1 /*
2 * Copyright (c) 2022-2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "UTTest_permission_manager.h"
17 #include "access_token.h"
18 #include "accesstoken_kit.h"
19 #include "nativetoken_kit.h"
20 #include "token_setproc.h"
21 #include "access_token.h"
22
23 using namespace testing;
24 using namespace testing::ext;
25 namespace OHOS {
26 namespace DistributedHardware {
SetUp()27 void PermissionManagerTest::SetUp()
28 {
29 const int32_t permsNum = 2;
30 const int32_t indexZero = 0;
31 const int32_t indexOne = 1;
32 uint64_t tokenId;
33 const char *perms[permsNum];
34 perms[indexZero] = "ohos.permission.ACCESS_SERVICE_DM";
35 perms[indexOne] = "ohos.permission.DISTRIBUTED_DATASYNC";
36 NativeTokenInfoParams infoInstance = {
37 .dcapsNum = 0,
38 .permsNum = permsNum,
39 .aclsNum = 0,
40 .dcaps = NULL,
41 .perms = perms,
42 .acls = NULL,
43 .processName = "dsoftbus_service",
44 .aplStr = "system_core",
45 };
46 tokenId = GetAccessTokenId(&infoInstance);
47 SetSelfTokenID(tokenId);
48 OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo();
49 }
50 constexpr int32_t PAKAGE_NAME_SIZE_MAX = 256;
51
52 #define SYSTEM_SA_WHITE_LIST_NUM (4)
53 constexpr const static char systemSaWhiteList[SYSTEM_SA_WHITE_LIST_NUM][PAKAGE_NAME_SIZE_MAX] = {
54 "Samgr_Networking",
55 "ohos.distributeddata.service",
56 "ohos.dslm",
57 "ohos.deviceprofile",
58 };
59
TearDown()60 void PermissionManagerTest::TearDown()
61 {
62 }
63
SetUpTestCase()64 void PermissionManagerTest::SetUpTestCase()
65 {
66 DMIPCSkeleton::dmIpcSkeleton_ = ipcSkeletonMock_;
67 DmAccessTokenKit::accessToken_ = accessTokenKitMock_;
68 }
69
TearDownTestCase()70 void PermissionManagerTest::TearDownTestCase()
71 {
72 DMIPCSkeleton::dmIpcSkeleton_ = nullptr;
73 ipcSkeletonMock_ = nullptr;
74 DmAccessTokenKit::accessToken_ = nullptr;
75 accessTokenKitMock_ = nullptr;
76 }
77
78 namespace {
79
80 /**
81 * @tc.name: PinAuthUi::CheckPermission_001
82 * @tc.desc: the return value is true
83 * @tc.type: FUNC
84 * @tc.require: AR000GHSJK
85 */
86 HWTEST_F(PermissionManagerTest, CheckPermission_001, testing::ext::TestSize.Level1)
87 {
88 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(0));
89 bool ret = PermissionManager::GetInstance().CheckPermission();
90 ASSERT_FALSE(ret);
91
92 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(10));
93 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_TYPE_BUTT));
94 ret = PermissionManager::GetInstance().CheckPermission();
95 ASSERT_FALSE(ret);
96
97 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(10));
98 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_HAP));
99 EXPECT_CALL(*accessTokenKitMock_, VerifyAccessToken(_, _))
100 .WillOnce(Return(Security::AccessToken::PermissionState::PERMISSION_DENIED));
101 ret = PermissionManager::GetInstance().CheckPermission();
102 ASSERT_FALSE(ret);
103
104 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(10));
105 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_HAP));
106 EXPECT_CALL(*accessTokenKitMock_, VerifyAccessToken(_, _))
107 .WillOnce(Return(Security::AccessToken::PermissionState::PERMISSION_GRANTED));
108 ret = PermissionManager::GetInstance().CheckPermission();
109 ASSERT_TRUE(ret);
110 }
111
112 /**
113 * @tc.name: PinAuthUi::CheckWhiteListSystemSA_001
114 * @tc.desc: the return value is false
115 * @tc.type:FUNC
116 * @tc.require: AR000GHSJK
117 */
118 HWTEST_F(PermissionManagerTest, CheckWhiteListSystemSA_001, testing::ext::TestSize.Level1)
119 {
120 std::string pkgName;
121 bool ret = PermissionManager::GetInstance().CheckWhiteListSystemSA(pkgName);
122 ASSERT_EQ(ret, false);
123 pkgName = "pkgName";
124 ret = PermissionManager::GetInstance().CheckWhiteListSystemSA(pkgName);
125 ASSERT_EQ(ret, false);
126 }
127
128 /**
129 * @tc.name: PinAuthUi::CheckWhiteListSystemSA_002
130 * @tc.desc: the return value is true
131 * @tc.type:FUNC
132 * @tc.require: AR000GHSJK
133 */
134 HWTEST_F(PermissionManagerTest, CheckWhiteListSystemSA_002, testing::ext::TestSize.Level1)
135 {
136 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(10));
137 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_NATIVE));
138 std::string pkgName1(systemSaWhiteList[0]);
139 bool ret = PermissionManager::GetInstance().CheckWhiteListSystemSA(pkgName1);
140 ASSERT_EQ(ret, true);
141 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(10));
142 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_NATIVE));
143 std::string pkgName2(systemSaWhiteList[1]);
144 ret = PermissionManager::GetInstance().CheckWhiteListSystemSA(pkgName2);
145 ASSERT_EQ(ret, true);
146 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(10));
147 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_NATIVE));
148 std::string pkgName3(systemSaWhiteList[2]);
149 ret = PermissionManager::GetInstance().CheckWhiteListSystemSA(pkgName3);
150 ASSERT_EQ(ret, true);
151 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(10));
152 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_NATIVE));
153 std::string pkgName4(systemSaWhiteList[3]);
154 ret = PermissionManager::GetInstance().CheckWhiteListSystemSA(pkgName4);
155 ASSERT_EQ(ret, true);
156 }
157
158 HWTEST_F(PermissionManagerTest, CheckWhiteListSystemSA_101, testing::ext::TestSize.Level1)
159 {
160 std::string pkgName = "pkgName";
161 bool ret = PermissionManager::GetInstance().CheckWhiteListSystemSA(pkgName);
162 ASSERT_FALSE(ret);
163 }
164
165 HWTEST_F(PermissionManagerTest, CheckWhiteListSystemSA_102, testing::ext::TestSize.Level1)
166 {
167 std::string pkgName = "ohos.dhardware";
168 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(10));
169 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_NATIVE));
170 bool ret = PermissionManager::GetInstance().CheckWhiteListSystemSA(pkgName);
171 ASSERT_TRUE(ret);
172 }
173
174 HWTEST_F(PermissionManagerTest, CheckMonitorPermission_001, testing::ext::TestSize.Level1)
175 {
176 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(0));
177 bool ret = PermissionManager::GetInstance().CheckMonitorPermission();
178 ASSERT_FALSE(ret);
179
180 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1001));
181 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_TYPE_BUTT));
182 ret = PermissionManager::GetInstance().CheckMonitorPermission();
183 ASSERT_FALSE(ret);
184
185 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1001));
186 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_NATIVE));
187 EXPECT_CALL(*accessTokenKitMock_, VerifyAccessToken(_, _))
188 .WillOnce(Return(Security::AccessToken::PermissionState::PERMISSION_DENIED));
189 ret = PermissionManager::GetInstance().CheckMonitorPermission();
190 ASSERT_FALSE(ret);
191
192 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1001));
193 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_NATIVE));
194 EXPECT_CALL(*accessTokenKitMock_, VerifyAccessToken(_, _))
195 .WillOnce(Return(Security::AccessToken::PermissionState::PERMISSION_GRANTED));
196 ret = PermissionManager::GetInstance().CheckMonitorPermission();
197 ASSERT_TRUE(ret);
198 }
199
200 HWTEST_F(PermissionManagerTest, GetWhiteListSystemSA_001, testing::ext::TestSize.Level1)
201 {
202 auto ret = PermissionManager::GetInstance().GetWhiteListSystemSA();
203 ASSERT_FALSE(ret.empty());
204 }
205
206 HWTEST_F(PermissionManagerTest, CheckSystemSA_001, testing::ext::TestSize.Level1)
207 {
208 std::string pkgName = "pkgName";
209 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(0));
210 bool ret = PermissionManager::GetInstance().CheckSystemSA(pkgName);
211 ASSERT_FALSE(ret);
212
213 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1001));
214 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_NATIVE));
215 ret = PermissionManager::GetInstance().CheckSystemSA(pkgName);
216 ASSERT_TRUE(ret);
217
218 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1002));
219 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_TYPE_BUTT));
220 ret = PermissionManager::GetInstance().CheckSystemSA(pkgName);
221 ASSERT_FALSE(ret);
222 }
223
224 HWTEST_F(PermissionManagerTest, GetCallerProcessName_002, testing::ext::TestSize.Level1)
225 {
226 std::string processName;
227 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(0));
228 int32_t ret = PermissionManager::GetInstance().GetCallerProcessName(processName);
229 ASSERT_EQ(ret, ERR_DM_FAILED);
230
231 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1001));
232 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_HAP));
233 EXPECT_CALL(*accessTokenKitMock_, GetHapTokenInfo(_, _)).WillOnce(Return(ERR_DM_FAILED));
234 ret = PermissionManager::GetInstance().GetCallerProcessName(processName);
235 ASSERT_EQ(ret, ERR_DM_FAILED);
236
237 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1001));
238 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_HAP));
239 EXPECT_CALL(*accessTokenKitMock_, GetHapTokenInfo(_, _)).WillOnce(Return(DM_OK));
240 ret = PermissionManager::GetInstance().GetCallerProcessName(processName);
241 ASSERT_EQ(ret, ERR_DM_FAILED);
242
243 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1001));
244 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_NATIVE));
245 EXPECT_CALL(*accessTokenKitMock_, GetNativeTokenInfo(_, _)).WillOnce(Return(ERR_DM_FAILED));
246 ret = PermissionManager::GetInstance().GetCallerProcessName(processName);
247 ASSERT_EQ(ret, ERR_DM_FAILED);
248
249 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1001));
250 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_NATIVE));
251 EXPECT_CALL(*accessTokenKitMock_, GetNativeTokenInfo(_, _)).WillOnce(Return(DM_OK));
252 ret = PermissionManager::GetInstance().GetCallerProcessName(processName);
253 ASSERT_EQ(ret, DM_OK);
254
255 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(1001));
256 EXPECT_CALL(*accessTokenKitMock_, GetTokenTypeFlag(_)).WillOnce(Return(ATokenTypeEnum::TOKEN_TYPE_BUTT));
257 ret = PermissionManager::GetInstance().GetCallerProcessName(processName);
258 ASSERT_EQ(ret, ERR_DM_FAILED);
259 }
260
261 HWTEST_F(PermissionManagerTest, CheckProcessNameValidOnGetDeviceInfo_001, testing::ext::TestSize.Level1)
262 {
263 std::string processName = "";
264 auto ret = PermissionManager::GetInstance().CheckProcessNameValidOnGetDeviceInfo(processName);
265 ASSERT_FALSE(ret);
266
267 processName = "processName";
268 ret = PermissionManager::GetInstance().CheckProcessNameValidOnGetDeviceInfo(processName);
269 ASSERT_FALSE(ret);
270
271 processName = "gameservice_server";
272 ret = PermissionManager::GetInstance().CheckProcessNameValidOnGetDeviceInfo(processName);
273 ASSERT_TRUE(ret);
274 }
275
276 HWTEST_F(PermissionManagerTest, CheckReadLocalDeviceName_001, testing::ext::TestSize.Level1)
277 {
278 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(0));
279 bool ret = PermissionManager::GetInstance().CheckReadLocalDeviceName();
280 ASSERT_FALSE(ret);
281
282 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(10));
283 EXPECT_CALL(*accessTokenKitMock_, VerifyAccessToken(_, _))
284 .WillOnce(Return(Security::AccessToken::PermissionState::PERMISSION_DENIED));
285 ret = PermissionManager::GetInstance().CheckPermission();
286 ASSERT_FALSE(ret);
287
288 EXPECT_CALL(*ipcSkeletonMock_, GetCallingTokenID()).WillOnce(Return(10));
289 EXPECT_CALL(*accessTokenKitMock_, VerifyAccessToken(_, _))
290 .WillOnce(Return(Security::AccessToken::PermissionState::PERMISSION_GRANTED));
291 ret = PermissionManager::GetInstance().CheckPermission();
292 ASSERT_TRUE(ret);
293 }
294 }
295 } // namespace DistributedHardware
296 } // namespace OHOS