1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "dlp_permission_kit_test.h"
17 #include <chrono>
18 #include <openssl/rand.h>
19 #include <thread>
20 #include <unistd.h>
21 #include <vector>
22 #include "gtest/gtest.h"
23 #include "accesstoken_kit.h"
24 #include "cert_parcel.h"
25 #include "dlp_permission.h"
26 #include "dlp_permission_log.h"
27 #include "dlp_sandbox_callback_info.h"
28 #include "dlp_sandbox_change_callback_customize.h"
29 #define private public
30 #include "dlp_sandbox_change_callback.h"
31 #include "hex_string.h"
32 #include "open_dlp_file_callback.h"
33 #undef private
34 #include "permission_policy.h"
35 #include "securec.h"
36 #include "token_setproc.h"
37 #include "visited_dlp_file_info.h"
38 #include "want.h"
39 #include "bundle_mgr_client.h"
40
41 namespace OHOS {
42 namespace Security {
43 namespace DlpPermission {
44 using namespace testing::ext;
45 using namespace OHOS::Security::AccessToken;
46
47 namespace {
48 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_DLP_PERMISSION, "DlpPermissionKitTest"};
49
50 const uint32_t ACCOUNT_LENGTH = 20;
51 const uint32_t AESKEY_LEN = 32;
52 const uint32_t IV_LEN = 32;
53 const uint32_t USER_NUM = 10;
54 const int AUTH_PERM = 1;
55 const int64_t DELTA_EXPIRY_TIME = 200;
56
57 const uint32_t INVALID_ACCOUNT_LENGTH_UPPER = 2048;
58 const uint32_t INVALID_ACCOUNT_LENGTH_LOWER = 0;
59 const uint32_t INVALID_AESKEY_LEN_UPPER = 256;
60 const uint32_t INVALID_AESKEY_LEN_LOWER = 0;
61 const uint32_t INVALID_IV_LEN_UPPER = 256;
62 const uint32_t INVALID_IV_LEN_LOWER = 0;
63 const uint32_t INVALID_USER_NUM_UPPER = 200;
64 const uint32_t INVALID_AUTH_PERM_UPPER = 5;
65 const uint32_t INVALID_AUTH_PERM_LOWER = 0;
66 const int64_t INVALID_DELTA_EXPIRY_TIME = -100;
67
68 const int32_t DEFAULT_USERID = 100;
69 const int32_t ACTION_SET_EDIT = 0xff;
70 const int32_t ACTION_SET_FC = 0x7ff;
71 static AccessTokenID g_selfTokenId = 0;
72 static AccessTokenID g_dlpManagerTokenId = 0;
73 static int32_t g_selfUid = 0;
74 const std::string DLP_MANAGER_APP = "com.ohos.dlpmanager";
75 const std::string TEST_URI = "datashare:///media/file/8";
76 const std::string TEST_UNEXIST_URI = "datashare:///media/file/1";
77 static const uint8_t ARRAY_CHAR_SIZE = 62;
78 static const char CHAR_ARRAY[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
79 } // namespace
80
GetRandNum()81 static uint8_t GetRandNum()
82 {
83 uint8_t rand;
84 RAND_bytes(reinterpret_cast<unsigned char *>(&rand), sizeof(rand));
85 return rand;
86 }
87
TestRecordProcessInfo()88 static void TestRecordProcessInfo()
89 {
90 g_selfTokenId = GetSelfTokenID();
91 DLP_LOG_INFO(LABEL, "get self tokenId is %{public}d", g_selfTokenId);
92 g_dlpManagerTokenId = AccessTokenKit::GetHapTokenID(DEFAULT_USERID, DLP_MANAGER_APP, 0);
93 DLP_LOG_INFO(LABEL, "get dlp manager tokenId is %{public}d", g_dlpManagerTokenId);
94 g_selfUid = getuid();
95 DLP_LOG_INFO(LABEL, "get self uid is %{public}d", g_selfUid);
96 }
97
TestSetSelfTokenId(AccessTokenID tokenId)98 static bool TestSetSelfTokenId(AccessTokenID tokenId)
99 {
100 // set tokenId can only be called by native process
101 int32_t uid = getuid();
102 if (setuid(g_selfUid) != 0) {
103 DLP_LOG_ERROR(LABEL, "setuid fail, %s", strerror(errno));
104 return false;
105 }
106
107 DLP_LOG_INFO(LABEL, "set self tokenId from %{public}u to %{public}d",
108 static_cast<unsigned int>(GetSelfTokenID()), tokenId);
109 if (SetSelfTokenID(tokenId) != DLP_OK) {
110 DLP_LOG_ERROR(LABEL, "set self tokenId fail");
111 if (setuid(uid) != 0) {
112 DLP_LOG_ERROR(LABEL, "setuid fail, %s", strerror(errno));
113 }
114 return false;
115 }
116
117 if (setuid(uid) != 0) {
118 DLP_LOG_ERROR(LABEL, "setuid fail, %s", strerror(errno));
119 return false;
120 }
121 return true;
122 }
123
TestGetTokenId(int userID,const std::string & bundleName,int instIndex,AccessTokenID & tokenId)124 static bool TestGetTokenId(int userID, const std::string& bundleName, int instIndex, AccessTokenID& tokenId)
125 {
126 AccessTokenID tmpTokenId = GetSelfTokenID();
127 if (!TestSetSelfTokenId(g_selfTokenId)) {
128 return false;
129 }
130 int32_t uid = getuid();
131 setuid(g_selfUid);
132 tokenId = AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex);
133 setuid(uid);
134 DLP_LOG_INFO(LABEL, "get app tokenId is %{public}d", tokenId);
135 if (!TestSetSelfTokenId(tmpTokenId)) {
136 return false;
137 }
138 return true;
139 }
140
TestGetAppUid(const std::string & bundleName,int32_t appIndex,int32_t userId,int32_t & uid)141 static bool TestGetAppUid(const std::string& bundleName, int32_t appIndex, int32_t userId, int32_t& uid)
142 {
143 AccessTokenID tmpTokenId = GetSelfTokenID();
144 if (!TestSetSelfTokenId(g_selfTokenId)) {
145 return false;
146 }
147 OHOS::AppExecFwk::BundleInfo info;
148 OHOS::AppExecFwk::BundleMgrClient bundleMgrClient;
149 if (appIndex > 0) {
150 if (bundleMgrClient.GetSandboxBundleInfo(bundleName, appIndex, userId, info) != DLP_OK) {
151 DLP_LOG_ERROR(LABEL, "get sandbox app info fail");
152 return false;
153 }
154 } else {
155 if (!bundleMgrClient.GetBundleInfo(bundleName, OHOS::AppExecFwk::GET_BUNDLE_DEFAULT, info, userId)) {
156 DLP_LOG_ERROR(LABEL, "get app info fail");
157 return false;
158 }
159 }
160 DLP_LOG_INFO(LABEL, "get app uid: %{public}d", info.uid);
161 if (!TestSetSelfTokenId(tmpTokenId)) {
162 return false;
163 }
164 uid = info.uid;
165 return true;
166 }
167
TestInstallDlpSandbox(const std::string & bundleName,DLPFileAccess dlpFileAccess,int32_t userId,SandboxInfo & sandboxInfo)168 static void TestInstallDlpSandbox(
169 const std::string& bundleName, DLPFileAccess dlpFileAccess, int32_t userId, SandboxInfo& sandboxInfo)
170 {
171 // install sandbox need permission ACCESS_DLP_FILE, dlpmanager has this permission
172 AccessTokenID tokenId = GetSelfTokenID();
173 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
174
175 ASSERT_EQ(DLP_OK, DlpPermissionKit::InstallDlpSandbox(bundleName, dlpFileAccess, userId, sandboxInfo, TEST_URI));
176 ASSERT_TRUE(sandboxInfo.appIndex != 0);
177
178 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
179 }
180
TestUninstallDlpSandbox(const std::string & bundleName,int32_t appIndex,int32_t userId)181 static void TestUninstallDlpSandbox(const std::string& bundleName, int32_t appIndex, int32_t userId)
182 {
183 // uninstall sandbox need permission ACCESS_DLP_FILE, dlpmanager has this permission
184 AccessTokenID tokenId = GetSelfTokenID();
185 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
186
187 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(bundleName, appIndex, userId));
188
189 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
190 }
191
TestMockApp(const std::string & bundleName,int32_t appIndex,int32_t userId)192 static void TestMockApp(const std::string& bundleName, int32_t appIndex, int32_t userId)
193 {
194 AccessTokenID tokenId;
195 ASSERT_TRUE(TestGetTokenId(userId, bundleName, appIndex, tokenId));
196 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
197 int32_t uid;
198 ASSERT_TRUE(TestGetAppUid(bundleName, appIndex, userId, uid));
199 ASSERT_EQ(DLP_OK, setuid(uid));
200 }
201
TestRecoverProcessInfo(int32_t uid,AccessTokenID tokenId)202 static void TestRecoverProcessInfo(int32_t uid, AccessTokenID tokenId)
203 {
204 ASSERT_EQ(DLP_OK, setuid((uid)));
205 ASSERT_TRUE(TestSetSelfTokenId((tokenId)));
206 }
207
SetUpTestCase()208 void DlpPermissionKitTest::SetUpTestCase()
209 {
210 // make test case clean
211 DLP_LOG_INFO(LABEL, "SetUpTestCase.");
212 TestRecordProcessInfo();
213 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
214 }
215
TearDownTestCase()216 void DlpPermissionKitTest::TearDownTestCase()
217 {
218 DLP_LOG_INFO(LABEL, "TearDownTestCase.");
219 ASSERT_TRUE(TestSetSelfTokenId(g_selfTokenId));
220 }
221
SetUp()222 void DlpPermissionKitTest::SetUp()
223 {
224 DLP_LOG_INFO(LABEL, "SetUp ok.");
225 }
226
TearDown()227 void DlpPermissionKitTest::TearDown()
228 {
229 DLP_LOG_INFO(LABEL, "TearDown.");
230 }
231
GenerateRandArray(uint32_t len)232 static uint8_t* GenerateRandArray(uint32_t len)
233 {
234 if (len < 1) {
235 DLP_LOG_ERROR(LABEL, "len error");
236 return nullptr;
237 }
238 uint8_t* str = new (std::nothrow) uint8_t[len];
239 if (str == nullptr) {
240 DLP_LOG_ERROR(LABEL, "New memory fail");
241 return nullptr;
242 }
243 for (uint32_t i = 0; i < len; i++) {
244 str[i] = GetRandNum() % 255; // uint8_t range 0 ~ 255
245 }
246 return str;
247 }
248
GenerateRandStr(uint32_t len,std::string & res)249 static void GenerateRandStr(uint32_t len, std::string& res)
250 {
251 for (uint32_t i = 0; i < len; i++) {
252 uint32_t index = GetRandNum() % ARRAY_CHAR_SIZE;
253 DLP_LOG_INFO(LABEL, "%{public}u", index);
254 res.push_back(CHAR_ARRAY[index]);
255 }
256 DLP_LOG_INFO(LABEL, "%{public}s", res.c_str());
257 }
258
259 struct GeneratePolicyParam {
260 uint32_t ownerAccountLen;
261 uint32_t aeskeyLen;
262 uint32_t ivLen;
263 uint32_t userNum;
264 uint32_t authAccountLen;
265 uint32_t authPerm;
266 int64_t deltaTime;
267 };
268
GeneratePolicy(PermissionPolicy & encPolicy,GeneratePolicyParam param)269 static void GeneratePolicy(PermissionPolicy& encPolicy, GeneratePolicyParam param)
270 {
271 uint64_t curTime = static_cast<uint64_t>(
272 std::chrono::duration_cast<std::chrono::seconds>(std::chrono::system_clock::now().time_since_epoch()).count());
273 GenerateRandStr(param.ownerAccountLen, encPolicy.ownerAccount_);
274 encPolicy.ownerAccountId_ = encPolicy.ownerAccount_;
275 encPolicy.ownerAccountType_ = DOMAIN_ACCOUNT;
276 uint8_t* key = GenerateRandArray(param.aeskeyLen);
277 encPolicy.SetAeskey(key, param.aeskeyLen);
278 if (key != nullptr) {
279 delete[] key;
280 key = nullptr;
281 }
282 uint8_t* iv = GenerateRandArray(param.ivLen);
283 encPolicy.SetIv(iv, param.ivLen);
284 if (iv != nullptr) {
285 delete[] iv;
286 iv = nullptr;
287 }
288 for (uint32_t user = 0; user < param.userNum; ++user) {
289 std::string accountName;
290 GenerateRandStr(param.authAccountLen, accountName);
291 AuthUserInfo perminfo = {.authAccount = strdup(const_cast<char *>(accountName.c_str())),
292 .authPerm = static_cast<DLPFileAccess>(param.authPerm),
293 .permExpiryTime = curTime + param.deltaTime,
294 .authAccountType = DOMAIN_ACCOUNT};
295 encPolicy.authUsers_.emplace_back(perminfo);
296 }
297 }
298
TestGenerateDlpCertWithInvalidParam(GeneratePolicyParam param)299 static int32_t TestGenerateDlpCertWithInvalidParam(GeneratePolicyParam param)
300 {
301 PermissionPolicy encPolicy;
302 GeneratePolicy(encPolicy, param);
303 std::vector<uint8_t> cert;
304 int32_t res = DlpPermissionKit::GenerateDlpCertificate(encPolicy, cert);
305 return res;
306 }
307
308 /**
309 * @tc.name: SetRetentionState01
310 * @tc.desc: SetRetentionState abnormal input test.
311 * @tc.type: FUNC
312 * @tc.require:SR000I38N7
313 */
314 HWTEST_F(DlpPermissionKitTest, SetRetentionState01, TestSize.Level1)
315 {
316 int32_t uid = getuid();
317 AccessTokenID selfTokenId = GetSelfTokenID();
318 std::vector<std::string> docUriVec;
319 docUriVec.push_back(TEST_URI);
320 SandboxInfo sandboxInfo;
321
322 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
323 ASSERT_EQ(DLP_OK,
324 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
325 ASSERT_TRUE(sandboxInfo.appIndex != 0);
326 AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, DLP_MANAGER_APP, sandboxInfo.appIndex);
327 AccessTokenID normalTokenId = AccessTokenKit::GetHapTokenID(100, DLP_MANAGER_APP, 0);
328 std::vector<RetentionSandBoxInfo> retentionSandBoxInfoVec;
329 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
330 ASSERT_TRUE(0 == retentionSandBoxInfoVec.size());
331 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
332 retentionSandBoxInfoVec.clear();
333 ASSERT_EQ(DLP_SERVICE_ERROR_API_NOT_FOR_SANDBOX_ERROR,
334 DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
335 ASSERT_TRUE(TestSetSelfTokenId(normalTokenId));
336 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
337 ASSERT_TRUE(0 == retentionSandBoxInfoVec.size());
338 ASSERT_EQ(DLP_SERVICE_ERROR_API_ONLY_FOR_SANDBOX_ERROR, DlpPermissionKit::SetRetentionState(docUriVec));
339 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
340 ASSERT_EQ(DLP_OK, DlpPermissionKit::SetRetentionState(docUriVec));
341 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
342 ASSERT_TRUE(TestSetSelfTokenId(normalTokenId));
343 retentionSandBoxInfoVec.clear();
344 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
345 ASSERT_TRUE(0 != retentionSandBoxInfoVec.size());
346 retentionSandBoxInfoVec.clear();
347 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
348 ASSERT_TRUE(0 != retentionSandBoxInfoVec.size());
349 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
350 TestRecoverProcessInfo(uid, selfTokenId);
351 }
352
353 /**
354 * @tc.name: SetRetentionState02
355 * @tc.desc: SetRetentionState abnormal input test.
356 * @tc.type: FUNC
357 * @tc.require:SR000I38N7
358 */
359 HWTEST_F(DlpPermissionKitTest, SetRetentionState02, TestSize.Level1)
360 {
361 int32_t uid = getuid();
362 AccessTokenID tokenId = GetSelfTokenID();
363 DLP_LOG_INFO(LABEL, "SetRetentionState02 tokenId from %{public}u", static_cast<unsigned int>(GetSelfTokenID()));
364 std::vector<std::string> docUriVec;
365 std::vector<RetentionSandBoxInfo> retentionSandBoxInfoVec;
366 SandboxInfo sandboxInfo;
367 ASSERT_EQ(DLP_OK,
368 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
369 docUriVec.clear();
370 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
371 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::CancelRetentionState(docUriVec));
372 docUriVec.push_back(TEST_UNEXIST_URI);
373 ASSERT_EQ(DLP_OK, DlpPermissionKit::CancelRetentionState(docUriVec));
374 docUriVec.clear();
375 docUriVec.push_back(TEST_URI);
376 ASSERT_EQ(DLP_OK, DlpPermissionKit::CancelRetentionState(docUriVec));
377 retentionSandBoxInfoVec.clear();
378 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
379 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
380 ASSERT_TRUE(0 == retentionSandBoxInfoVec.size());
381 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
382 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
383 TestRecoverProcessInfo(uid, tokenId);
384 }
385
386 /* *
387 * @tc.name: SetRetentionState03
388 * @tc.desc: SetRetentionState abnormal input test.
389 * @tc.type: FUNC
390 * @tc.require:SR000I38N7
391 */
392 HWTEST_F(DlpPermissionKitTest, SetRetentionState03, TestSize.Level1)
393 {
394 int32_t uid = getuid();
395 SandboxInfo sandboxInfo;
396 AccessTokenID tokenId = GetSelfTokenID();
397 DLP_LOG_INFO(LABEL, "SetRetentionState03 tokenId from %{public}u", static_cast<unsigned int>(GetSelfTokenID()));
398
399 ASSERT_EQ(DLP_OK,
400 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
401 ASSERT_TRUE(sandboxInfo.appIndex != 0);
402 AccessTokenID sandboxTokenId = AccessTokenKit::GetHapTokenID(DEFAULT_USERID, DLP_MANAGER_APP, sandboxInfo.appIndex);
403 DLP_LOG_INFO(LABEL, "SetRetentionState03 sandboxTokenId tokenId from %{public}d ", sandboxTokenId);
404 ASSERT_TRUE(TestSetSelfTokenId(sandboxTokenId));
405 std::vector<std::string> docUriVec;
406 int32_t res = DlpPermissionKit::SetRetentionState(docUriVec);
407 DLP_LOG_INFO(LABEL, "SetRetentionState03 res %{public}d", res);
408 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, res);
409 docUriVec.push_back(TEST_URI);
410 res = DlpPermissionKit::SetRetentionState(docUriVec);
411 DLP_LOG_INFO(LABEL, "SetRetentionState03 res %{public}d", res);
412 ASSERT_EQ(DLP_OK, res);
413 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
414 TestRecoverProcessInfo(uid, tokenId);
415 }
416
417 /* *
418 * @tc.name: OnGenerateDlpCertificate001
419 * @tc.desc: OnGenerateDlpCertificate abnormal input test.
420 * @tc.type: FUNC
421 * @tc.require:AR000GVIG0
422 */
423 HWTEST_F(DlpPermissionKitTest, OnGenerateDlpCertificate001, TestSize.Level1)
424 {
425 auto generateDlpCertificateCallback = std::make_shared<ClientGenerateDlpCertificateCallback>();
426 std::vector<uint8_t> cert;
427 cert = { 1, 2, 3 };
428 generateDlpCertificateCallback->OnGenerateDlpCertificate(-1, cert);
429 ASSERT_EQ(-1, generateDlpCertificateCallback->result_);
430 ASSERT_TRUE(generateDlpCertificateCallback->isCallBack_);
431 }
432
433 /**
434 * @tc.name: OnParseDlpCertificate001
435 * @tc.desc: OnParseDlpCertificate abnormal input test.
436 * @tc.type: FUNC
437 * @tc.require:AR000GVIG0
438 */
439 HWTEST_F(DlpPermissionKitTest, OnParseDlpCertificate001, TestSize.Level1)
440 {
441 auto parseDlpCertificateCallback = std::make_shared<ClientParseDlpCertificateCallback>();
442 PermissionPolicy policy;
443 parseDlpCertificateCallback->OnParseDlpCertificate(-1, policy, {});
444 ASSERT_EQ(-1, parseDlpCertificateCallback->result_);
445 ASSERT_TRUE(parseDlpCertificateCallback->isCallBack_);
446 }
447
448 /* *
449 * @tc.name: GenerateDlpCertificate001
450 * @tc.desc: GenerateDlpCertificate abnormal input test.
451 * @tc.type: FUNC
452 * @tc.require:AR000GVIG0
453 */
454 HWTEST_F(DlpPermissionKitTest, GenerateDlpCertificate001, TestSize.Level1)
455 {
456 GeneratePolicyParam param = {INVALID_ACCOUNT_LENGTH_UPPER, AESKEY_LEN,
457 IV_LEN, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
458 EXPECT_EQ(
459 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
460 param.ownerAccountLen = INVALID_ACCOUNT_LENGTH_LOWER;
461 EXPECT_EQ(
462 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
463 param = {ACCOUNT_LENGTH, INVALID_AESKEY_LEN_UPPER,
464 IV_LEN, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
465 EXPECT_EQ(
466 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
467 param = {ACCOUNT_LENGTH, INVALID_AESKEY_LEN_LOWER,
468 IV_LEN, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
469 EXPECT_EQ(
470 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
471 param = {ACCOUNT_LENGTH, AESKEY_LEN, INVALID_IV_LEN_UPPER, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
472 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
473 param = {ACCOUNT_LENGTH, AESKEY_LEN, INVALID_IV_LEN_LOWER, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
474 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
475 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
476 INVALID_USER_NUM_UPPER, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
477 EXPECT_EQ(
478 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
479 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
480 USER_NUM, INVALID_ACCOUNT_LENGTH_UPPER, AUTH_PERM, DELTA_EXPIRY_TIME};
481 EXPECT_EQ(
482 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
483 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
484 USER_NUM, INVALID_ACCOUNT_LENGTH_LOWER, AUTH_PERM, DELTA_EXPIRY_TIME};
485 EXPECT_EQ(
486 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
487 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
488 USER_NUM, ACCOUNT_LENGTH, INVALID_AUTH_PERM_UPPER, DELTA_EXPIRY_TIME};
489 EXPECT_EQ(
490 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
491 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
492 USER_NUM, ACCOUNT_LENGTH, INVALID_AUTH_PERM_LOWER, DELTA_EXPIRY_TIME};
493 EXPECT_EQ(
494 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
495 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
496 USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, INVALID_DELTA_EXPIRY_TIME};
497 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
498 param = {ACCOUNT_LENGTH, AESKEY_LEN,
499 AESKEY_LEN, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
500 EXPECT_NE(DLP_OK, TestGenerateDlpCertWithInvalidParam(param));
501 }
502
503 /**
504 * @tc.name: ParseDlpCertificate001
505 * @tc.desc: ParseDlpCertificate abnormal input test.
506 * @tc.type: FUNC
507 * @tc.require:AR000GVIG0
508 */
509 HWTEST_F(DlpPermissionKitTest, ParseDlpCertificate001, TestSize.Level1)
510 {
511 sptr<CertParcel> certParcel = new (std::nothrow) CertParcel();
512 PermissionPolicy policy;
513 certParcel->contactAccount = "test";
514 std::string appId = "test_appId_passed";
515 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::ParseDlpCertificate(certParcel, policy, appId, true));
516 certParcel->cert = {1, 2, 3};
517 ASSERT_NE(DLP_OK, DlpPermissionKit::ParseDlpCertificate(certParcel, policy, appId, true));
518 }
519
520 /**
521 * @tc.name: InstallDlpSandbox001
522 * @tc.desc: InstallDlpSandbox test.
523 * @tc.type: FUNC
524 * @tc.require:AR000GVIG8
525 */
526 HWTEST_F(DlpPermissionKitTest, InstallDlpSandbox001, TestSize.Level1)
527 {
528 SandboxInfo sandboxInfo;
529 ASSERT_EQ(DLP_OK,
530 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
531 ASSERT_TRUE(sandboxInfo.appIndex != 0);
532 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
533 }
534
535 /**
536 * @tc.name: InstallDlpSandbox002
537 * @tc.desc: InstallDlpSandbox invalid input.
538 * @tc.type: FUNC
539 * @tc.require:AR000GVIG8
540 */
541 HWTEST_F(DlpPermissionKitTest, InstallDlpSandbox002, TestSize.Level1)
542 {
543 SandboxInfo sandboxInfo;
544 ASSERT_NE(
545 DLP_OK, DlpPermissionKit::InstallDlpSandbox("test.test", READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
546 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID,
547 DlpPermissionKit::InstallDlpSandbox("", READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
548 ASSERT_EQ(
549 DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP,
550 static_cast<DLPFileAccess>(100), DEFAULT_USERID, sandboxInfo, TEST_URI));
551 }
552
553 /**
554 * @tc.name: UninstallDlpSandbox001
555 * @tc.desc: UninstallDlpSandbox test.
556 * @tc.type: FUNC
557 * @tc.require: SR000GVIGF AR000GVIGG
558 */
559 HWTEST_F(DlpPermissionKitTest, UninstallDlpSandbox001, TestSize.Level1)
560 {
561 SandboxInfo sandboxInfo;
562 ASSERT_EQ(DLP_OK,
563 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
564 ASSERT_TRUE(sandboxInfo.appIndex != 0);
565 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
566 }
567
568 /* *
569 * @tc.name: UninstallDlpSandbox002
570 * @tc.desc: UninstallDlpSandbox invalid input.
571 * @tc.type: FUNC
572 * @tc.require: SR000GVIGF AR000GVIGG
573 */
574 HWTEST_F(DlpPermissionKitTest, UninstallDlpSandbox002, TestSize.Level1)
575 {
576 int32_t appIndex = 1;
577 ASSERT_NE(DLP_OK, DlpPermissionKit::UninstallDlpSandbox("test.test", appIndex, DEFAULT_USERID));
578 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::UninstallDlpSandbox("", appIndex, DEFAULT_USERID));
579 }
580
581 /**
582 * @tc.name: GetSandboxExternalAuthorization001
583 * @tc.desc: GetSandboxExternalAuthorization test.
584 * @tc.type: FUNC
585 * @tc.require: SR000GVIR0 AR000GVIR1
586 */
587 HWTEST_F(DlpPermissionKitTest, GetSandboxExternalAuthorization001, TestSize.Level1)
588 {
589 int32_t uid = getuid();
590 AccessTokenID selfTokenId = GetSelfTokenID();
591 // sandboxUid is invalid
592 OHOS::AAFwk::Want want;
593 SandBoxExternalAuthorType authType;
594 ASSERT_NE(DLP_OK, DlpPermissionKit::GetSandboxExternalAuthorization(-1, want, authType));
595
596 // sandboxUid is ok
597 SandboxInfo sandboxInfo;
598 ASSERT_EQ(DLP_OK,
599 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
600 int sandboxUid;
601 ASSERT_TRUE(TestGetAppUid(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID, sandboxUid));
602 ASSERT_EQ(DLP_SERVICE_ERROR_API_ONLY_FOR_SANDBOX_ERROR,
603 DlpPermissionKit::GetSandboxExternalAuthorization(sandboxUid, want, authType));
604 ASSERT_EQ(DLP_SERVICE_ERROR_API_ONLY_FOR_SANDBOX_ERROR,
605 DlpPermissionKit::GetSandboxExternalAuthorization(sandboxUid, want, authType));
606 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
607 ASSERT_TRUE(authType == DENY_START_ABILITY);
608 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
609
610 // uid is not sandbox
611 ASSERT_EQ(DLP_SERVICE_ERROR_PARCEL_OPERATE_FAIL,
612 DlpPermissionKit::GetSandboxExternalAuthorization(1000, want, authType));
613 ASSERT_TRUE(authType == DENY_START_ABILITY);
614 TestRecoverProcessInfo(uid, selfTokenId);
615 }
616
617 /**
618 * @tc.name: QueryDlpFileCopyableByTokenId001
619 * @tc.desc: QueryDlpFileCopyableByTokenId with read only sandbox app tokenId.
620 * @tc.type: FUNC
621 * @tc.require: SR000GVIGL AR000GVIGM
622 */
623 HWTEST_F(DlpPermissionKitTest, QueryDlpFileCopyableByTokenId001, TestSize.Level1)
624 {
625 // query dlp file access with read only sandbox app tokenId
626 SandboxInfo sandboxInfo;
627 ASSERT_EQ(DLP_OK,
628 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
629 ASSERT_TRUE(sandboxInfo.appIndex != 0);
630 AccessTokenID sandboxTokenId;
631 ASSERT_TRUE(TestGetTokenId(DEFAULT_USERID, DLP_MANAGER_APP, sandboxInfo.appIndex, sandboxTokenId));
632 bool copyable = false;
633 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileCopyableByTokenId(copyable, sandboxTokenId));
634 ASSERT_EQ(copyable, false);
635 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
636 }
637
638 /**
639 * @tc.name: QueryDlpFileCopyableByTokenId002
640 * @tc.desc: QueryDlpFileCopyableByTokenId with full control sandbox app tokenId.
641 * @tc.type: FUNC
642 * @tc.require: SR000GVIGL AR000GVIGM
643 */
644 HWTEST_F(DlpPermissionKitTest, QueryDlpFileCopyableByTokenId002, TestSize.Level1)
645 {
646 // query dlp file access with full control sandbox app tokenId
647 SandboxInfo sandboxInfo;
648 ASSERT_EQ(DLP_OK,
649 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
650 ASSERT_TRUE(sandboxInfo.appIndex != 0);
651 AccessTokenID sandboxTokenId;
652 ASSERT_TRUE(TestGetTokenId(DEFAULT_USERID, DLP_MANAGER_APP, sandboxInfo.appIndex, sandboxTokenId));
653 bool copyable = false;
654 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileCopyableByTokenId(copyable, sandboxTokenId));
655 ASSERT_EQ(copyable, true);
656 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
657 }
658
659 /**
660 * @tc.name: QueryDlpFileCopyableByTokenId003
661 * @tc.desc: QueryDlpFileCopyableByTokenId with normal app tokenId.
662 * @tc.type: FUNC
663 * @tc.require: SR000GVIGL AR000GVIGM
664 */
665 HWTEST_F(DlpPermissionKitTest, QueryDlpFileCopyableByTokenId003, TestSize.Level1)
666 {
667 // query dlp file access with normal app tokenId
668 bool copyable = false;
669 AccessTokenID normalTokenId;
670 ASSERT_TRUE(TestGetTokenId(DEFAULT_USERID, DLP_MANAGER_APP, 0, normalTokenId));
671 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileCopyableByTokenId(copyable, normalTokenId));
672 ASSERT_EQ(copyable, true);
673 }
674
675 /**
676 * @tc.name: QueryDlpFileCopyableByTokenId004
677 * @tc.desc: QueryDlpFileCopyableByTokenId invalid input.
678 * @tc.type: FUNC
679 * @tc.require: SR000GVIGL AR000GVIGM
680 */
681 HWTEST_F(DlpPermissionKitTest, QueryDlpFileCopyableByTokenId004, TestSize.Level1)
682 {
683 // query dlp file access with invalid tokenId
684 bool copyable = false;
685 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::QueryDlpFileCopyableByTokenId(copyable, 0));
686 ASSERT_EQ(copyable, false);
687 }
688
689 /**
690 * @tc.name: QueryDlpFileAccess001
691 * @tc.desc: QueryDlpFileAccess in normal app.
692 * @tc.type: FUNC
693 * @tc.require: SR000GVIGN AR000GVIGO
694 */
695 HWTEST_F(DlpPermissionKitTest, QueryDlpFileAccess001, TestSize.Level1)
696 {
697 // query dlp file access in normal app
698 int32_t uid = getuid();
699 AccessTokenID tokenId = GetSelfTokenID();
700 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
701
702 DLPPermissionInfo permInfo;
703 ASSERT_EQ(DLP_SERVICE_ERROR_API_ONLY_FOR_SANDBOX_ERROR, DlpPermissionKit::QueryDlpFileAccess(permInfo));
704
705 TestRecoverProcessInfo(uid, tokenId);
706 }
707
708 /**
709 * @tc.name: QueryDlpFileAccess002
710 * @tc.desc: QueryDlpFileAccess in read only sandbox app.
711 * @tc.type: FUNC
712 * @tc.require: SR000GVIGN AR000GVIGO
713 */
714 HWTEST_F(DlpPermissionKitTest, QueryDlpFileAccess002, TestSize.Level1)
715 {
716 // query dlp file access in read only sandbox app
717 SandboxInfo sandboxInfo;
718 TestInstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo);
719
720 int32_t uid = getuid();
721 AccessTokenID tokenId = GetSelfTokenID();
722 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
723
724 DLPPermissionInfo permInfo;
725 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileAccess(permInfo));
726 ASSERT_EQ(permInfo.dlpFileAccess, READ_ONLY);
727 ASSERT_EQ(permInfo.flags, ACTION_VIEW);
728
729 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
730 TestRecoverProcessInfo(uid, tokenId);
731 }
732
733 /**
734 * @tc.name: QueryDlpFileAccess003
735 * @tc.desc: QueryDlpFileAccess in content edit sandbox app.
736 * @tc.type: FUNC
737 * @tc.require: SR000GVIGN AR000GVIGO
738 */
739 HWTEST_F(DlpPermissionKitTest, QueryDlpFileAccess003, TestSize.Level1)
740 {
741 // query dlp file access in content edit sandbox app
742 SandboxInfo sandboxInfo;
743 TestInstallDlpSandbox(DLP_MANAGER_APP, CONTENT_EDIT, DEFAULT_USERID, sandboxInfo);
744
745 int32_t uid = getuid();
746 AccessTokenID tokenId = GetSelfTokenID();
747 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
748
749 DLPPermissionInfo permInfo;
750 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileAccess(permInfo));
751 ASSERT_EQ(permInfo.dlpFileAccess, CONTENT_EDIT);
752 ASSERT_EQ(permInfo.flags, ACTION_SET_EDIT);
753
754 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
755 TestRecoverProcessInfo(uid, tokenId);
756 }
757
758 /**
759 * @tc.name: QueryDlpFileAccess004
760 * @tc.desc: QueryDlpFileAccess in full control sandbox app.
761 * @tc.type: FUNC
762 * @tc.require: SR000GVIGN AR000GVIGO
763 */
764 HWTEST_F(DlpPermissionKitTest, QueryDlpFileAccess004, TestSize.Level1)
765 {
766 // query dlp file access in full control sandbox app
767 SandboxInfo sandboxInfo;
768 TestInstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo);
769
770 int32_t uid = getuid();
771 AccessTokenID tokenId = GetSelfTokenID();
772 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
773
774 DLPPermissionInfo permInfo;
775 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileAccess(permInfo));
776 ASSERT_EQ(permInfo.dlpFileAccess, FULL_CONTROL);
777 ASSERT_EQ(permInfo.flags, ACTION_SET_FC);
778
779 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
780 TestRecoverProcessInfo(uid, tokenId);
781 }
782
783 /**
784 * @tc.name: IsInDlpSandbox001
785 * @tc.desc: IsInDlpSandbox in normal app.
786 * @tc.type: FUNC
787 * @tc.require: SR000GVIGN AR000GVIGO
788 */
789 HWTEST_F(DlpPermissionKitTest, IsInDlpSandbox001, TestSize.Level1)
790 {
791 // query whether in sandbox in normal app
792 bool inSandbox = false;
793
794 int32_t uid = getuid();
795 AccessTokenID tokenId = GetSelfTokenID();
796 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
797
798 ASSERT_EQ(DLP_OK, DlpPermissionKit::IsInDlpSandbox(inSandbox));
799 ASSERT_EQ(inSandbox, false);
800
801 TestRecoverProcessInfo(uid, tokenId);
802 }
803
804 /**
805 * @tc.name: IsInDlpSandbox002
806 * @tc.desc: IsInDlpSandbox in read only sandbox app.
807 * @tc.type: FUNC
808 * @tc.require: SR000GVIGN AR000GVIGO
809 */
810 HWTEST_F(DlpPermissionKitTest, IsInDlpSandbox002, TestSize.Level1)
811 {
812 // query whether in sandbox in read only sandbox app
813 SandboxInfo sandboxInfo;
814 TestInstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo);
815
816 int32_t uid = getuid();
817 AccessTokenID tokenId = GetSelfTokenID();
818 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
819
820 bool inSandbox = false;
821 ASSERT_EQ(DLP_OK, DlpPermissionKit::IsInDlpSandbox(inSandbox));
822 ASSERT_EQ(inSandbox, true);
823 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
824 TestRecoverProcessInfo(uid, tokenId);
825 }
826
827 /**
828 * @tc.name: IsInDlpSandbox003
829 * @tc.desc: IsInDlpSandbox in full control sandbox app.
830 * @tc.type: FUNC
831 * @tc.require: SR000GVIGN AR000GVIGO
832 */
833 HWTEST_F(DlpPermissionKitTest, IsInDlpSandbox003, TestSize.Level1)
834 {
835 // query whether in sandbox in full control sandbox app
836 SandboxInfo sandboxInfo;
837 TestInstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo);
838
839 int32_t uid = getuid();
840 AccessTokenID tokenId = GetSelfTokenID();
841 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
842
843 bool inSandbox = false;
844 ASSERT_EQ(DLP_OK, DlpPermissionKit::IsInDlpSandbox(inSandbox));
845 ASSERT_EQ(inSandbox, true);
846
847 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
848 TestRecoverProcessInfo(uid, tokenId);
849 }
850
851 /**
852 * @tc.name: GetDlpSupportFileType001
853 * @tc.desc: GetDlpSupportFileType in normal app.
854 * @tc.type: FUNC
855 * @tc.require: SR000GVIGN AR000GVIGO
856 */
857 HWTEST_F(DlpPermissionKitTest, GetDlpSupportFileType001, TestSize.Level1)
858 {
859 DLP_LOG_INFO(LABEL, "enter GetDlpSupportFileType001");
860 // query support dlp file types in normal app
861 std::vector<std::string> supportFileType;
862 int32_t uid = getuid();
863 AccessTokenID tokenId = GetSelfTokenID();
864 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
865
866 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDlpSupportFileType(supportFileType));
867 ASSERT_EQ(supportFileType.empty(), false);
868
869 TestRecoverProcessInfo(uid, tokenId);
870 }
871
872 /**
873 * @tc.name: GetDlpSupportFileType002
874 * @tc.desc: GetDlpSupportFileType in read only sandbox app.
875 * @tc.type: FUNC
876 * @tc.require: SR000GVIGN AR000GVIGO
877 */
878 HWTEST_F(DlpPermissionKitTest, GetDlpSupportFileType002, TestSize.Level1)
879 {
880 // query support dlp file types in read only sandbox app
881 SandboxInfo sandboxInfo;
882 TestInstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo);
883
884 int32_t uid = getuid();
885 AccessTokenID tokenId = GetSelfTokenID();
886 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
887 std::vector<std::string> supportFileType;
888 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDlpSupportFileType(supportFileType));
889 ASSERT_EQ(supportFileType.empty(), false);
890
891 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
892 TestRecoverProcessInfo(uid, tokenId);
893 }
894
895 /**
896 * @tc.name: GetDlpSupportFileType003
897 * @tc.desc: GetDlpSupportFileType in context edit sandbox app.
898 * @tc.type: FUNC
899 * @tc.require:
900 */
901 HWTEST_F(DlpPermissionKitTest, GetDlpSupportFileType003, TestSize.Level1)
902 {
903 // query support dlp file types in context edit sandbox app
904 SandboxInfo sandboxInfo;
905 TestInstallDlpSandbox(DLP_MANAGER_APP, CONTENT_EDIT, DEFAULT_USERID, sandboxInfo);
906
907 int32_t uid = getuid();
908 AccessTokenID tokenId = GetSelfTokenID();
909 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
910 std::vector<std::string> supportFileType;
911 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDlpSupportFileType(supportFileType));
912 ASSERT_EQ(supportFileType.empty(), false);
913
914 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
915 TestRecoverProcessInfo(uid, tokenId);
916 }
917
918 /**
919 * @tc.name: GetDlpSupportFileType004
920 * @tc.desc: GetDlpSupportFileType in full control sandbox app.
921 * @tc.type: FUNC
922 * @tc.require: SR000GVIGN AR000GVIGO
923 */
924 HWTEST_F(DlpPermissionKitTest, GetDlpSupportFileType004, TestSize.Level1)
925 {
926 DLP_LOG_INFO(LABEL, "enter GetDlpSupportFileType004");
927 // query support dlp file types in full control sandbox app
928 SandboxInfo sandboxInfo;
929 TestInstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo);
930
931 int32_t uid = getuid();
932 AccessTokenID tokenId = GetSelfTokenID();
933 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
934
935 std::vector<std::string> supportFileType;
936 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDlpSupportFileType(supportFileType));
937 ASSERT_EQ(supportFileType.empty(), false);
938
939 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
940 TestRecoverProcessInfo(uid, tokenId);
941 }
942
943 /**
944 * @tc.name: GetDlpGatheringPolicy001
945 * @tc.desc: GetDlpGatheringPolicy test
946 * @tc.type: FUNC
947 * @tc.require:
948 */
949 HWTEST_F(DlpPermissionKitTest, GetDlpGatheringPolicy001, TestSize.Level1)
950 {
951 // query gathering policy on this device
952 bool isGathering = false;
953
954 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDlpGatheringPolicy(isGathering));
955 ASSERT_EQ(isGathering, false);
956 }
957
958 /**
959 * @tc.name: ClearUnreservedSandbox001
960 * @tc.desc: ClearUnreservedSandbox.
961 * @tc.type: FUNC
962 * @tc.require: SR000I38N7
963 */
964 HWTEST_F(DlpPermissionKitTest, ClearUnreservedSandbox001, TestSize.Level1)
965 {
966 ASSERT_EQ(DLP_SERVICE_ERROR_PERMISSION_DENY, DlpPermissionKit::ClearUnreservedSandbox());
967 }
968
969 class CbCustomizeTest : public DlpSandboxChangeCallbackCustomize {
970 public:
CbCustomizeTest()971 explicit CbCustomizeTest() {}
~CbCustomizeTest()972 ~CbCustomizeTest() {}
973
DlpSandboxChangeCallback(DlpSandboxCallbackInfo & result)974 virtual void DlpSandboxChangeCallback(DlpSandboxCallbackInfo& result) {}
975 };
976
977 class TestOpenDlpFileCallbackCustomize : public OpenDlpFileCallbackCustomize {
978 public:
TestOpenDlpFileCallbackCustomize()979 explicit TestOpenDlpFileCallbackCustomize() {}
~TestOpenDlpFileCallbackCustomize()980 ~TestOpenDlpFileCallbackCustomize() {}
981
OnOpenDlpFile(OpenDlpFileCallbackInfo & result)982 void OnOpenDlpFile(OpenDlpFileCallbackInfo &result)
983 {
984 called = true;
985 }
986 bool called = false;
987 };
988
989 /**
990 * @tc.name: RegisterDlpSandboxChangeCallback001
991 * @tc.desc: RegisterDlpSandboxChangeCallback.
992 * @tc.type: FUNC
993 * @tc.require: DTS2023040302317
994 */
995 HWTEST_F(DlpPermissionKitTest, RegisterDlpSandboxChangeCallback001, TestSize.Level1)
996 {
997 const std::shared_ptr<DlpSandboxChangeCallbackCustomize> callbackPtr = std::make_shared<CbCustomizeTest>();
998 int32_t res = DlpPermissionKit::RegisterDlpSandboxChangeCallback(callbackPtr);
999 ASSERT_EQ(DLP_OK, res);
1000 res = DlpPermissionKit::RegisterDlpSandboxChangeCallback(callbackPtr);
1001 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, res);
1002 bool result;
1003 SandboxInfo sandboxInfo;
1004 ASSERT_EQ(DLP_OK,
1005 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
1006 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
1007 res = DlpPermissionKit::UnregisterDlpSandboxChangeCallback(result);
1008 ASSERT_EQ(DLP_OK, res);
1009 }
1010
1011 /**
1012 * @tc.name: RegisterDlpSandboxChangeCallback002
1013 * @tc.desc: RegisterDlpSandboxChangeCallback.
1014 * @tc.type: FUNC
1015 * @tc.require: DTS2023040302317
1016 */
1017 HWTEST_F(DlpPermissionKitTest, RegisterDlpSandboxChangeCallback002, TestSize.Level1)
1018 {
1019 int32_t res = DlpPermissionKit::RegisterDlpSandboxChangeCallback(nullptr);
1020 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, res);
1021 bool result;
1022 res = DlpPermissionKit::UnregisterDlpSandboxChangeCallback(result);
1023 ASSERT_EQ(DLP_CALLBACK_PARAM_INVALID, res);
1024 }
1025
1026 /**
1027 * @tc.name: RegisterDlpSandboxChangeCallback003
1028 * @tc.desc: RegisterDlpSandboxChangeCallback.
1029 * @tc.type: FUNC
1030 * @tc.require: DTS2023040302317
1031 */
1032 HWTEST_F(DlpPermissionKitTest, RegisterDlpSandboxChangeCallback003, TestSize.Level1)
1033 {
1034 bool result;
1035 int32_t res = DlpPermissionKit::UnregisterDlpSandboxChangeCallback(result);
1036 ASSERT_EQ(DLP_CALLBACK_PARAM_INVALID, res);
1037 }
1038
1039 /**
1040 * @tc.name: DlpSandboxChangeCallback001
1041 * @tc.desc: DlpSandboxChangeCallback function test.
1042 * @tc.type: FUNC
1043 * @tc.require: DTS2023040302317
1044 */
1045 HWTEST_F(DlpPermissionKitTest, DlpSandboxChangeCallback001, TestSize.Level1)
1046 {
1047 std::shared_ptr<CbCustomizeTest> callbackPtr = nullptr;
1048 std::shared_ptr<DlpSandboxChangeCallback> callback = std::make_shared<DlpSandboxChangeCallback>(
1049 callbackPtr);
1050 ASSERT_NE(callback, nullptr);
1051 DlpSandboxCallbackInfo result;
1052 callback->DlpSandboxStateChangeCallback(result);
1053 ASSERT_EQ(callback->customizedCallback_, nullptr);
1054 }
1055
1056 /**
1057 * @tc.name: DlpSandboxChangeCallback002
1058 * @tc.desc: DlpSandboxChangeCallback function test.
1059 * @tc.type: FUNC
1060 * @tc.require: DTS2023040302317
1061 */
1062 HWTEST_F(DlpPermissionKitTest, DlpSandboxChangeCallback002, TestSize.Level1)
1063 {
1064 std::shared_ptr<CbCustomizeTest> callbackPtr = std::make_shared<CbCustomizeTest>();
1065 std::shared_ptr<DlpSandboxChangeCallback> callback = std::make_shared<DlpSandboxChangeCallback>(callbackPtr);
1066 ASSERT_NE(callback, nullptr);
1067 DlpSandboxCallbackInfo result;
1068 callback->DlpSandboxStateChangeCallback(result);
1069 ASSERT_NE(callback->customizedCallback_, nullptr);
1070 callback->Stop();
1071 }
1072
1073 /**
1074 * @tc.name: RegisterOpenDlpFileCallback001
1075 * @tc.desc: RegisterOpenDlpFileCallback.
1076 * @tc.type: FUNC
1077 * @tc.require:
1078 */
1079 HWTEST_F(DlpPermissionKitTest, RegisterOpenDlpFileCallback001, TestSize.Level1)
1080 {
1081 int32_t uid = getuid();
1082 AccessTokenID tokenId = GetSelfTokenID();
1083 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
1084
1085 const std::shared_ptr<TestOpenDlpFileCallbackCustomize> callbackPtr =
1086 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1087 ASSERT_NE(callbackPtr, nullptr);
1088 EXPECT_EQ(DLP_OK, DlpPermissionKit::RegisterOpenDlpFileCallback(callbackPtr));
1089 SandboxInfo sandboxInfo;
1090 EXPECT_EQ(DLP_OK,
1091 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
1092 usleep(50000); // sleep 50ms
1093 EXPECT_EQ(true, callbackPtr->called);
1094 EXPECT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
1095 EXPECT_EQ(DLP_OK, DlpPermissionKit::UnRegisterOpenDlpFileCallback(callbackPtr));
1096
1097 TestRecoverProcessInfo(uid, tokenId);
1098 }
1099
1100 /**
1101 * @tc.name: RegisterOpenDlpFileCallback002
1102 * @tc.desc: RegisterOpenDlpFileCallback.
1103 * @tc.type: FUNC
1104 * @tc.require:
1105 */
1106 HWTEST_F(DlpPermissionKitTest, RegisterOpenDlpFileCallback002, TestSize.Level1)
1107 {
1108 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::RegisterOpenDlpFileCallback(nullptr));
1109 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::UnRegisterOpenDlpFileCallback(nullptr));
1110 }
1111
1112 /**
1113 * @tc.name: RegisterOpenDlpFileCallback003
1114 * @tc.desc: RegisterOpenDlpFileCallback.
1115 * @tc.type: FUNC
1116 * @tc.require:
1117 */
1118 HWTEST_F(DlpPermissionKitTest, RegisterOpenDlpFileCallback003, TestSize.Level1)
1119 {
1120 int32_t uid = getuid();
1121 AccessTokenID tokenId = GetSelfTokenID();
1122 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
1123
1124 const std::shared_ptr<TestOpenDlpFileCallbackCustomize> callbackPtr =
1125 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1126 ASSERT_NE(callbackPtr, nullptr);
1127 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::UnRegisterOpenDlpFileCallback(callbackPtr));
1128
1129 TestRecoverProcessInfo(uid, tokenId);
1130 }
1131
1132 /**
1133 * @tc.name: RegisterOpenDlpFileCallback004
1134 * @tc.desc: RegisterOpenDlpFileCallback.
1135 * @tc.type: FUNC
1136 * @tc.require:
1137 */
1138 HWTEST_F(DlpPermissionKitTest, RegisterOpenDlpFileCallback004, TestSize.Level1)
1139 {
1140 int32_t uid = getuid();
1141 AccessTokenID tokenId = GetSelfTokenID();
1142 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
1143
1144 std::vector<std::shared_ptr<TestOpenDlpFileCallbackCustomize>> ptrList;
1145 const std::shared_ptr<TestOpenDlpFileCallbackCustomize> callbackPtr =
1146 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1147 ASSERT_NE(callbackPtr, nullptr);
1148 EXPECT_EQ(DLP_OK, DlpPermissionKit::RegisterOpenDlpFileCallback(callbackPtr));
1149 ptrList.emplace_back(callbackPtr);
1150 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::RegisterOpenDlpFileCallback(callbackPtr));
1151 for (int32_t i = 0; i < 99; i++) {
1152 const std::shared_ptr<TestOpenDlpFileCallbackCustomize> callback =
1153 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1154 ASSERT_NE(callback, nullptr);
1155 EXPECT_EQ(DLP_OK, DlpPermissionKit::RegisterOpenDlpFileCallback(callback));
1156 ptrList.emplace_back(callback);
1157 }
1158 const std::shared_ptr<TestOpenDlpFileCallbackCustomize> callback =
1159 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1160 ASSERT_NE(callback, nullptr);
1161 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::RegisterOpenDlpFileCallback(callback));
1162 ptrList.emplace_back(callback);
1163 for (auto& iter : ptrList) {
1164 DlpPermissionKit::UnRegisterOpenDlpFileCallback(iter);
1165 }
1166
1167 TestRecoverProcessInfo(uid, tokenId);
1168 }
1169
1170 /**
1171 * @tc.name: OpenDlpFileCallback001
1172 * @tc.desc: OpenDlpFileCallback function test.
1173 * @tc.type: FUNC
1174 * @tc.require:
1175 */
1176 HWTEST_F(DlpPermissionKitTest, OpenDlpFileCallback001, TestSize.Level1)
1177 {
1178 std::shared_ptr<TestOpenDlpFileCallbackCustomize> callbackPtr = nullptr;
1179 std::shared_ptr<OpenDlpFileCallback> callback = std::make_shared<OpenDlpFileCallback>(callbackPtr);
1180 ASSERT_NE(callback, nullptr);
1181 OpenDlpFileCallbackInfo result;
1182 callback->OnOpenDlpFile(result);
1183 ASSERT_EQ(callback->customizedCallback_, nullptr);
1184 }
1185
1186 /**
1187 * @tc.name: OpenDlpFileCallback002
1188 * @tc.desc: OpenDlpFileCallback function test.
1189 * @tc.type: FUNC
1190 * @tc.require:
1191 */
1192 HWTEST_F(DlpPermissionKitTest, OpenDlpFileCallback002, TestSize.Level1)
1193 {
1194 std::shared_ptr<TestOpenDlpFileCallbackCustomize> callbackPtr =
1195 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1196 std::shared_ptr<OpenDlpFileCallback> callback = std::make_shared<OpenDlpFileCallback>(callbackPtr);
1197 ASSERT_NE(callback, nullptr);
1198 OpenDlpFileCallbackInfo result;
1199 callback->OnOpenDlpFile(result);
1200 EXPECT_EQ(true, callbackPtr->called);
1201 ASSERT_NE(callback->customizedCallback_, nullptr);
1202 }
1203
1204 /**
1205 * @tc.name: OnGenerateDlpCertificate002
1206 * @tc.desc: OnGenerateDlpCertificate function test.
1207 * @tc.type: FUNC
1208 * @tc.require: DTS2023040302317
1209 */
1210 HWTEST_F(DlpPermissionKitTest, OnGenerateDlpCertificate002, TestSize.Level1)
1211 {
1212 std::vector<uint8_t> cert;
1213 auto generateDlpCertificateCallback = std::make_shared<ClientGenerateDlpCertificateCallback>();
1214 generateDlpCertificateCallback->OnGenerateDlpCertificate(0, cert);
1215 ASSERT_EQ(0, generateDlpCertificateCallback->result_);
1216 PermissionPolicy policy;
1217 auto parseDlpCertificateCallback = std::make_shared<ClientParseDlpCertificateCallback>();
1218 parseDlpCertificateCallback->OnParseDlpCertificate(0, policy, {});
1219 ASSERT_EQ(0, generateDlpCertificateCallback->result_);
1220 }
1221
1222 /**
1223 * @tc.name: ParseDlpCertificate002
1224 * @tc.desc: ParseDlpCertificate abnormal input test.
1225 * @tc.type: FUNC
1226 * @tc.require:AR000GVIG0
1227 */
1228 HWTEST_F(DlpPermissionKitTest, ParseDlpCertificate002, TestSize.Level1)
1229 {
1230 sptr<CertParcel> certParcel = new (std::nothrow) CertParcel();
1231 certParcel->offlineCert.push_back(1);
1232 PermissionPolicy policy;
1233 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID,
1234 DlpPermissionKit::ParseDlpCertificate(certParcel, policy, "", true));
1235
1236 policy.ownerAccount_ = "test";
1237 policy.ownerAccountId_ = "test";
1238 policy.ownerAccountType_ = CLOUD_ACCOUNT;
1239 std::vector<AuthUserInfo> authUsers_;
1240 AuthUserInfo info;
1241 info.authAccount = "test";
1242 info.authPerm = FULL_CONTROL;
1243 info.permExpiryTime = 1784986283;
1244 info.authAccountType = CLOUD_ACCOUNT;
1245 authUsers_.push_back(info);
1246 uint8_t* iv = new (std::nothrow) uint8_t[16];
1247 uint8_t* aseKey = new (std::nothrow) uint8_t[16];
1248 policy.SetIv(iv, 16);
1249 policy.SetAeskey(aseKey, 16);
1250 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID,
1251 DlpPermissionKit::ParseDlpCertificate(certParcel, policy, "", true));
1252 delete[] iv;
1253 delete[] aseKey;
1254 }
1255
1256 /**
1257 * @tc.name: GetDLPFileVisitRecord001
1258 * @tc.desc: GetDLPFileVisitRecord.
1259 * @tc.type: FUNC
1260 * @tc.require: AR000I38MV
1261 */
1262 HWTEST_F(DlpPermissionKitTest, GetDLPFileVisitRecord001, TestSize.Level1)
1263 {
1264 int32_t uid = getuid();
1265 AccessTokenID selfTokenId = GetSelfTokenID();
1266 std::vector<VisitedDLPFileInfo> infoVec;
1267 SandboxInfo sandboxInfo;
1268 ASSERT_EQ(DLP_OK,
1269 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
1270 ASSERT_TRUE(sandboxInfo.appIndex != 0);
1271 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
1272 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
1273 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDLPFileVisitRecord(infoVec));
1274 DLP_LOG_INFO(LABEL, "GetDLPFileVisitRecord size:%{public}zu", infoVec.size());
1275 ASSERT_TRUE(1 == infoVec.size());
1276 setuid(g_selfUid);
1277 infoVec.clear();
1278 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDLPFileVisitRecord(infoVec));
1279 ASSERT_TRUE(0 == infoVec.size());
1280 AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, DLP_MANAGER_APP, sandboxInfo.appIndex);
1281 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
1282 ASSERT_EQ(DLP_SERVICE_ERROR_API_NOT_FOR_SANDBOX_ERROR, DlpPermissionKit::GetDLPFileVisitRecord(infoVec));
1283 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
1284 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
1285
1286 TestRecoverProcessInfo(uid, selfTokenId);
1287 }
1288
1289 /* *
1290 * @tc.name: SetSandboxAppConfig001
1291 * @tc.desc: SetSandboxAppConfig001 test.
1292 * @tc.type: FUNC
1293 * @tc.require: SR000IEUH3
1294 */
1295 HWTEST_F(DlpPermissionKitTest, SetSandboxAppConfig001, TestSize.Level1)
1296 {
1297 int32_t uid = getuid();
1298 AccessTokenID tokenId = GetSelfTokenID();
1299 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
1300 std::string config = "test";
1301 ASSERT_EQ(DLP_OK, DlpPermissionKit::SetSandboxAppConfig(config));
1302 std::string configGet;
1303 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetSandboxAppConfig(configGet));
1304 ASSERT_EQ(DLP_OK, DlpPermissionKit::CleanSandboxAppConfig());
1305 TestRecoverProcessInfo(uid, tokenId);
1306 }
1307
1308 /* *
1309 * @tc.name: SetMDMPolicy001
1310 * @tc.desc: SetMDMPolicy001 abnormal input test.
1311 * @tc.type: FUNC
1312 * @tc.require: SR000IEUHS
1313 */
1314 HWTEST_F(DlpPermissionKitTest, SetMDMPolicy001, TestSize.Level1)
1315 {
1316 seteuid(1000);
1317 std::vector<std::string> appIdList;
1318 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::SetMDMPolicy(appIdList));
1319 appIdList.push_back("@ohos.test.bundleName1_QG9ob3MudGVzdC5idW5kbGVOYW1lMQ==");
1320 ASSERT_EQ(DLP_SERVICE_ERROR_PERMISSION_DENY, DlpPermissionKit::SetMDMPolicy(appIdList));
1321 seteuid(3057);
1322 ASSERT_EQ(DLP_OK, DlpPermissionKit::SetMDMPolicy(appIdList));
1323 appIdList.push_back("");
1324 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::SetMDMPolicy(appIdList));
1325 appIdList.pop_back();
1326 appIdList.push_back("@ohos.test.bundleName2_QG9ob3MudGVzdC5idW5kbGVOYW1lMg==");
1327 appIdList.push_back("@ohos.test.bundleName3_QG9ob3MudGVzdC5idW5kbGVOYW1lMw==");
1328 appIdList.push_back(
1329 "@ohos.test.bundleNameWhichIsLongerThanThe200digitsLengthLimit\
1330 123456789123456789123456789_QG9ob3MudGVzdC5idW5kbGVOYW1lV2hpY2hJc0xvbmdlclRoYW5UaGUyMDBkaWdpdHNMZW5nd\
1331 GhMaW1pdDEyMzQ1Njc4OTEyMzQ1Njc4OTEyMzQ1Njc4OQ==");
1332 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::SetMDMPolicy(appIdList));
1333 appIdList.pop_back();
1334 for (int i = 0; i < 250; i++) {
1335 appIdList.push_back("@ohos.test.bundleName1_QG9ob3MudGVzdC5idW5kbGVOYW1lMQ==");
1336 }
1337 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::SetMDMPolicy(appIdList));
1338 appIdList.clear();
1339 }
1340
1341 /* *
1342 * @tc.name: GetMDMPolicy001
1343 * @tc.desc: GetMDMPolicy001S abnormal input test.
1344 * @tc.type: FUNC
1345 * @tc.require: SR000IEUHS
1346 */
1347 HWTEST_F(DlpPermissionKitTest, GetMDMPolicy001, TestSize.Level1)
1348 {
1349 seteuid(1000);
1350 std::vector<std::string> appIdList;
1351 ASSERT_EQ(DLP_SERVICE_ERROR_PERMISSION_DENY, DlpPermissionKit::GetMDMPolicy(appIdList));
1352 seteuid(3057);
1353 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetMDMPolicy(appIdList));
1354 appIdList.clear();
1355 }
1356
1357 /* *
1358 * @tc.name: RemoveMDMPolicy001
1359 * @tc.desc: RemoveMDMPolicy001 abnormal input test.
1360 * @tc.type: FUNC
1361 * @tc.require: SR000IEUHS
1362 */
1363 HWTEST_F(DlpPermissionKitTest, RemoveMDMPolicy001, TestSize.Level1)
1364 {
1365 seteuid(1000);
1366 ASSERT_EQ(DLP_SERVICE_ERROR_PERMISSION_DENY, DlpPermissionKit::RemoveMDMPolicy());
1367 seteuid(3057);
1368 ASSERT_EQ(DLP_OK, DlpPermissionKit::RemoveMDMPolicy());
1369 }
1370 } // namespace DlpPermission
1371 } // namespace Security
1372 } // namespace OHOS
1373