From bfc83d6f9c5d45384751931e60836a02d719ba5e Mon Sep 17 00:00:00 2001 From: "yang.yang" Date: Thu, 7 Aug 2025 22:24:13 +0800 Subject: [PATCH] add permission check before Signed-off-by: yang.yang Change-Id: I5969b3522d5b76e6e4ed45dcec8f7ae70b1e37a5 --- .../include/appmgr/ams_mgr_interface.h | 6 +++++ .../include/appmgr/ams_mgr_proxy.h | 2 ++ .../app_manager/include/appmgr/ams_mgr_stub.h | 1 + .../include/appmgr/app_mgr_client.h | 2 ++ .../app_manager/src/appmgr/ams_mgr_proxy.cpp | 25 ++++++++++++++++++ .../app_manager/src/appmgr/ams_mgr_stub.cpp | 19 ++++++++++++++ .../app_manager/src/appmgr/app_mgr_client.cpp | 15 +++++++++++ .../include/ability_manager_service.h | 2 ++ services/abilitymgr/include/app_scheduler.h | 1 + .../src/ability_manager_service.cpp | 26 +++++++++++++++---- services/abilitymgr/src/app_scheduler.cpp | 9 +++++++ services/appmgr/include/ams_mgr_scheduler.h | 2 ++ .../appmgr/include/app_mgr_service_inner.h | 10 +++---- services/appmgr/src/ams_mgr_scheduler.cpp | 9 +++++++ .../amsmgrscheduler_fuzzer.cpp | 1 + .../src/appmgr/mock_app_scheduler.cpp | 6 +++++ .../ability_manager_service_second_test.cpp | 14 ++++++++++ .../mock/src/mock_app_scheduler.cpp | 6 +++++ .../ams_mgr_scheduler_test.cpp | 20 ++++++++++++++ .../mock/src/mock_app_scheduler.cpp | 6 +++++ .../app_mgr_client_test.cpp | 20 ++++++++++++++ .../mock/include/mock_app_scheduler.h | 2 ++ .../app_scheduler_test/app_mgr_client_mock.h | 1 + .../app_scheduler_test/app_scheduler_test.cpp | 21 +++++++++++++++ 24 files changed, 216 insertions(+), 10 deletions(-) diff --git a/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_interface.h b/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_interface.h index f262db3cdb6..d2d3c1e1ce3 100644 --- a/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_interface.h +++ b/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_interface.h @@ -520,6 +520,11 @@ public: return ERR_OK; } + virtual int32_t VerifyKillProcessPermission(const std::string &bundleName) + { + return ERR_OK; + } + enum class Message { LOAD_ABILITY = 0, TERMINATE_ABILITY, @@ -583,6 +588,7 @@ public: PRELOAD_APPLICATION_BY_PHASE, NOTIFY_PRELOAD_ABILITY_STATE_CHANGED, CHECK_PRELOAD_APP_RECORD_EXIST, + VERIFY_KILL_PROCESS_PERMISSION, // Add enumeration values above END }; diff --git a/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_proxy.h b/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_proxy.h index 432c6fdb494..5f01a91819c 100644 --- a/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_proxy.h +++ b/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_proxy.h @@ -454,6 +454,8 @@ public: virtual int32_t CheckPreloadAppRecordExist(const std::string &bundleName, int32_t userId, int32_t appIndex, bool &isExist) override; + virtual int32_t VerifyKillProcessPermission(const std::string &bundleName) override; + private: bool WriteInterfaceToken(MessageParcel &data); int32_t SendTransactCmd(uint32_t code, MessageParcel &data, MessageParcel &reply, MessageOption &option); diff --git a/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_stub.h b/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_stub.h index 35bee584cb7..9ddbb2efcef 100644 --- a/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_stub.h +++ b/interfaces/inner_api/app_manager/include/appmgr/ams_mgr_stub.h @@ -112,6 +112,7 @@ private: int32_t HandlePreloadApplicationByPhase(MessageParcel &data, MessageParcel &reply); int32_t HandleNotifyPreloadAbilityStateChanged(MessageParcel &data, MessageParcel &reply); int32_t HandleCheckPreloadAppRecordExist(MessageParcel &data, MessageParcel &reply); + int32_t HandleVerifyKillProcessPermission(MessageParcel &data, MessageParcel &reply); DISALLOW_COPY_AND_MOVE(AmsMgrStub); }; } // namespace AppExecFwk diff --git a/interfaces/inner_api/app_manager/include/appmgr/app_mgr_client.h b/interfaces/inner_api/app_manager/include/appmgr/app_mgr_client.h index 89149bd4b8d..6f48120bd71 100644 --- a/interfaces/inner_api/app_manager/include/appmgr/app_mgr_client.h +++ b/interfaces/inner_api/app_manager/include/appmgr/app_mgr_client.h @@ -1016,6 +1016,8 @@ public: int32_t QueryRunningSharedBundles(pid_t pid, std::map &sharedBundles); + int32_t VerifyKillProcessPermission(const std::string &bundleName) const; + private: void SetServiceManager(std::unique_ptr serviceMgr); /** diff --git a/interfaces/inner_api/app_manager/src/appmgr/ams_mgr_proxy.cpp b/interfaces/inner_api/app_manager/src/appmgr/ams_mgr_proxy.cpp index efeb449774e..a0f1af9ec0a 100644 --- a/interfaces/inner_api/app_manager/src/appmgr/ams_mgr_proxy.cpp +++ b/interfaces/inner_api/app_manager/src/appmgr/ams_mgr_proxy.cpp @@ -1646,5 +1646,30 @@ int32_t AmsMgrProxy::CheckPreloadAppRecordExist(const std::string &bundleName, i isExist = reply.ReadBool(); return NO_ERROR; } + +int32_t AmsMgrProxy::VerifyKillProcessPermission(const std::string &bundleName) +{ + TAG_LOGD(AAFwkTag::APPMGR, "called"); + MessageParcel data; + if (!WriteInterfaceToken(data)) { + TAG_LOGE(AAFwkTag::APPMGR, "Write token failed"); + return ERR_INVALID_DATA; + } + + if (bundleName.empty() || !data.WriteString(bundleName)) { + TAG_LOGE(AAFwkTag::APPMGR, "Write bundleName failed"); + return ERR_INVALID_DATA; + } + + MessageParcel reply; + MessageOption option(MessageOption::TF_SYNC); + auto ret = SendTransactCmd(static_cast(IAmsMgr::Message::VERIFY_KILL_PROCESS_PERMISSION), + data, reply, option); + if (ret != NO_ERROR) { + TAG_LOGE(AAFwkTag::APPMGR, "Send request err: %{public}d", ret); + return ret; + } + return reply.ReadInt32(); +} } // namespace AppExecFwk } // namespace OHOS diff --git a/interfaces/inner_api/app_manager/src/appmgr/ams_mgr_stub.cpp b/interfaces/inner_api/app_manager/src/appmgr/ams_mgr_stub.cpp index 40aa1fc3bec..92ee7742e45 100644 --- a/interfaces/inner_api/app_manager/src/appmgr/ams_mgr_stub.cpp +++ b/interfaces/inner_api/app_manager/src/appmgr/ams_mgr_stub.cpp @@ -235,6 +235,8 @@ int32_t AmsMgrStub::OnRemoteRequestInnerFourth(uint32_t code, MessageParcel &dat return HandleNotifyPreloadAbilityStateChanged(data, reply); case static_cast(IAmsMgr::Message::CHECK_PRELOAD_APP_RECORD_EXIST): return HandleCheckPreloadAppRecordExist(data, reply); + case static_cast(IAmsMgr::Message::VERIFY_KILL_PROCESS_PERMISSION): + return HandleVerifyKillProcessPermission(data, reply); } return AAFwk::ERR_CODE_NOT_EXIST; } @@ -1032,5 +1034,22 @@ int32_t AmsMgrStub::HandleCheckPreloadAppRecordExist(MessageParcel &data, Messag } return NO_ERROR; } + +int32_t AmsMgrStub::HandleVerifyKillProcessPermission(MessageParcel &data, MessageParcel &reply) +{ + TAG_LOGD(AAFwkTag::APPMGR, "called"); + auto bundleName = data.ReadString(); + if (bundleName.empty()) { + TAG_LOGE(AAFwkTag::APPMGR, "Bundle name is empty."); + return ERR_INVALID_VALUE; + } + + auto result = VerifyKillProcessPermission(bundleName); + if (!reply.WriteInt32(result)) { + TAG_LOGE(AAFwkTag::APPMGR, "Fail to write result."); + return ERR_INVALID_VALUE; + } + return NO_ERROR; +} } // namespace AppExecFwk } // namespace OHOS diff --git a/interfaces/inner_api/app_manager/src/appmgr/app_mgr_client.cpp b/interfaces/inner_api/app_manager/src/appmgr/app_mgr_client.cpp index e27824f685c..cfdd09333a2 100644 --- a/interfaces/inner_api/app_manager/src/appmgr/app_mgr_client.cpp +++ b/interfaces/inner_api/app_manager/src/appmgr/app_mgr_client.cpp @@ -1717,5 +1717,20 @@ int32_t AppMgrClient::QueryRunningSharedBundles(pid_t pid, std::mapQueryRunningSharedBundles(pid, sharedBundles); } + +int32_t AppMgrClient::VerifyKillProcessPermission(const std::string &bundleName) const +{ + sptr service = iface_cast(mgrHolder_->GetRemoteObject()); + if (service == nullptr) { + TAG_LOGE(AAFwkTag::APPMGR, "Service is nullptr."); + return ERROR_SERVICE_NOT_CONNECTED; + } + sptr amsService = service->GetAmsMgr(); + if (amsService == nullptr) { + TAG_LOGE(AAFwkTag::APPMGR, "amsService is nullptr."); + return ERROR_SERVICE_NOT_CONNECTED; + } + return amsService->VerifyKillProcessPermission(bundleName); +} } // namespace AppExecFwk } // namespace OHOS diff --git a/services/abilitymgr/include/ability_manager_service.h b/services/abilitymgr/include/ability_manager_service.h index 01a1152b878..36bb4f620fe 100644 --- a/services/abilitymgr/include/ability_manager_service.h +++ b/services/abilitymgr/include/ability_manager_service.h @@ -2392,6 +2392,8 @@ private: int CheckPermissionForUIService(AppExecFwk::ExtensionAbilityType extensionType, const Want &want, const AbilityRequest &abilityRequest); + bool CheckPermissionForKillCollaborator(); + bool GetValidDataAbilityUri(const std::string &abilityInfoUri, std::string &adjustUri); int GenerateExtensionAbilityRequest(const Want &want, AbilityRequest &request, diff --git a/services/abilitymgr/include/app_scheduler.h b/services/abilitymgr/include/app_scheduler.h index d8722122d0b..976b318b63c 100644 --- a/services/abilitymgr/include/app_scheduler.h +++ b/services/abilitymgr/include/app_scheduler.h @@ -619,6 +619,7 @@ public: int32_t CheckPreloadAppRecordExist(const std::string &bundleName, int32_t userId, int32_t appIndex, bool &isExist); + int32_t VerifyKillProcessPermission(const std::string &bundleName) const; protected: /** * OnAbilityRequestDone, app manager service call this interface after ability request done. diff --git a/services/abilitymgr/src/ability_manager_service.cpp b/services/abilitymgr/src/ability_manager_service.cpp index dc78c99261c..b86ae483326 100644 --- a/services/abilitymgr/src/ability_manager_service.cpp +++ b/services/abilitymgr/src/ability_manager_service.cpp @@ -7609,10 +7609,30 @@ void AbilityManagerService::ReleaseAbilityTokenMap(const sptr &to } } +bool AbilityManagerService::CheckPermissionForKillCollaborator() +{ + // check permission first + auto isSaCall = PermissionVerification::GetInstance()->IsSACall(); + auto isShellCall = PermissionVerification::GetInstance()->IsShellCall(); + auto isCallingPerm = PermissionVerification::GetInstance()->VerifyCallingPermission( + PermissionConstants::PERMISSION_KILL_APP_PROCESSES); + if (!isSaCall && !isShellCall && !isCallingPerm) { + return false; + } + return true; +} + int AbilityManagerService::KillProcess(const std::string &bundleName, bool clearPageStack, int32_t appIndex) { TAG_LOGI(AAFwkTag::ABILITYMGR, "Kill process, bundleName: %{public}s, clearPageStack: %{public}d", bundleName.c_str(), clearPageStack); + // check permission first + if (DelayedSingleton::GetInstance()->VerifyKillProcessPermission(bundleName) != ERR_OK + && !CheckPermissionForKillCollaborator()) { + TAG_LOGE(AAFwkTag::ABILITYMGR, "KillProcess permission verification fail"); + return ERR_PERMISSION_DENIED; + } + auto bms = AbilityUtil::GetBundleManagerHelper(); CHECK_POINTER_AND_RETURN(bms, KILL_PROCESS_FAILED); int32_t userId = GetUserId(); @@ -7649,11 +7669,7 @@ int32_t AbilityManagerService::KillProcessForCollaborator(int32_t collaboratorTy TAG_LOGE(AAFwkTag::ABILITYMGR, "Collaborator null"); return KILL_PROCESS_FAILED; } - auto isSaCall = PermissionVerification::GetInstance()->IsSACall(); - auto isShellCall = PermissionVerification::GetInstance()->IsShellCall(); - auto isCallingPerm = PermissionVerification::GetInstance()->VerifyCallingPermission( - PermissionConstants::PERMISSION_KILL_APP_PROCESSES); - if (!isCallingPerm && !isSaCall && !isShellCall) { + if (!CheckPermissionForKillCollaborator()) { TAG_LOGE(AAFwkTag::APPMGR, "KillProcess permission verification fail"); return ERR_PERMISSION_DENIED; } diff --git a/services/abilitymgr/src/app_scheduler.cpp b/services/abilitymgr/src/app_scheduler.cpp index 201fbe30f21..ac38cf0ac84 100644 --- a/services/abilitymgr/src/app_scheduler.cpp +++ b/services/abilitymgr/src/app_scheduler.cpp @@ -779,5 +779,14 @@ int32_t AppScheduler::CheckPreloadAppRecordExist(const std::string &bundleName, } return IN_PROCESS_CALL(appMgrClient_->CheckPreloadAppRecordExist(bundleName, userId, appIndex, isExist)); } + +int32_t AppScheduler::VerifyKillProcessPermission(const std::string &bundleName) const +{ + if (!appMgrClient_) { + TAG_LOGE(AAFwkTag::ABILITYMGR, "null appMgrClient"); + return INNER_ERR; + } + return appMgrClient_->VerifyKillProcessPermission(bundleName); +} } // namespace AAFwk } // namespace OHOS diff --git a/services/appmgr/include/ams_mgr_scheduler.h b/services/appmgr/include/ams_mgr_scheduler.h index c25df4d8e00..5daa110dacf 100644 --- a/services/appmgr/include/ams_mgr_scheduler.h +++ b/services/appmgr/include/ams_mgr_scheduler.h @@ -469,6 +469,8 @@ public: virtual int32_t CheckPreloadAppRecordExist(const std::string &bundleName, int32_t userId, int32_t appIndex, bool &isExist) override; + virtual int32_t VerifyKillProcessPermission(const std::string &bundleName) override; + private: /** * @brief Judge whether the application service is ready. diff --git a/services/appmgr/include/app_mgr_service_inner.h b/services/appmgr/include/app_mgr_service_inner.h index 3aa160cf0ff..bea53b23e72 100644 --- a/services/appmgr/include/app_mgr_service_inner.h +++ b/services/appmgr/include/app_mgr_service_inner.h @@ -1574,6 +1574,11 @@ public: virtual int32_t QueryRunningSharedBundles(pid_t pid, std::map &sharedBundles); + /** + * Verify whether the caller has the permission to kill processes of a bundleName. + */ + int VerifyKillProcessPermission(const std::string &bundleName) const; + private: int32_t ForceKillApplicationInner(const std::string &bundleName, const int userId = -1, const int appIndex = 0); @@ -1792,11 +1797,6 @@ private: static void PointerDeviceEventCallback(const char *key, const char *value, void *context); - /** - * Verify whether the caller has the permission to kill processes of a bundleName. - */ - int VerifyKillProcessPermission(const std::string &bundleName) const; - int32_t VerifyKillProcessPermissionCommon() const; void ApplicationTerminatedSendProcessEvent(const std::shared_ptr &appRecord); diff --git a/services/appmgr/src/ams_mgr_scheduler.cpp b/services/appmgr/src/ams_mgr_scheduler.cpp index c2c35f0cc44..92cc246bf79 100644 --- a/services/appmgr/src/ams_mgr_scheduler.cpp +++ b/services/appmgr/src/ams_mgr_scheduler.cpp @@ -877,5 +877,14 @@ int32_t AmsMgrScheduler::CheckPreloadAppRecordExist(const std::string &bundleNam isExist = amsMgrServiceInner_->CheckPreloadAppRecordExist(bundleName, userId, appIndex); return ERR_OK; } + +int32_t AmsMgrScheduler::VerifyKillProcessPermission(const std::string &bundleName) +{ + if (!IsReady()) { + TAG_LOGE(AAFwkTag::APPMGR, "not ready"); + return AAFwk::ERR_APP_MGR_SERVICE_NOT_READY; + } + return static_cast(amsMgrServiceInner_->VerifyKillProcessPermission(bundleName)); +} } // namespace AppExecFwk } // namespace OHOS diff --git a/test/fuzztest/amsmgrscheduler_fuzzer/amsmgrscheduler_fuzzer.cpp b/test/fuzztest/amsmgrscheduler_fuzzer/amsmgrscheduler_fuzzer.cpp index ed18c7d9e7a..f3f7fe30040 100755 --- a/test/fuzztest/amsmgrscheduler_fuzzer/amsmgrscheduler_fuzzer.cpp +++ b/test/fuzztest/amsmgrscheduler_fuzzer/amsmgrscheduler_fuzzer.cpp @@ -105,6 +105,7 @@ bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) amsMgrScheduler->AbilityAttachTimeOut(token); amsMgrScheduler->PrepareTerminate(token); amsMgrScheduler->KillApplication(bundleName); + amsMgrScheduler->VerifyKillProcessPermission(bundleName); int uid = static_cast(GetU32Data(data)); amsMgrScheduler->KillApplicationByUid(bundleName, uid); amsMgrScheduler->KillApplicationSelf(); diff --git a/test/mock/services_abilitymgr_test/libs/appexecfwk_core/src/appmgr/mock_app_scheduler.cpp b/test/mock/services_abilitymgr_test/libs/appexecfwk_core/src/appmgr/mock_app_scheduler.cpp index 22b55ad7549..25e8f2e6f96 100644 --- a/test/mock/services_abilitymgr_test/libs/appexecfwk_core/src/appmgr/mock_app_scheduler.cpp +++ b/test/mock/services_abilitymgr_test/libs/appexecfwk_core/src/appmgr/mock_app_scheduler.cpp @@ -190,6 +190,12 @@ bool AppScheduler::IsMemorySizeSufficent() const return true; } +int32_t AppScheduler::VerifyKillProcessPermission(const std::string &bundleName) const +{ + TAG_LOGI(AAFwkTag::TEST, "Test AppScheduler::VerifyKillProcessPermission()"); + return ERR_OK; +} + void AppScheduler::StartSpecifiedAbility(const AAFwk::Want&, const AppExecFwk::AbilityInfo&, int32_t) {} diff --git a/test/unittest/ability_manager_service_second_test/ability_manager_service_second_test.cpp b/test/unittest/ability_manager_service_second_test/ability_manager_service_second_test.cpp index 4cd845f1704..b9e3189e3ed 100644 --- a/test/unittest/ability_manager_service_second_test/ability_manager_service_second_test.cpp +++ b/test/unittest/ability_manager_service_second_test/ability_manager_service_second_test.cpp @@ -1732,6 +1732,20 @@ HWTEST_F(AbilityManagerServiceSecondTest, KillProcess_001, TestSize.Level1) TAG_LOGI(AAFwkTag::TEST, "AbilityManagerServiceSecondTest KillProcess_001 end"); } +/* + * Feature: AbilityManagerService + * Function: CheckPermissionForKillCollaborator + * SubFunction: NA + * FunctionPoints: AbilityManagerService CheckPermissionForKillCollaborator + */ +HWTEST_F(AbilityManagerServiceSecondTest, CheckPermissionForKillCollaborator_001, TestSize.Level1) +{ + TAG_LOGI(AAFwkTag::TEST, "AbilityManagerServiceSecondTest CheckPermissionForKillCollaborator_001 start"); + auto abilityMs_ = std::make_shared(); + EXPECT_EQ(abilityMs_->CheckPermissionForKillCollaborator(), true); + TAG_LOGI(AAFwkTag::TEST, "AbilityManagerServiceSecondTest CheckPermissionForKillCollaborator_001 end"); +} + /* * Feature: AbilityManagerService * Function: PreLoadAppDataAbilities diff --git a/test/unittest/ability_permission_util_second_test/mock/src/mock_app_scheduler.cpp b/test/unittest/ability_permission_util_second_test/mock/src/mock_app_scheduler.cpp index 2357e05e606..2c355870074 100644 --- a/test/unittest/ability_permission_util_second_test/mock/src/mock_app_scheduler.cpp +++ b/test/unittest/ability_permission_util_second_test/mock/src/mock_app_scheduler.cpp @@ -195,6 +195,12 @@ bool AppScheduler::IsMemorySizeSufficent() const return true; } +int32_t AppScheduler::VerifyKillProcessPermission(const std::string &bundleName) const +{ + TAG_LOGI(AAFwkTag::TEST, "Test AppScheduler::VerifyKillProcessPermission()"); + return ERR_OK; +} + void AppScheduler::StartSpecifiedAbility(const AAFwk::Want&, const AppExecFwk::AbilityInfo&, int32_t) {} int AppScheduler::StartUserTest( diff --git a/test/unittest/ams_mgr_scheduler_test/ams_mgr_scheduler_test.cpp b/test/unittest/ams_mgr_scheduler_test/ams_mgr_scheduler_test.cpp index 7878a257134..8f00cbbf4d0 100644 --- a/test/unittest/ams_mgr_scheduler_test/ams_mgr_scheduler_test.cpp +++ b/test/unittest/ams_mgr_scheduler_test/ams_mgr_scheduler_test.cpp @@ -746,6 +746,26 @@ HWTEST_F(AmsMgrSchedulerTest, IsMemorySizeSufficent_001, TestSize.Level2) EXPECT_EQ(res, true); } +/* + * Feature: AmsMgrScheduler + * Function: VerifyKillProcessPermission + * SubFunction: NA + * FunctionPoints: AmsMgrScheduler VerifyKillProcessPermission + * EnvConditions: NA + * CaseDescription: Verify VerifyKillProcessPermission + */ +HWTEST_F(AmsMgrSchedulerTest, VerifyKillProcessPermission_001, TestSize.Level2) +{ + auto amsMgrScheduler = std::make_unique(nullptr, nullptr); + ASSERT_NE(amsMgrScheduler, nullptr); + bool res = amsMgrScheduler->VerifyKillProcessPermission("test"); + EXPECT_EQ(res, true); + amsMgrScheduler->amsMgrServiceInner_ = GetMockAppMgrServiceInner(); + amsMgrScheduler->amsHandler_ = GetAmsTaskHandler(); + res = amsMgrScheduler->VerifyKillProcessPermission("test"); + EXPECT_EQ(res, true); +} + /* * Feature: AmsMgrScheduler * Function: StartSpecifiedAbility diff --git a/test/unittest/app_exit_reason_helper_fourth_test/mock/src/mock_app_scheduler.cpp b/test/unittest/app_exit_reason_helper_fourth_test/mock/src/mock_app_scheduler.cpp index ca9010b5e24..4a27fcc3775 100644 --- a/test/unittest/app_exit_reason_helper_fourth_test/mock/src/mock_app_scheduler.cpp +++ b/test/unittest/app_exit_reason_helper_fourth_test/mock/src/mock_app_scheduler.cpp @@ -189,6 +189,12 @@ bool AppScheduler::IsMemorySizeSufficent() const return true; } +int32_t AppScheduler::VerifyKillProcessPermission(const std::string &bundleName) const +{ + TAG_LOGI(AAFwkTag::TEST, "Test AppScheduler::VerifyKillProcessPermission()"); + return ERR_OK; +} + void AppScheduler::StartSpecifiedAbility(const AAFwk::Want&, const AppExecFwk::AbilityInfo&, int32_t) {} int AppScheduler::StartUserTest( diff --git a/test/unittest/app_mgr_client_test/app_mgr_client_test.cpp b/test/unittest/app_mgr_client_test/app_mgr_client_test.cpp index 9d683362d20..ebb83ac7457 100644 --- a/test/unittest/app_mgr_client_test/app_mgr_client_test.cpp +++ b/test/unittest/app_mgr_client_test/app_mgr_client_test.cpp @@ -201,6 +201,26 @@ HWTEST_F(AppMgrClientTest, AppMgrClient_IsMemorySizeSufficent_001, TestSize.Leve EXPECT_EQ(res, true); } +/** + * @tc.name: AppMgrClient_VerifyKillProcessPermission_001 + * @tc.desc: verify kill process permission + * @tc.type: FUNC + */ +HWTEST_F(AppMgrClientTest, AppMgrClient_VerifyKillProcessPermission_001, TestSize.Level2) +{ + auto appMgrClient = std::make_unique(); + EXPECT_NE(appMgrClient, nullptr); + + auto result = appMgrClient->ConnectAppMgrService(); + EXPECT_EQ(result, AppMgrResultCode::RESULT_OK); + + int32_t ret = appMgrClient->VerifyKillProcessPermission("test"); + EXPECT_EQ(ret, ERR_OK); + + ret = appMgrClient->VerifyKillProcessPermission(""); + EXPECT_EQ(ret, ERR_INVALID_DATA); +} + /** * @tc.name: AppMgrClient_GetRunningProcessInfoByPid_001 * @tc.desc: can not get the not running process info by AccessTokenID. diff --git a/test/unittest/app_mgr_service_inner_ninth_test/mock/include/mock_app_scheduler.h b/test/unittest/app_mgr_service_inner_ninth_test/mock/include/mock_app_scheduler.h index 70c93a2e7aa..d801ce60209 100644 --- a/test/unittest/app_mgr_service_inner_ninth_test/mock/include/mock_app_scheduler.h +++ b/test/unittest/app_mgr_service_inner_ninth_test/mock/include/mock_app_scheduler.h @@ -70,8 +70,10 @@ public: MOCK_METHOD1(SetWatchdogBackgroundStatus, void(bool status)); MOCK_METHOD0(ScheduleClearPageStack, void()); MOCK_METHOD0(IsMemorySizeSufficent, bool()); + MOCK_METHOD1(VerifyKillProcessPermission, int32_t(const std::string &bundleName)); MOCK_METHOD0(ScheduleCacheProcess, void()); MOCK_METHOD1(ScheduleCjHeapMemory, void(OHOS::AppExecFwk::CjHeapDumpInfo &info)); + bool AddDeathRecipient(const sptr &recipient) override { return AAFwk::MyStatus::GetInstance().addDeathRecipientReturn_; diff --git a/test/unittest/app_scheduler_test/app_mgr_client_mock.h b/test/unittest/app_scheduler_test/app_mgr_client_mock.h index 62a16fc9fce..dbf55fc4cb4 100755 --- a/test/unittest/app_scheduler_test/app_mgr_client_mock.h +++ b/test/unittest/app_scheduler_test/app_mgr_client_mock.h @@ -38,6 +38,7 @@ public: MOCK_METHOD4(UpdateApplicationInfoInstalled, AppMgrResultCode(const std::string &bundleName, const int uid, const std::string&, bool)); MOCK_METHOD0(UpdateApplicationInfoInstalledDone, AppMgrResultCode()); + MOCK_METHOD1(VerifyKillProcessPermission, int32_t(const std::string &bundleName)); MOCK_METHOD3(KillApplication, AppMgrResultCode(const std::string&, const bool clearPageStack, int32_t appIndex)); MOCK_METHOD3(KillApplicationByUid, AppMgrResultCode(const std::string &bundleName, const int uid, const std::string&)); diff --git a/test/unittest/app_scheduler_test/app_scheduler_test.cpp b/test/unittest/app_scheduler_test/app_scheduler_test.cpp index 2fcde2b8d16..b99d4471b75 100644 --- a/test/unittest/app_scheduler_test/app_scheduler_test.cpp +++ b/test/unittest/app_scheduler_test/app_scheduler_test.cpp @@ -647,6 +647,27 @@ HWTEST_F(AppSchedulerTest, AppScheduler_KillApplication_002, TestSize.Level1) EXPECT_EQ(res, ERR_OK); } +/* + * Feature: AppScheduler + * Function: VerifyKillProcessPermission + * SubFunction: NA + * FunctionPoints: AppScheduler VerifyKillProcessPermission + * EnvConditions: NA + * CaseDescription: Verify VerifyKillProcessPermission + */ +HWTEST_F(AppSchedulerTest, AppScheduler_VerifyKillProcessPermission_001, TestSize.Level1) +{ + EXPECT_CALL(*clientMock_, VerifyKillProcessPermission(_)).Times(1) + .WillOnce(Return(ERR_OK)); + DelayedSingleton::GetInstance()->appMgrClient_ = std::move(clientMock_); + std::string bundleName = "test"; + auto res = DelayedSingleton::GetInstance()->VerifyKillProcessPermission(bundleName); + EXPECT_EQ(res, ERR_OK); + DelayedSingleton::GetInstance()->appMgrClient_ = nullptr; + res = DelayedSingleton::GetInstance()->VerifyKillProcessPermission(bundleName); + EXPECT_EQ(res, INNER_ERR); +} + /* * Feature: AppScheduler * Function: KillApplicationByUid -- Gitee