(RET_SUCCESS, ret);
1108
1109 ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
1110 ASSERT_EQ(RET_SUCCESS, ret);
1111 GTEST_LOG_(INFO) << "remove the token info";
1112 }
1113
SetRemoteHapTokenInfoTest(const std::string & deviceID,const HapTokenInfo & baseInfo)1114 static bool SetRemoteHapTokenInfoTest(const std::string& deviceID, const HapTokenInfo& baseInfo)
1115 {
1116 std::vector<PermissionStatus> permStateList;
1117 permStateList.emplace_back(g_infoManagerTestState1);
1118 HapTokenInfoForSync remoteTokenInfo = {
1119 .baseInfo = baseInfo,
1120 .permStateList = permStateList
1121 };
1122
1123 return RET_SUCCESS == AccessTokenInfoManager::GetInstance().SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
1124 }
1125
1126 /**
1127 * @tc.name: SetRemoteHapTokenInfo001
1128 * @tc.desc: set remote hap token info, token info is wrong
1129 * @tc.type: FUNC
1130 * @tc.require: issue5RJBB
1131 */
1132 HWTEST_F(AccessTokenInfoManagerTest, SetRemoteHapTokenInfo001, TestSize.Level0)
1133 {
1134 std::string deviceID = "deviceId";
1135 HapTokenInfo rightBaseInfo = {
1136 .ver = 1,
1137 .userID = 1,
1138 .bundleName = "com.ohos.access_token",
1139 .instIndex = 1,
1140 .tokenID = 0x20100000,
1141 .tokenAttr = 0
1142 };
1143 HapTokenInfo wrongBaseInfo = rightBaseInfo;
1144 std::string wrongStr(10241, 'x');
1145
1146 EXPECT_EQ(false, SetRemoteHapTokenInfoTest("", wrongBaseInfo));
1147
1148 wrongBaseInfo = rightBaseInfo;
1149 wrongBaseInfo.userID = -1; // wrong userID
1150 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1151
1152 wrongBaseInfo = rightBaseInfo;
1153 wrongBaseInfo.bundleName = wrongStr; // wrong bundleName
1154 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1155
1156 wrongBaseInfo = rightBaseInfo;
1157 wrongBaseInfo.tokenID = 0; // wrong tokenID
1158 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1159
1160 wrongBaseInfo = rightBaseInfo;
1161 wrongBaseInfo.dlpType = (HapDlpType)11; // wrong dlpType
1162 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1163
1164 wrongBaseInfo = rightBaseInfo;
1165 wrongBaseInfo.ver = 2; // 2: wrong version
1166 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1167
1168 wrongBaseInfo = rightBaseInfo;
1169 wrongBaseInfo.tokenID = AccessTokenInfoManager::GetInstance().GetNativeTokenId("hdcd");
1170 EXPECT_EQ(false, SetRemoteHapTokenInfoTest(deviceID, wrongBaseInfo));
1171 }
1172
1173 /**
1174 * @tc.name: ClearUserGrantedPermissionState001
1175 * @tc.desc: AccessTokenInfoManagerTest::ClearUserGrantedPermissionState function test
1176 * @tc.type: FUNC
1177 * @tc.require:
1178 */
1179 HWTEST_F(AccessTokenInfoManagerTest, ClearUserGrantedPermissionState001, TestSize.Level0)
1180 {
1181 AccessTokenID tokenId = 123; // 123 is random input
1182
1183 std::shared_ptr<HapTokenInfoInner> hap = std::make_shared<HapTokenInfoInner>();
1184 ASSERT_NE(nullptr, hap);
1185 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = hap;
1186
1187 AccessTokenInfoManager::GetInstance().ClearUserGrantedPermissionState(tokenId); // permPolicySet is null
1188
1189 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId);
1190 }
1191
1192 /**
1193 * @tc.name: NotifyTokenSyncTask001
1194 * @tc.desc: TokenModifyNotifier::NotifyTokenSyncTask function test
1195 * @tc.type: FUNC
1196 * @tc.require:
1197 */
1198 HWTEST_F(AccessTokenInfoManagerTest, NotifyTokenSyncTask001, TestSize.Level0)
1199 {
1200 std::vector<AccessTokenID> modifiedTokenList = TokenModifyNotifier::GetInstance().modifiedTokenList_; // backup
1201 TokenModifyNotifier::GetInstance().modifiedTokenList_.clear();
1202
1203 AccessTokenID tokenId = 123; // 123 is random input
1204
1205 TokenModifyNotifier::GetInstance().modifiedTokenList_.emplace_back(tokenId);
1206 ASSERT_EQ(true, TokenModifyNotifier::GetInstance().modifiedTokenList_.size() > 0);
1207 TokenModifyNotifier::GetInstance().NotifyTokenSyncTask();
1208
1209 TokenModifyNotifier::GetInstance().modifiedTokenList_ = modifiedTokenList; // recovery
1210 }
1211
setPermission()1212 void setPermission()
1213 {
1214 setuid(0);
1215 if (tokenSyncId_ == 0) {
1216 tokenSyncId_ = AccessTokenInfoManager::GetInstance().GetNativeTokenId("token_sync_service");
1217 }
1218 SetSelfTokenID(tokenSyncId_);
1219 }
1220
1221 /**
1222 * @tc.name: RegisterTokenSyncCallback001
1223 * @tc.desc: TokenModifyNotifier::RegisterTokenSyncCallback function test
1224 * @tc.type: FUNC
1225 * @tc.require:
1226 */
1227 HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Level0)
1228 {
1229 setPermission();
1230 sptr<TokenSyncCallbackMock> callback = new (std::nothrow) TokenSyncCallbackMock();
1231 ASSERT_NE(nullptr, callback);
1232 EXPECT_EQ(RET_SUCCESS,
1233 atManagerService_->RegisterTokenSyncCallback(callback->AsObject()));
1234 EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_);
1235 EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackDeathRecipient_);
1236
1237 setuid(3020);
1238 EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_)).WillOnce(testing::Return(FAKE_SYNC_RET));
1239 EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_->GetRemoteHapTokenInfo("", 0));
1240
1241 EXPECT_CALL(*callback, DeleteRemoteHapTokenInfo(testing::_)).WillOnce(testing::Return(FAKE_SYNC_RET));
1242 EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_->DeleteRemoteHapTokenInfo(0));
1243
1244 HapTokenInfoForSync tokenInfo;
1245 EXPECT_CALL(*callback, UpdateRemoteHapTokenInfo(testing::_)).WillOnce(testing::Return(FAKE_SYNC_RET));
1246 EXPECT_EQ(FAKE_SYNC_RET,
1247 TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_->UpdateRemoteHapTokenInfo(tokenInfo));
1248 setPermission();
1249 EXPECT_EQ(RET_SUCCESS,
1250 atManagerService_->UnRegisterTokenSyncCallback());
1251 EXPECT_EQ(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_);
1252 EXPECT_EQ(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackDeathRecipient_);
1253 setuid(0);
1254 }
1255
1256 /**
1257 * @tc.name: RegisterTokenSyncCallback002
1258 * @tc.desc: TokenModifyNotifier::RegisterTokenSyncCallback function test
1259 * @tc.type: FUNC
1260 * @tc.require:
1261 */
1262 HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Level0)
1263 {
1264 setPermission();
1265 sptr<TokenSyncCallbackMock> callback = new (std::nothrow) TokenSyncCallbackMock();
1266 ASSERT_NE(nullptr, callback);
1267 EXPECT_EQ(RET_SUCCESS,
1268 atManagerService_->RegisterTokenSyncCallback(callback->AsObject()));
1269 EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_);
1270 setuid(3020);
1271 EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_))
1272 .WillOnce(testing::Return(FAKE_SYNC_RET));
1273 EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance().GetRemoteHapTokenInfo("", 0));
1274
1275 std::vector<AccessTokenID> modifiedTokenList =
1276 TokenModifyNotifier::GetInstance().modifiedTokenList_; // backup
1277 std::vector<AccessTokenID> deleteTokenList = TokenModifyNotifier::GetInstance().deleteTokenList_;
1278 TokenModifyNotifier::GetInstance().modifiedTokenList_.clear();
1279 TokenModifyNotifier::GetInstance().deleteTokenList_.clear();
1280
1281 // add a hap token
1282 AccessTokenIDEx tokenIdEx = {123};
1283 std::vector<GenericValues> undefValues;
1284 int32_t result = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
1285 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
1286 EXPECT_EQ(RET_SUCCESS, result);
1287
1288 HapTokenInfoForSync hapSync;
1289 result = AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
1290 ASSERT_EQ(result, RET_SUCCESS);
1291 TokenModifyNotifier::GetInstance().modifiedTokenList_.emplace_back(tokenIdEx.tokenIdExStruct.tokenID);
1292 ASSERT_EQ(true, TokenModifyNotifier::GetInstance().modifiedTokenList_.size() > 0);
1293 TokenModifyNotifier::GetInstance().deleteTokenList_.clear();
1294
1295 EXPECT_CALL(*callback, UpdateRemoteHapTokenInfo(testing::_)) // 0 is a test ret
1296 .WillOnce(testing::Return(0));
1297 TokenModifyNotifier::GetInstance().NotifyTokenSyncTask();
1298
1299 TokenModifyNotifier::GetInstance().deleteTokenList_.emplace_back(tokenIdEx.tokenIdExStruct.tokenID);
1300 ASSERT_EQ(true, TokenModifyNotifier::GetInstance().deleteTokenList_.size() > 0);
1301 EXPECT_CALL(*callback, DeleteRemoteHapTokenInfo(testing::_)) // 0 is a test ret
1302 .WillOnce(testing::Return(0));
1303 TokenModifyNotifier::GetInstance().NotifyTokenSyncTask();
1304
1305 TokenModifyNotifier::GetInstance().modifiedTokenList_ = modifiedTokenList; // recovery
1306 TokenModifyNotifier::GetInstance().deleteTokenList_ = deleteTokenList;
1307 setPermission();
1308 EXPECT_EQ(RET_SUCCESS,
1309 atManagerService_->UnRegisterTokenSyncCallback());
1310 setuid(0);
1311 }
1312
1313 /**
1314 * @tc.name: GetRemoteHapTokenInfo001
1315 * @tc.desc: TokenModifyNotifier::GetRemoteHapTokenInfo function test
1316 * @tc.type: FUNC
1317 * @tc.require:
1318 */
1319 HWTEST_F(AccessTokenInfoManagerTest, GetRemoteHapTokenInfo001, TestSize.Level0)
1320 {
1321 setPermission();
1322 sptr<TokenSyncCallbackMock> callback = new (std::nothrow) TokenSyncCallbackMock();
1323 ASSERT_NE(nullptr, callback);
1324 EXPECT_EQ(RET_SUCCESS, atManagerService_->RegisterTokenSyncCallback(callback->AsObject()));
1325 setuid(3020);
1326 EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_))
1327 .WillOnce(testing::Return(FAKE_SYNC_RET));
1328 EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance()
1329 .GetRemoteHapTokenInfo("invalid_id", 0)); // this is a test input
1330
1331 EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_))
1332 .WillOnce(testing::Return(TOKEN_SYNC_OPENSOURCE_DEVICE));
1333 EXPECT_EQ(TOKEN_SYNC_IPC_ERROR, TokenModifyNotifier::GetInstance()
1334 .GetRemoteHapTokenInfo("invalid_id", 0)); // this is a test input
1335 setPermission();
1336 EXPECT_EQ(RET_SUCCESS,
1337 atManagerService_->UnRegisterTokenSyncCallback());
1338 setuid(0);
1339 }
1340
1341 /**
1342 * @tc.name: UpdateRemoteHapTokenInfo001
1343 * @tc.desc: AccessTokenInfoManager::UpdateRemoteHapTokenInfo function test
1344 * @tc.type: FUNC
1345 * @tc.require:
1346 */
1347 HWTEST_F(AccessTokenInfoManagerTest, UpdateRemoteHapTokenInfo001, TestSize.Level0)
1348 {
1349 AccessTokenID mapID = 0;
1350 HapTokenInfoForSync hapSync;
1351
1352 // infoPtr is null
1353 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().UpdateRemoteHapTokenInfo(mapID, hapSync));
1354
1355 mapID = 123; // 123 is random input
1356 std::shared_ptr<HapTokenInfoInner> info = std::make_shared<HapTokenInfoInner>();
1357 info->SetRemote(true);
1358 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[mapID] = info;
1359
1360 // remote is true
1361 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().UpdateRemoteHapTokenInfo(mapID, hapSync));
1362
1363 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(mapID);
1364 }
1365
1366 /**
1367 * @tc.name: CreateRemoteHapTokenInfo001
1368 * @tc.desc: AccessTokenInfoManager::CreateRemoteHapTokenInfo function test
1369 * @tc.type: FUNC
1370 * @tc.require:
1371 */
1372 HWTEST_F(AccessTokenInfoManagerTest, CreateRemoteHapTokenInfo001, TestSize.Level0)
1373 {
1374 AccessTokenID mapID = 123; // 123 is random input
1375 HapTokenInfoForSync hapSync;
1376
1377 hapSync.baseInfo.tokenID = 123; // 123 is random input
1378 std::shared_ptr<HapTokenInfoInner> info = std::make_shared<HapTokenInfoInner>();
1379 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[123] = info;
1380
1381 // count(id) exsit
1382 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateRemoteHapTokenInfo(mapID, hapSync));
1383
1384 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(123);
1385 }
1386
1387 /**
1388 * @tc.name: DeleteRemoteToken002
1389 * @tc.desc: AccessTokenInfoManager::DeleteRemoteToken function test
1390 * @tc.type: FUNC
1391 * @tc.require:
1392 */
1393 HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken002, TestSize.Level0)
1394 {
1395 std::string deviceID = "dev-001";
1396 AccessTokenID tokenID = 123; // 123 is random input
1397
1398 ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID,
1399 AccessTokenInfoManager::GetInstance().DeleteRemoteToken("", tokenID));
1400
1401 AccessTokenRemoteDevice device;
1402 device.deviceID_ = deviceID;
1403 // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
1404 device.MappingTokenIDPairMap_.insert(std::pair<AccessTokenID, AccessTokenID>(tokenID, 537919487));
1405 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_[deviceID] = device;
1406
1407 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(537919487, TOKEN_HAP));
1408 // hap mapID 537919487 is not exist
1409 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceID, tokenID));
1410 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_.erase(deviceID);
1411 AccessTokenIDManager::GetInstance().ReleaseTokenId(537919487);
1412
1413 // 672137215 is max native tokenId: 001 01 0 000000 11111111111111111111
1414 device.MappingTokenIDPairMap_[tokenID] = 672137215;
1415 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_[deviceID] = device;
1416
1417 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(672137215, TOKEN_NATIVE));
1418 // native mapID 672137215 is not exist
1419 ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceID, tokenID));
1420 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_.erase(deviceID);
1421 AccessTokenIDManager::GetInstance().ReleaseTokenId(672137215);
1422 }
1423
1424 /**
1425 * @tc.name: AllocLocalTokenID001
1426 * @tc.desc: AccessTokenInfoManager::AllocLocalTokenID function test
1427 * @tc.type: FUNC
1428 * @tc.require:
1429 */
1430 HWTEST_F(AccessTokenInfoManagerTest, AllocLocalTokenID001, TestSize.Level0)
1431 {
1432 std::string remoteDeviceID;
1433 AccessTokenID remoteTokenID = 0;
1434
1435 ASSERT_EQ(static_cast<AccessTokenID>(0), AccessTokenInfoManager::GetInstance().AllocLocalTokenID(remoteDeviceID,
1436 remoteTokenID)); // remoteDeviceID invalid
1437
1438 // deviceID invalid + tokenID == 0
1439 ASSERT_EQ(static_cast<AccessTokenID>(0),
1440 AccessTokenInfoManager::GetInstance().GetRemoteNativeTokenID(remoteDeviceID, remoteTokenID));
1441
1442 // deviceID invalid
1443 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(remoteDeviceID));
1444
1445 remoteDeviceID = "dev-001";
1446 ASSERT_EQ(static_cast<AccessTokenID>(0), AccessTokenInfoManager::GetInstance().AllocLocalTokenID(remoteDeviceID,
1447 remoteTokenID)); // remoteTokenID invalid
1448
1449 // deviceID valid + tokenID == 0
1450 ASSERT_EQ(static_cast<AccessTokenID>(0),
1451 AccessTokenInfoManager::GetInstance().GetRemoteNativeTokenID(remoteDeviceID, remoteTokenID));
1452
1453 remoteTokenID = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111
1454 // deviceID valid + tokenID != 0 + type != native + type != shell
1455 ASSERT_EQ(static_cast<AccessTokenID>(0),
1456 AccessTokenInfoManager::GetInstance().GetRemoteNativeTokenID(remoteDeviceID, remoteTokenID));
1457 }
1458 #endif
1459
1460 /**
1461 * @tc.name: DumpTokenInfo001
1462 * @tc.desc: Test DumpTokenInfo with invalid tokenId.
1463 * @tc.type: FUNC
1464 * @tc.require: issueI4V02P
1465 */
1466 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level0)
1467 {
1468 std::string dumpInfo;
1469 AtmToolsParamInfo info;
1470 info.tokenId = static_cast<AccessTokenID>(0);
1471 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1472 EXPECT_EQ(false, dumpInfo.empty());
1473
1474 dumpInfo.clear();
1475 info.tokenId = static_cast<AccessTokenID>(123);
1476 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1477 EXPECT_EQ("invalid tokenId", dumpInfo);
1478 }
1479
1480 /**
1481 * @tc.name: DumpTokenInfo002
1482 * @tc.desc: Test DumpTokenInfo with hap tokenId.
1483 * @tc.type: FUNC
1484 * @tc.require: issueI4V02P
1485 */
1486 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo002, TestSize.Level0)
1487 {
1488 AccessTokenIDEx tokenIdEx = {0};
1489 std::vector<GenericValues> undefValues;
1490 AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
1491 g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
1492
1493 tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(g_infoManagerTestInfoParms.userID,
1494 g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex);
1495 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
1496 EXPECT_NE(0, static_cast<int>(tokenId));
1497 std::string dumpInfo;
1498 AtmToolsParamInfo info;
1499 info.tokenId = tokenId;
1500 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1501 EXPECT_EQ(false, dumpInfo.empty());
1502
1503 int32_t ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(
1504 tokenIdEx.tokenIdExStruct.tokenID);
1505 ASSERT_EQ(RET_SUCCESS, ret);
1506 GTEST_LOG_(INFO) << "remove the token info";
1507 }
1508
1509 /**
1510 * @tc.name: DumpTokenInfo003
1511 * @tc.desc: Test DumpTokenInfo with native tokenId.
1512 * @tc.type: FUNC
1513 * @tc.require: issueI4V02P
1514 */
1515 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo003, TestSize.Level0)
1516 {
1517 std::string dumpInfo;
1518 AtmToolsParamInfo info;
1519 info.tokenId = AccessTokenInfoManager::GetInstance().GetNativeTokenId("accesstoken_service");
1520 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1521 EXPECT_EQ(false, dumpInfo.empty());
1522 }
1523
1524 /**
1525 * @tc.name: DumpTokenInfo004
1526 * @tc.desc: Test DumpTokenInfo with shell tokenId.
1527 * @tc.type: FUNC
1528 * @tc.require: issueI4V02P
1529 */
1530 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo004, TestSize.Level0)
1531 {
1532 std::string dumpInfo;
1533 AtmToolsParamInfo info;
1534 info.tokenId = AccessTokenInfoManager::GetInstance().GetNativeTokenId("hdcd");
1535 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1536 EXPECT_EQ(false, dumpInfo.empty());
1537 }
1538
1539 /**
1540 * @tc.name: DumpTokenInfo005
1541 * @tc.desc: Test DumpTokenInfo with native processName.
1542 * @tc.type: FUNC
1543 * @tc.require: issueI4V02P
1544 */
1545 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo005, TestSize.Level0)
1546 {
1547 std::string dumpInfo;
1548 AtmToolsParamInfo info;
1549 info.processName = "hdcd";
1550 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1551 EXPECT_EQ(false, dumpInfo.empty());
1552 }
1553
1554 /**
1555 * @tc.name: DumpTokenInfo006
1556 * @tc.desc: Test DumpTokenInfo with hap bundleName.
1557 * @tc.type: FUNC
1558 * @tc.require: issueI4V02P
1559 */
1560 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo006, TestSize.Level0)
1561 {
1562 AccessTokenIDEx tokenIdEx = {0};
1563 std::vector<GenericValues> undefValues;
1564 AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
1565 g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
1566
1567 tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(g_infoManagerTestInfoParms.userID,
1568 g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex);
1569 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
1570 EXPECT_NE(0, static_cast<int>(tokenId));
1571
1572 std::string dumpInfo;
1573 AtmToolsParamInfo info;
1574 info.bundleName = g_infoManagerTestInfoParms.bundleName;
1575 AccessTokenInfoManager::GetInstance().DumpTokenInfo(info, dumpInfo);
1576 EXPECT_EQ(false, dumpInfo.empty());
1577
1578 int32_t ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(
1579 tokenIdEx.tokenIdExStruct.tokenID);
1580 ASSERT_EQ(RET_SUCCESS, ret);
1581 }
1582
1583 /**
1584 * @tc.name: AccessTokenInfoManager001
1585 * @tc.desc: AccessTokenInfoManager::~AccessTokenInfoManager+Init function test hasInited_ is false
1586 * @tc.type: FUNC
1587 * @tc.require:
1588 */
1589 HWTEST_F(AccessTokenInfoManagerTest, AccessTokenInfoManager001, TestSize.Level0)
1590 {
1591 AccessTokenInfoManager::GetInstance().hasInited_ = true;
1592 uint32_t hapSize = 0;
1593 uint32_t nativeSize = 0;
1594 uint32_t pefDefSize = 0;
1595 uint32_t dlpSize = 0;
1596 std::map<int32_t, TokenIdInfo> tokenIdAplMap;
1597 AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize, tokenIdAplMap);
1598 AccessTokenInfoManager::GetInstance().hasInited_ = false;
1599 ASSERT_EQ(false, AccessTokenInfoManager::GetInstance().hasInited_);
1600 }
1601
1602 /**
1603 * @tc.name: GetHapUniqueStr001
1604 * @tc.desc: AccessTokenInfoManager::GetHapUniqueStr function test info is null
1605 * @tc.type: FUNC
1606 * @tc.require:
1607 */
1608 HWTEST_F(AccessTokenInfoManagerTest, GetHapUniqueStr001, TestSize.Level0)
1609 {
1610 std::shared_ptr<HapTokenInfoInner> info = nullptr;
1611 ASSERT_EQ("", AccessTokenInfoManager::GetInstance().GetHapUniqueStr(info));
1612 }
1613
1614 /**
1615 * @tc.name: AddHapTokenInfo001
1616 * @tc.desc: AccessTokenInfoManager::AddHapTokenInfo function test info is null
1617 * @tc.type: FUNC
1618 * @tc.require:
1619 */
1620 HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo001, TestSize.Level0)
1621 {
1622 std::shared_ptr<HapTokenInfoInner> info = nullptr;
1623 AccessTokenID oriTokenId = 0;
1624 ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(info, oriTokenId));
1625 }
1626
1627 /**
1628 * @tc.name: AddHapTokenInfo002
1629 * @tc.desc: AccessTokenInfoManager::AddHapTokenInfo function test count(id) > 0
1630 * @tc.type: FUNC
1631 * @tc.require:
1632 */
1633 HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo002, TestSize.Level0)
1634 {
1635 HapInfoParams info = {
1636 .userID = USER_ID,
1637 .bundleName = "accesstoken_info_manager_test",
1638 .instIndex = INST_INDEX,
1639 .appIDDesc = "accesstoken_info_manager_test"
1640 };
1641 HapPolicy policy = {
1642 .apl = APL_NORMAL,
1643 .domain = "domain"
1644 };
1645 AccessTokenIDEx tokenIdEx = {0};
1646 std::vector<GenericValues> undefValues;
1647 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx,
1648 undefValues));
1649 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
1650 ASSERT_NE(static_cast<AccessTokenID>(0), tokenId);
1651
1652 std::shared_ptr<HapTokenInfoInner> infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenId);
1653 AccessTokenID oriTokenId = 0;
1654 ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(infoPtr, oriTokenId));
1655
1656 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
1657 }
1658
1659 /**
1660 * @tc.name: GetHapTokenID002
1661 * @tc.desc: test GetHapTokenID function abnomal branch
1662 * @tc.type: FUNC
1663 * @tc.require: issueI60F1M
1664 */
1665 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID002, TestSize.Level0)
1666 {
1667 AccessTokenIDEx tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(
1668 USER_ID, "com.ohos.test", INST_INDEX);
1669 ASSERT_EQ(static_cast<AccessTokenID>(0), tokenIdEx.tokenIDEx);
1670 }
1671
1672 /**
1673 * @tc.name: IsPermissionDefValid001
1674 * @tc.desc: PermissionValidator::IsPermissionDefValid function test
1675 * @tc.type: FUNC
1676 * @tc.require:
1677 */
1678 HWTEST_F(AccessTokenInfoManagerTest, IsPermissionDefValid001, TestSize.Level0)
1679 {
1680 PermissionDef permDef = {
1681 .permissionName = "ohos.permission.TEST",
1682 .bundleName = "com.ohos.test",
1683 .grantMode = static_cast<GrantMode>(2),
1684 .availableLevel = ATokenAplEnum::APL_NORMAL,
1685 .provisionEnable = false,
1686 .distributedSceneEnable = false,
1687 .label = "buzhidao",
1688 .labelId = 100, // 100 is random input
1689 .description = "buzhidao",
1690 .descriptionId = 100 // 100 is random input
1691 };
1692
1693 // ret not RET_SUCCESS
1694 ASSERT_EQ(false, PermissionValidator::IsPermissionDefValid(permDef)); // grant mode invalid
1695
1696 permDef.grantMode = GrantMode::USER_GRANT;
1697 permDef.availableType = ATokenAvailableTypeEnum::INVALID;
1698 ASSERT_EQ(false, PermissionValidator::IsPermissionDefValid(permDef)); // availableType invalid
1699 }
1700
1701 /**
1702 * @tc.name: IsPermissionStateValid001
1703 * @tc.desc: PermissionValidator::IsPermissionStateValid function test
1704 * @tc.type: FUNC
1705 * @tc.require:
1706 */
1707 HWTEST_F(AccessTokenInfoManagerTest, IsPermissionStateValid001, TestSize.Level0)
1708 {
1709 std::string permissionName;
1710 std::string deviceID = "dev-001";
1711 int grantState = PermissionState::PERMISSION_DENIED;
1712 uint32_t grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG;
1713 PermissionStatus permState = {
1714 .permissionName = permissionName,
1715 .grantStatus = grantState,
1716 .grantFlag = grantFlag
1717 };
1718
1719 ASSERT_EQ(false, PermissionValidator::IsPermissionStateValid(permState)); // permissionName empty
1720
1721 permState.permissionName = "com.ohos.TEST";
1722 permState.grantStatus = 1; // 1: invalid status
1723 ASSERT_EQ(false, PermissionValidator::IsPermissionStateValid(permState));
1724
1725 permState.grantStatus = grantState;
1726 permState.grantFlag = -1; // -1: invalid flag
1727 ASSERT_EQ(false, PermissionValidator::IsPermissionStateValid(permState));
1728
1729 permState.grantFlag = grantFlag;
1730 ASSERT_EQ(true, PermissionValidator::IsPermissionStateValid(permState));
1731 }
1732
1733 /**
1734 * @tc.name: FilterInvalidPermissionDef001
1735 * @tc.desc: PermissionValidator::FilterInvalidPermissionDef function test
1736 * @tc.type: FUNC
1737 * @tc.require:
1738 */
1739 HWTEST_F(AccessTokenInfoManagerTest, FilterInvalidPermissionDef001, TestSize.Level0)
1740 {
1741 PermissionDef permDef = {
1742 .permissionName = "ohos.permission.TEST",
1743 .bundleName = "com.ohos.test",
1744 .grantMode = GrantMode::SYSTEM_GRANT,
1745 .availableLevel = ATokenAplEnum::APL_NORMAL,
1746 .provisionEnable = false,
1747 .distributedSceneEnable = false,
1748 .label = "buzhidao",
1749 .labelId = 100, // 100 is random input
1750 .description = "buzhidao",
1751 .descriptionId = 100 // 100 is random input
1752 };
1753
1754 std::vector<PermissionDef> permList;
1755 permList.emplace_back(permDef);
1756 permList.emplace_back(permDef);
1757
1758 ASSERT_EQ(static_cast<uint32_t>(2), permList.size());
1759
1760 std::vector<PermissionDef> result;
1761 PermissionValidator::FilterInvalidPermissionDef(permList, result); // permDefSet.count != 0
1762 ASSERT_EQ(static_cast<uint32_t>(1), result.size());
1763 }
1764
1765 /**
1766 * @tc.name: QueryPermissionFlag001
1767 * @tc.desc: PermissionPolicySet::QueryPermissionFlag function test
1768 * @tc.type: FUNC
1769 * @tc.require:
1770 */
1771 HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level0)
1772 {
1773 PermissionStatus perm = {
1774 .permissionName = "ohos.permission.TEST",
1775 .grantStatus = PermissionState::PERMISSION_DENIED,
1776 .grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG
1777 };
1778
1779 AccessTokenID tokenId = 0x280bc140; // 0x280bc140 is random native
1780 std::vector<PermissionStatus> permStateList;
1781 permStateList.emplace_back(perm);
1782
1783 PermissionDataBrief::GetInstance().AddPermToBriefPermission(tokenId, permStateList, true);
1784
1785 // perm.permissionName != permissionName
1786 uint32_t flag = 0;
1787 ASSERT_EQ(ERR_PERMISSION_NOT_EXIST,
1788 PermissionDataBrief::GetInstance().QueryPermissionFlag(tokenId, "ohos.permission.TEST1", flag));
1789 }
1790
1791 /**
1792 * @tc.name: UpdatePermissionStatus001
1793 * @tc.desc: PermissionPolicySet::UpdatePermissionStatus function test
1794 * @tc.type: FUNC
1795 * @tc.require:
1796 */
1797 HWTEST_F(AccessTokenInfoManagerTest, UpdatePermissionStatus001, TestSize.Level0)
1798 {
1799 PermissionStatus perm = {
1800 .permissionName = "ohos.permission.CAMERA",
1801 .grantStatus = PermissionState::PERMISSION_DENIED,
1802 .grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG
1803 };
1804
1805 AccessTokenID tokenId = 789; // 789 is random input
1806 std::vector<PermissionStatus> permStateList;
1807 permStateList.emplace_back(perm);
1808
1809 PermissionDataBrief::GetInstance().AddPermToBriefPermission(tokenId, permStateList, true);
1810
1811 // iter reach the end
1812 bool isGranted = false;
1813 uint32_t flag = PermissionFlag::PERMISSION_DEFAULT_FLAG;
1814 bool changed = false;
1815
1816 // permission is invalid
1817 ASSERT_EQ(ERR_PARAM_INVALID, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1818 "ohos.permission.TEST1", isGranted, flag, changed));
1819 // flag != PERMISSION_COMPONENT_SET
1820 flag = PermissionFlag::PERMISSION_DEFAULT_FLAG;
1821 ASSERT_EQ(RET_SUCCESS, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1822 "ohos.permission.CAMERA", isGranted, flag, changed));
1823
1824 flag = PermissionFlag::PERMISSION_ADMIN_POLICIES_CANCEL;
1825 ASSERT_EQ(ERR_PARAM_INVALID, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1826 "ohos.permission.CAMERA", isGranted, flag, changed));
1827 flag = PermissionFlag::PERMISSION_FIXED_BY_ADMIN_POLICY;
1828 ASSERT_EQ(RET_SUCCESS, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1829 "ohos.permission.CAMERA", isGranted, flag, changed));
1830 flag = PermissionFlag::PERMISSION_FIXED_FOR_SECURITY_POLICY;
1831 ASSERT_EQ(ERR_PERMISSION_RESTRICTED, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1832 "ohos.permission.CAMERA", isGranted, flag, changed));
1833 flag = PermissionFlag::PERMISSION_ADMIN_POLICIES_CANCEL;
1834 ASSERT_EQ(RET_SUCCESS, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1835 "ohos.permission.CAMERA", isGranted, flag, changed));
1836
1837 // flag == PERMISSION_COMPONENT_SET
1838 flag = PermissionFlag::PERMISSION_COMPONENT_SET;
1839 ASSERT_EQ(RET_SUCCESS, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1840 "ohos.permission.CAMERA", isGranted, flag, changed));
1841
1842
1843 // flag == PERMISSION_SYSTEM_FIXED
1844 flag = PermissionFlag::PERMISSION_SYSTEM_FIXED;
1845 ASSERT_EQ(RET_SUCCESS, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1846 "ohos.permission.CAMERA", isGranted, flag, changed));
1847
1848 // Permission fixed by system
1849 flag = PermissionFlag::PERMISSION_DEFAULT_FLAG;
1850 ASSERT_EQ(ERR_PARAM_INVALID, PermissionDataBrief::GetInstance().UpdatePermissionStatus(tokenId,
1851 "ohos.permission.CAMERA", isGranted, flag, changed));
1852 }
1853
1854 /**
1855 * @tc.name: UpdatePermStatus001
1856 * @tc.desc: PermissionDataBrief::UpdatePermStatus function test
1857 * @tc.type: FUNC
1858 * @tc.require:
1859 */
1860 HWTEST_F(AccessTokenInfoManagerTest, UpdatePermStatus001, TestSize.Level0)
1861 {
1862 BriefPermData permOld;
1863 BriefPermData permNew;
1864
1865 permOld.flag = PermissionFlag::PERMISSION_FIXED_BY_ADMIN_POLICY;
1866 permOld.status = PERMISSION_DENIED;
1867
1868 permNew.flag = PermissionFlag::PERMISSION_SYSTEM_FIXED;
1869 permNew.status = PERMISSION_GRANTED;
1870 PermissionDataBrief::GetInstance().UpdatePermStatus(permOld, permNew);
1871 ASSERT_NE(permOld.status, permNew.status);
1872
1873 permOld.flag = PermissionFlag::PERMISSION_ADMIN_POLICIES_CANCEL;
1874 PermissionDataBrief::GetInstance().UpdatePermStatus(permOld, permNew);
1875 ASSERT_NE(permOld.status, permNew.status);
1876
1877 permOld.flag = PermissionFlag::PERMISSION_ADMIN_POLICIES_CANCEL;
1878 permNew.flag = PermissionFlag::PERMISSION_PRE_AUTHORIZED_CANCELABLE;
1879 PermissionDataBrief::GetInstance().UpdatePermStatus(permOld, permNew);
1880 ASSERT_NE(permOld.status, permNew.status);
1881
1882 permOld.flag = PermissionFlag::PERMISSION_SYSTEM_FIXED;
1883 PermissionDataBrief::GetInstance().UpdatePermStatus(permOld, permNew);
1884 ASSERT_NE(permOld.status, permNew.status);
1885
1886 permOld.flag = PermissionFlag::PERMISSION_PRE_AUTHORIZED_CANCELABLE;
1887 PermissionDataBrief::GetInstance().UpdatePermStatus(permOld, permNew);
1888 ASSERT_NE(permOld.status, permNew.status);
1889 }
1890
1891 #ifdef TOKEN_SYNC_ENABLE
1892 /**
1893 * @tc.name: MapRemoteDeviceTokenToLocal001
1894 * @tc.desc: AccessTokenRemoteTokenManager::MapRemoteDeviceTokenToLocal function test
1895 * @tc.type: FUNC
1896 * @tc.require:
1897 */
1898 HWTEST_F(AccessTokenInfoManagerTest, MapRemoteDeviceTokenToLocal001, TestSize.Level0)
1899 {
1900 std::map<std::string, AccessTokenRemoteDevice> remoteDeviceMap;
1901 remoteDeviceMap = AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_; // backup
1902 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_.clear();
1903
1904 std::string deviceID;
1905 AccessTokenID remoteID = 0;
1906
1907 // input invalid
1908 ASSERT_EQ(static_cast<AccessTokenID>(0),
1909 AccessTokenRemoteTokenManager::GetInstance().MapRemoteDeviceTokenToLocal(deviceID, remoteID));
1910
1911 remoteID = 940572671; // 940572671 is max butt tokenId: 001 11 0 000000 11111111111111111111
1912 deviceID = "dev-001";
1913
1914 // tokeType invalid
1915 ASSERT_EQ(static_cast<AccessTokenID>(0),
1916 AccessTokenRemoteTokenManager::GetInstance().MapRemoteDeviceTokenToLocal(deviceID, remoteID));
1917
1918 remoteID = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111, no need to register
1919 std::map<AccessTokenID, AccessTokenID> MappingTokenIDPairMap;
1920 MappingTokenIDPairMap[537919487] = 456; // 456 is random input
1921 AccessTokenRemoteDevice device = {
1922 .deviceID_ = "dev-001",
1923 .MappingTokenIDPairMap_ = MappingTokenIDPairMap
1924 };
1925 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_["dev-001"] = device;
1926
1927 // count(remoteID) > 0
1928 ASSERT_EQ(static_cast<AccessTokenID>(456),
1929 AccessTokenRemoteTokenManager::GetInstance().MapRemoteDeviceTokenToLocal(deviceID, remoteID));
1930
1931 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_ = remoteDeviceMap; // recovery
1932 }
1933
1934 /**
1935 * @tc.name: GetDeviceAllRemoteTokenID001
1936 * @tc.desc: AccessTokenRemoteTokenManager::GetDeviceAllRemoteTokenID function test
1937 * @tc.type: FUNC
1938 * @tc.require:
1939 */
1940 HWTEST_F(AccessTokenInfoManagerTest, GetDeviceAllRemoteTokenID001, TestSize.Level0)
1941 {
1942 std::string deviceID;
1943 std::vector<AccessTokenID> remoteIDs;
1944
1945 // deviceID invalid
1946 ASSERT_EQ(ERR_PARAM_INVALID,
1947 AccessTokenRemoteTokenManager::GetInstance().GetDeviceAllRemoteTokenID(deviceID, remoteIDs));
1948 }
1949
1950 /**
1951 * @tc.name: RemoveDeviceMappingTokenID001
1952 * @tc.desc: AccessTokenRemoteTokenManager::RemoveDeviceMappingTokenID function test
1953 * @tc.type: FUNC
1954 * @tc.require:
1955 */
1956 HWTEST_F(AccessTokenInfoManagerTest, RemoveDeviceMappingTokenID001, TestSize.Level0)
1957 {
1958 std::map<std::string, AccessTokenRemoteDevice> remoteDeviceMap;
1959 remoteDeviceMap = AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_; // backup
1960 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_.clear();
1961
1962 std::string deviceID;
1963 AccessTokenID remoteID = 0;
1964
1965 // input invalid
1966 ASSERT_NE(RET_SUCCESS,
1967 AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, remoteID));
1968
1969 deviceID = "dev-001";
1970 remoteID = 123; // 123 is random input
1971
1972 // count < 1
1973 ASSERT_NE(RET_SUCCESS,
1974 AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, remoteID));
1975
1976 AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_ = remoteDeviceMap; // recovery
1977 }
1978
1979 /**
1980 * @tc.name: AddHapTokenObservation001
1981 * @tc.desc: TokenModifyNotifier::AddHapTokenObservation function test
1982 * @tc.type: FUNC
1983 * @tc.require:
1984 */
1985 HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenObservation001, TestSize.Level0)
1986 {
1987 std::set<AccessTokenID> observationSet = TokenModifyNotifier::GetInstance().observationSet_; // backup
1988 TokenModifyNotifier::GetInstance().observationSet_.clear();
1989
1990 AccessTokenID tokenId = 123; // 123 is random input
1991
1992 TokenModifyNotifier::GetInstance().observationSet_.insert(tokenId);
1993 ASSERT_EQ(true, TokenModifyNotifier::GetInstance().observationSet_.count(tokenId) > 0);
1994
1995 // count > 0
1996 TokenModifyNotifier::GetInstance().AddHapTokenObservation(tokenId);
1997 TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenId);
1998
1999 TokenModifyNotifier::GetInstance().observationSet_ = observationSet; // recovery
2000 }
2001 #endif
2002
2003 /**
2004 * @tc.name: RestoreHapTokenInfo001
2005 * @tc.desc: HapTokenInfoInner::RestoreHapTokenInfo function test
2006 * @tc.type: FUNC
2007 * @tc.require:
2008 */
2009 HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level0)
2010 {
2011 std::shared_ptr<HapTokenInfoInner> hap = std::make_shared<HapTokenInfoInner>();
2012 ASSERT_NE(nullptr, hap);
2013
2014 AccessTokenID tokenId = 0;
2015 GenericValues tokenValue;
2016 std::vector<GenericValues> permStateRes;
2017 std::vector<GenericValues> extendedPermRes;
2018 std::string bundleName;
2019 std::string appIDDesc;
2020 std::string deviceID;
2021 int version = 10; // 10 is random input which only need not equal 1
2022 HapPolicy policy;
2023 UpdateHapInfoParams hapInfo;
2024 hapInfo.apiVersion = DEFAULT_API_VERSION;
2025 hapInfo.isSystemApp = false;
2026 hap->Update(hapInfo, policy.permStateList, policy); // permPolicySet_ is null
2027
2028 std::vector<GenericValues> hapInfoValues;
2029 std::vector<GenericValues> permStateValues;
2030 hap->StoreHapInfo(hapInfoValues, "test", APL_NORMAL);
2031 hap->StorePermissionPolicy(permStateValues); // permPolicySet_ is null
2032
2033
2034 tokenValue.Put(TokenFiledConst::FIELD_BUNDLE_NAME, bundleName);
2035 // bundleName invalid
2036 ASSERT_EQ(ERR_PARAM_INVALID, hap->RestoreHapTokenInfo(tokenId, tokenValue, permStateRes, extendedPermRes));
2037 tokenValue.Remove(TokenFiledConst::FIELD_BUNDLE_NAME);
2038
2039 bundleName = "com.ohos.permissionmanger";
2040 tokenValue.Put(TokenFiledConst::FIELD_BUNDLE_NAME, bundleName);
2041 tokenValue.Put(TokenFiledConst::FIELD_TOKEN_VERSION, version);
2042 // version invalid
2043 ASSERT_EQ(ERR_PARAM_INVALID, hap->RestoreHapTokenInfo(tokenId, tokenValue, permStateRes, extendedPermRes));
2044 }
2045
2046 /**
2047 * @tc.name: RegisterTokenId001
2048 * @tc.desc: AccessTokenIDManager::RegisterTokenId function test
2049 * @tc.type: FUNC
2050 * @tc.require:
2051 */
2052 HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenId001, TestSize.Level0)
2053 {
2054 // 1477443583 is max abnormal butt tokenId which version is 2: 010 11 0 000000 11111111111111111111
2055 AccessTokenID tokenId = 1477443583;
2056 ATokenTypeEnum type = ATokenTypeEnum::TOKEN_HAP;
2057
2058 // version != 1 + type dismatch
2059 ASSERT_NE(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, type));
2060
2061 AccessTokenIDEx tokenIdEx = {0};
2062 std::vector<GenericValues> undefValues;
2063 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms,
2064 g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues));
2065
2066 // register repeat
2067 ASSERT_NE(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(
2068 tokenIdEx.tokenIdExStruct.tokenID, type));
2069 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID));
2070 }
2071
2072 /**
2073 * @tc.name: ClearAllSecCompGrantedPerm001
2074 * @tc.desc: ClearAllSecCompGrantedPerm function test
2075 * @tc.type: FUNC
2076 * @tc.require:
2077 */
2078 HWTEST_F(AccessTokenInfoManagerTest, ClearAllSecCompGrantedPerm001, TestSize.Level0)
2079 {
2080 AccessTokenIDEx tokenIdEx = {0};
2081 std::vector<GenericValues> undefValues;
2082 int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
2083 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
2084 ASSERT_EQ(RET_SUCCESS, ret);
2085 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
2086
2087 ASSERT_EQ(PERMISSION_DENIED,
2088 AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, "ohos.permission.LOCATION"));
2089 PermissionManager::GetInstance().GrantPermission(tokenId, "ohos.permission.LOCATION", PERMISSION_COMPONENT_SET);
2090 ASSERT_EQ(PERMISSION_GRANTED,
2091 AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, "ohos.permission.LOCATION"));
2092
2093 std::string deviceId;
2094 atManagerService_->OnRemoveSystemAbility(SECURITY_COMPONENT_SERVICE_ID, deviceId);
2095 ASSERT_EQ(PERMISSION_DENIED,
2096 AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, "ohos.permission.LOCATION"));
2097
2098 // delete test token
2099 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
2100 }
2101
2102 /**
2103 * @tc.name: SetPermDialogCap001
2104 * @tc.desc: SetPermDialogCap with HapUniqueKey not exist
2105 * @tc.type: FUNC
2106 * @tc.require:
2107 */
2108 HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap001, TestSize.Level0)
2109 {
2110 AccessTokenID tokenId = 123; // 123: invalid tokenid
2111 ASSERT_EQ(ERR_TOKENID_NOT_EXIST, AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, true));
2112 }
2113
2114 /**
2115 * @tc.name: SetPermDialogCap002
2116 * @tc.desc: SetPermDialogCap with abnormal branch
2117 * @tc.type: FUNC
2118 * @tc.require:
2119 */
2120 HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap002, TestSize.Level0)
2121 {
2122 AccessTokenIDEx tokenIdEx = {0};
2123 std::vector<GenericValues> undefValues;
2124 int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
2125 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
2126 ASSERT_EQ(RET_SUCCESS, ret);
2127 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
2128
2129 // SetPermDialogCap successfull
2130 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, true));
2131 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(tokenId));
2132 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, false));
2133 ASSERT_EQ(false, AccessTokenInfoManager::GetInstance().GetPermDialogCap(tokenId));
2134
2135 std::shared_ptr<HapTokenInfoInner> back = AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId];
2136
2137 // tokeninfo of hapTokenInfoMap_ is nullptr, return true(forbid)
2138 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = nullptr;
2139 ASSERT_EQ(ERR_TOKENID_NOT_EXIST,
2140 AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, true)); // info is null
2141 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(tokenId));
2142
2143 // token is not found in hapTokenInfoMap_, return true(forbid)
2144 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId);
2145 ASSERT_EQ(ERR_TOKENID_NOT_EXIST,
2146 AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, true)); // info is null
2147 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(tokenId));
2148 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = back;
2149
2150 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
2151 }
2152
2153 /**
2154 * @tc.name: GetPermDialogCap001
2155 * @tc.desc: GetPermDialogCap with abnormal branch
2156 * @tc.type: FUNC
2157 * @tc.require:
2158 */
2159 HWTEST_F(AccessTokenInfoManagerTest, GetPermDialogCap001, TestSize.Level0)
2160 {
2161 // invalid token
2162 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(INVALID_TOKENID));
2163
2164 // nonexist token
2165 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(123)); // 123: tokenid
2166
2167 // tokeninfo is nullptr
2168 HapBaseInfo baseInfo = {
2169 .userID = g_infoManagerTestInfoParms.userID,
2170 .bundleName = g_infoManagerTestInfoParms.bundleName,
2171 .instIndex = g_infoManagerTestInfoParms.instIndex,
2172 };
2173 AccessTokenIDEx tokenIdEx = {0};
2174 std::vector<GenericValues> undefValues;
2175 int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
2176 g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx, undefValues);
2177 ASSERT_EQ(RET_SUCCESS, ret);
2178 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID;
2179 std::shared_ptr<HapTokenInfoInner> back = AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId];
2180 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = nullptr;
2181 ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(123)); // 123: tokenid
2182
2183 AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = back;
2184 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId));
2185 }
2186
2187 /**
2188 * @tc.name: AllocHapToken001
2189 * @tc.desc: alloc hap create haptokeninfo failed.
2190 * @tc.type: FUNC
2191 * @tc.require:
2192 */
2193 HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level0)
2194 {
2195 HapInfoParcel hapinfoParcel;
2196 hapinfoParcel.hapInfoParameter = {
2197 .userID = -1,
2198 .bundleName = "accesstoken_test",
2199 .instIndex = 0,
2200 .appIDDesc = "testtesttesttest",
2201 .apiVersion = DEFAULT_API_VERSION,
2202 .isSystemApp = false,
2203 };
2204 HapPolicyParcel hapPolicyParcel;
2205 hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL;
2206 hapPolicyParcel.hapPolicy.domain = "test.domain";
2207
2208 uint64_t tokenIDEx;
2209 atManagerService_->AllocHapToken(hapinfoParcel, hapPolicyParcel, tokenIDEx);
2210 ASSERT_EQ(INVALID_TOKENID, tokenIDEx);
2211 }
2212
2213 /**
2214 * @tc.name: OnStart001
2215 * @tc.desc: service is running.
2216 * @tc.type: FUNC
2217 * @tc.require:
2218 */
2219 HWTEST_F(AccessTokenInfoManagerTest, OnStart001, TestSize.Level0)
2220 {
2221 ServiceRunningState state = atManagerService_->state_;
2222 atManagerService_->state_ = ServiceRunningState::STATE_RUNNING;
2223 atManagerService_->OnStart();
2224 ASSERT_EQ(ServiceRunningState::STATE_RUNNING, atManagerService_->state_);
2225 atManagerService_->state_ = state;
2226 }
2227
2228 /**
2229 * @tc.name: Dlopen001
2230 * @tc.desc: Open a not exist lib & not exist func
2231 * @tc.type: FUNC
2232 * @tc.require:
2233 */
2234 HWTEST_F(AccessTokenInfoManagerTest, Dlopen001, TestSize.Level0)
2235 {
2236 LibraryLoader loader1("libnotexist.z.so"); // is a not exist path
2237 EXPECT_EQ(nullptr, loader1.handle_);
2238
2239 LibraryLoader loader2("libaccesstoken_sdk.z.so"); // is a exist lib without create func
2240 EXPECT_EQ(nullptr, loader2.instance_);
2241 EXPECT_NE(nullptr, loader2.handle_);
2242 }
2243
2244 #ifdef TOKEN_SYNC_ENABLE
2245 /**
2246 * @tc.name: Dlopen002
2247 * @tc.desc: Open a exist lib & exist func
2248 * @tc.type: FUNC
2249 * @tc.require:
2250 */
2251 HWTEST_F(AccessTokenInfoManagerTest, Dlopen002, TestSize.Level0)
2252 {
2253 LibraryLoader loader(TOKEN_SYNC_LIBPATH);
2254 TokenSyncKitInterface* tokenSyncKit = loader.GetObject<TokenSyncKitInterface>();
2255 EXPECT_NE(nullptr, loader.handle_);
2256 EXPECT_NE(nullptr, tokenSyncKit);
2257 }
2258 #endif
2259
2260 /**
2261 * @tc.name: VerifyNativeAccessToken001
2262 * @tc.desc: AccessTokenInfoManagerTest::VerifyNativeAccessToken function test
2263 * @tc.type: FUNC
2264 * @tc.require:
2265 */
2266 HWTEST_F(AccessTokenInfoManagerTest, VerifyNativeAccessToken001, TestSize.Level0)
2267 {
2268 AccessTokenID tokenId = 0x280bc142; // 0x280bc142 is random input
2269 std::string permissionName = "ohos.permission.INVALID_AA";
2270 AccessTokenID tokenId1 = AccessTokenInfoManager::GetInstance().GetNativeTokenId("accesstoken_service");
2271 // tokenId is not exist
2272 ASSERT_EQ(PermissionState::PERMISSION_DENIED,
2273 AccessTokenInfoManager::GetInstance().VerifyNativeAccessToken(tokenId, permissionName));
2274
2275 permissionName = "ohos.permission.CAMERA";
2276 // permission is not request
2277 ASSERT_EQ(PermissionState::PERMISSION_DENIED,
2278 AccessTokenInfoManager::GetInstance().VerifyNativeAccessToken(tokenId1, permissionName));
2279
2280 // tokenId is native token, and permission is defined
2281 ASSERT_EQ(PermissionState::PERMISSION_DENIED,
2282 AccessTokenInfoManager::GetInstance().VerifyNativeAccessToken(tokenId1, permissionName));
2283
2284 permissionName = "ohos.permission.KILL_APP_PROCESSES";
2285 ASSERT_EQ(PermissionState::PERMISSION_GRANTED,
2286 AccessTokenInfoManager::GetInstance().VerifyNativeAccessToken(tokenId1, permissionName));
2287 }
2288
2289 /**
2290 * @tc.name: VerifyAccessToken001
2291 * @tc.desc: AccessTokenInfoManagerTest::VerifyAccessToken function test
2292 * @tc.type: FUNC
2293 * @tc.require:
2294 */
2295 HWTEST_F(AccessTokenInfoManagerTest, VerifyAccessToken001, TestSize.Level0)
2296 {
2297 AccessTokenID tokenId = 0;
2298 std::string permissionName;
2299 // tokenID invalid
2300 ASSERT_EQ(PERMISSION_DENIED, AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, permissionName));
2301
2302 tokenId = 940572671; // 940572671 is max butt tokenId: 001 11 0 000000 11111111111111111111
2303 // permissionName invalid
2304 ASSERT_EQ(PERMISSION_DENIED, AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, permissionName));
2305
2306 // tokenID invalid
2307 permissionName = "ohos.permission.CAMERA";
2308 ASSERT_EQ(PERMISSION_DENIED, AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenId, permissionName));
2309 }
2310
2311 /**
2312 * @tc.name: GetAppId001
2313 * @tc.desc: AccessTokenInfoManagerTest::VerifyAccessToken function test
2314 * @tc.type: FUNC
2315 * @tc.require:
2316 */
2317 HWTEST_F(AccessTokenInfoManagerTest, GetAppId001, TestSize.Level0)
2318 {
2319 HapInfoParams info = {
2320 .userID = USER_ID,
2321 .bundleName = "accesstoken_info_manager_test",
2322 .instIndex = INST_INDEX,
2323 .appIDDesc = "accesstoken_info_manager_test"
2324 };
2325 HapPolicy policy = {
2326 .apl = APL_NORMAL,
2327 .domain = "domain"
2328 };
2329 AccessTokenIDEx tokenIdEx = {0};
2330 std::vector<GenericValues> undefValues;
2331 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx,
2332 undefValues));
2333 std::string appId;
2334 int ret = AccessTokenInfoManager::GetInstance().GetHapAppIdByTokenId(tokenIdEx.tokenIdExStruct.tokenID, appId);
2335 ASSERT_EQ(ret, RET_SUCCESS);
2336 ASSERT_EQ(appId, "accesstoken_info_manager_test");
2337 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID));
2338 }
2339
2340
2341 /**
2342 * @tc.name: SetPermissionRequestToggleStatus001
2343 * @tc.desc: PermissionManager::SetPermissionRequestToggleStatus function test with invalid permissionName, invalid
2344 * status and invalid userID.
2345 * @tc.type: FUNC
2346 * @tc.require:
2347 */
2348 HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus001, TestSize.Level0)
2349 {
2350 int32_t userID = -1;
2351 uint32_t status = PermissionRequestToggleStatus::CLOSED;
2352 std::string permissionName = "ohos.permission.CAMERA";
2353
2354 // UserId is invalid.
2355 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2356 permissionName, status, userID));
2357
2358 // Permission name is invalid.
2359 userID = 123;
2360 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2361 "", status, userID));
2362
2363 // PermissionName is not defined.
2364 permissionName = "ohos.permission.invalid";
2365 ASSERT_EQ(ERR_PERMISSION_NOT_EXIST, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2366 permissionName, status, userID));
2367
2368 // Permission is system_grant.
2369 permissionName = "ohos.permission.USE_BLUETOOTH";
2370 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2371 permissionName, status, userID));
2372
2373 // Status is invalid.
2374 status = -1;
2375 permissionName = "ohos.permission.CAMERA";
2376 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2377 permissionName, status, userID));
2378 }
2379
2380 /**
2381 * @tc.name: SetPermissionRequestToggleStatus002
2382 * @tc.desc: PermissionManager::SetPermissionRequestToggleStatus function test with normal process.
2383 * @tc.type: FUNC
2384 * @tc.require:
2385 */
2386 HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus002, TestSize.Level0)
2387 {
2388 int32_t userID = 123;
2389 uint32_t status = PermissionRequestToggleStatus::CLOSED;
2390 std::string permissionName = "ohos.permission.CAMERA";
2391
2392 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2393 permissionName, status, userID));
2394
2395 status = PermissionRequestToggleStatus::OPEN;
2396 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2397 permissionName, status, userID));
2398 }
2399
2400 /**
2401 * @tc.name: GetPermissionRequestToggleStatus001
2402 * @tc.desc: PermissionManager::GetPermissionRequestToggleStatus function test with invalid userID, invalid permission
2403 * name.
2404 * @tc.type: FUNC
2405 * @tc.require:
2406 */
2407 HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus001, TestSize.Level0)
2408 {
2409 int32_t userID = -1;
2410 uint32_t status;
2411 std::string permissionName = "ohos.permission.CAMERA";
2412
2413 // UserId is invalid.
2414 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2415 permissionName, status, userID));
2416
2417 // PermissionName is invalid.
2418 userID = 123;
2419 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2420 "", status, userID));
2421
2422 // PermissionName is not defined.
2423 permissionName = "ohos.permission.invalid";
2424 ASSERT_EQ(ERR_PERMISSION_NOT_EXIST, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2425 permissionName, status, userID));
2426
2427 // Permission is system_grant.
2428 permissionName = "ohos.permission.USE_BLUETOOTH";
2429 ASSERT_EQ(ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2430 permissionName, status, userID));
2431 }
2432
2433 /**
2434 * @tc.name: GetPermissionRequestToggleStatus002
2435 * @tc.desc: PermissionManager::GetPermissionRequestToggleStatus function test with normal process.
2436 * @tc.type: FUNC
2437 * @tc.require:
2438 */
2439 HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus002, TestSize.Level0)
2440 {
2441 int32_t userID = 123;
2442 uint32_t setStatusClose = PermissionRequestToggleStatus::CLOSED;
2443 uint32_t setStatusOpen = PermissionRequestToggleStatus::OPEN;
2444 uint32_t getStatus;
2445
2446 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2447 "ohos.permission.CAMERA", getStatus, userID));
2448
2449 ASSERT_EQ(setStatusOpen, getStatus);
2450
2451 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2452 "ohos.permission.CAMERA", setStatusClose, userID));
2453
2454 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2455 "ohos.permission.CAMERA", getStatus, userID));
2456
2457 ASSERT_EQ(setStatusClose, getStatus);
2458
2459 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(
2460 "ohos.permission.CAMERA", setStatusOpen, userID));
2461
2462 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(
2463 "ohos.permission.CAMERA", getStatus, userID));
2464
2465 ASSERT_EQ(setStatusOpen, getStatus);
2466 }
2467
2468 /**
2469 * @tc.name: IsPermissionRestrictedByUserPolicy001
2470 * @tc.desc: IsPermissionRestrictedByUserPolicy function test with invalid tokenid.
2471 * @tc.type: FUNC
2472 * @tc.require:
2473 */
2474 HWTEST_F(AccessTokenInfoManagerTest, IsPermissionRestrictedByUserPolicy001, TestSize.Level0)
2475 {
2476 AccessTokenID tokenID = 123; // invalid tokenid
2477 EXPECT_TRUE(AccessTokenInfoManager::GetInstance().IsPermissionRestrictedByUserPolicy(tokenID,
2478 "ohos.permission.CAMERA"));
2479 }
2480 } // namespace AccessToken
2481 } // namespace Security
2482 } // namespace OHOS