• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#!/usr/bin/env python3
2# -*- coding: utf-8 -*-
3#
4# Copyright (c) 2024 Huawei Device Co., Ltd.
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9#     http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
17from devicetest.core.test_case import TestCase, Step
18from PermissionUtils import PermissionUtils
19import json
20import time
21
22# @tc.number: STD-SECURITY-0107
23# @tc.name: testSystemCoreInternetPermission
24# @tc.desc: 【STD-SECURITY-0107】禁止 APL 级别为 system core 的系统服务拥有联网权限。
25class testSystemCoreInternetPermission(TestCase):
26
27    def __init__(self, controllers):
28        self.TAG = self.__class__.__name__
29        super().__init__(self.TAG, controllers)
30
31    def setup(self):
32        Step("Setup")
33
34    def process(self):
35        Step("Process")
36        networkPermission = 'ohos.permission.INTERNET'
37        errorList = []
38        systemcore = []
39        initFileList = self.device1.execute_shell_command("ls /system/etc/init").strip().split()
40        for initFile in initFileList:
41            if initFile.endswith('.cfg'):
42                cfgInfo = self.device1.execute_shell_command("cat /system/etc/init/" + initFile).strip()
43                time.sleep(0.5)
44                cfgInfoObj = json.loads(cfgInfo)
45                if 'services' not in cfgInfoObj:
46                    continue
47                for service in cfgInfoObj['services']:
48                    if 'apl' in service and service['apl'] == 'system_core':
49                        self.log.info(initFile)
50                        systemcore.append(initFile)
51                        if 'permission' in service:
52                            saPermissionList = service['permission']
53                            if networkPermission in saPermissionList:
54                                errorList.append(initFile + ' has internet permission')
55        if len(errorList) != 0:
56            self.log.info('These system core service can not have internet permission. errorList: [' + ', '.join(errorList) + ']')
57            assert False
58
59    def teardown(self):
60        Step("Teardown")