1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "security_guard_risk_analysis_test.h"
16 #include "gmock/gmock.h"
17 #define private public
18 #define protected public
19 #include "risk_analysis_manager_service.h"
20 #include "risk_analysis_manager_stub.h"
21 #undef private
22 #undef protected
23 #include "accesstoken_kit.h"
24 #include "tokenid_kit.h"
25 #include "ipc_skeleton.h"
26 using namespace testing;
27 using namespace testing::ext;
28 using namespace OHOS::Security::SecurityGuard;
29 using namespace OHOS::Security::SecurityGuardTest;
30 namespace OHOS {
31 std::shared_ptr<Security::AccessToken::MockTokenIdKitInterface>
32 Security::AccessToken::TokenIdKit::instance_ = nullptr;
33 std::mutex Security::AccessToken::TokenIdKit::mutex_ {};
34 std::shared_ptr<Security::AccessToken::MockAccessTokenKitInterface>
35 Security::AccessToken::AccessTokenKit::instance_ = nullptr;
36 std::mutex Security::AccessToken::AccessTokenKit::mutex_ {};
37
38 class MockRemoteObject final : public IRemoteObject {
39 public:
MockRemoteObject()40 MockRemoteObject() : IRemoteObject(u"")
41 {
42 }
GetObjectRefCount()43 int32_t GetObjectRefCount() { return 0; };
SendRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)44 int SendRequest(uint32_t code, MessageParcel &data, MessageParcel &reply, MessageOption &option) { return 0; };
AddDeathRecipient(const sptr<DeathRecipient> & recipient)45 bool AddDeathRecipient(const sptr<DeathRecipient> &recipient) { return true; };
RemoveDeathRecipient(const sptr<DeathRecipient> & recipient)46 bool RemoveDeathRecipient(const sptr<DeathRecipient> &recipient) { return true; };
Dump(int fd,const std::vector<std::u16string> & args)47 int Dump(int fd, const std::vector<std::u16string> &args) { return 0; };
48 };
49 }
50 namespace OHOS::Security::SecurityGuardTest {
51 RiskAnalysisManagerService riskAnalysisManagerService(RISK_ANALYSIS_MANAGER_SA_ID, true);
SetUpTestCase()52 void SecurityGuardRiskAnalysisTest::SetUpTestCase()
53 {
54 }
TearDownTestCase()55 void SecurityGuardRiskAnalysisTest::TearDownTestCase()
56 {
57 AccessToken::AccessTokenKit::DelInterface();
58 AccessToken::TokenIdKit::DelInterface();
59 }
SetUp()60 void SecurityGuardRiskAnalysisTest::SetUp()
61 {
62 }
TearDown()63 void SecurityGuardRiskAnalysisTest::TearDown()
64 {
65 }
66
67 HWTEST_F(SecurityGuardRiskAnalysisTest, IsApiHasPermission_ApiNotInMap, TestSize.Level1) {
68 std::string api = "apiNotInMap";
69 EXPECT_EQ(riskAnalysisManagerService.IsApiHasPermission(api), 1);
70 }
71
72 HWTEST_F(SecurityGuardRiskAnalysisTest, IsApiHasPermission_CallerNoPermission, TestSize.Level1) {
73 const std::string api = "RequestSecurityModelResult";
74 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), VerifyAccessToken)
75 .WillRepeatedly(Return(AccessToken::PermissionState::PERMISSION_GRANTED));
76 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), GetTokenType)
77 .WillRepeatedly(Return(AccessToken::TypeATokenTypeEnum::TOKEN_HAP));
78 int32_t result = riskAnalysisManagerService.IsApiHasPermission(api);
79 EXPECT_EQ(result, NO_SYSTEMCALL);
80 }
81
82 HWTEST_F(SecurityGuardRiskAnalysisTest, IsApiHasPermission_NotSystemAppNoPermission, TestSize.Level1) {
83 const std::string api = "RequestSecurityModelResult";
84 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), VerifyAccessToken)
85 .WillRepeatedly(Return(AccessToken::PermissionState::PERMISSION_GRANTED));
86 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), GetTokenType)
87 .WillRepeatedly(Return(AccessToken::TypeATokenTypeEnum::TOKEN_NATIVE));
88 int32_t result = riskAnalysisManagerService.IsApiHasPermission(api);
89 EXPECT_EQ(result, SUCCESS);
90 }
91
92 HWTEST_F(SecurityGuardRiskAnalysisTest, IsApiHasPermission_PermissionDenied, TestSize.Level1) {
93 const std::string api = "RequestSecurityModelResult";
94 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), VerifyAccessToken).WillRepeatedly(
95 Return(AccessToken::PermissionState::PERMISSION_DENIED));
96 int32_t result = riskAnalysisManagerService.IsApiHasPermission(api);
97 EXPECT_EQ(result, 2);
98 }
99
100 HWTEST_F(SecurityGuardRiskAnalysisTest, IsApiHasPermission_Success, TestSize.Level1) {
101 const std::string api = "RequestSecurityModelResult";
102 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), VerifyAccessToken).WillRepeatedly(
103 Return(AccessToken::PermissionState::PERMISSION_GRANTED));
104 int32_t result = riskAnalysisManagerService.IsApiHasPermission(api);
105 EXPECT_EQ(result, 0);
106 }
107
108 HWTEST_F(SecurityGuardRiskAnalysisTest, SetModelState_Success, TestSize.Level1) {
109 uint32_t modelId = 1;
110 bool enable = true;
111 int32_t result = riskAnalysisManagerService.SetModelState(modelId, enable);
112 ASSERT_EQ(result, SUCCESS);
113 }
114
115 HWTEST_F(SecurityGuardRiskAnalysisTest, RequestSecurityModelResult01, TestSize.Level1) {
116 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), VerifyAccessToken)
117 .WillRepeatedly(Return(AccessToken::PermissionState::PERMISSION_GRANTED));
118 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), GetTokenType)
119 .WillRepeatedly(Return(AccessToken::TypeATokenTypeEnum::TOKEN_NATIVE));
120 int32_t result = riskAnalysisManagerService.RequestSecurityModelResult("111", 111, "test", nullptr);
121 ASSERT_EQ(result, NULL_OBJECT);
122 }
123
124 HWTEST_F(SecurityGuardRiskAnalysisTest, StartSecurityModel, TestSize.Level1) {
125 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), VerifyAccessToken)
126 .WillRepeatedly(Return(AccessToken::PermissionState::PERMISSION_GRANTED));
127 EXPECT_CALL(*(AccessToken::AccessTokenKit::GetInterface()), GetTokenType)
128 .WillRepeatedly(Return(AccessToken::TypeATokenTypeEnum::TOKEN_NATIVE));
129 int32_t result = riskAnalysisManagerService.StartSecurityModel(222, "test");
130 ASSERT_EQ(result, NOT_FOUND);
131 }
132 }
133