diff --git a/bundle.json b/bundle.json index d9febbff013ed026fb763db169e28e511e51c05a..d63cbda8b8d55b5ac9a9e9ea4f4430c7d23a07d3 100755 --- a/bundle.json +++ b/bundle.json @@ -28,6 +28,7 @@ "components": [ "access_token", "accessibility", + "device_manager", "eventhandler", "hilog", "ipc", @@ -45,6 +46,7 @@ "graphic_surface", "window_manager", "openssl", + "os_account", "graphic_2d", "cJSON", "selinux_adapter" diff --git a/common/include/dinput_errcode.h b/common/include/dinput_errcode.h index 61b50448b29213b2913e866c8cafb492c5edae4f..4e92c2d97b715f4cdd5e84499122b30cf7f992ce 100644 --- a/common/include/dinput_errcode.h +++ b/common/include/dinput_errcode.h @@ -111,6 +111,8 @@ namespace DistributedInput { constexpr int32_t ERR_DH_INPUT_SERVER_SOURCE_MANAGER_NODE_LISTENER_CALLBACK_ERR = -65039; constexpr int32_t ERR_DH_INPUT_SERVER_SOURCE_MANAGER_SESSION_STATE_CB_IS_NULL = -65040; constexpr int32_t ERR_DH_INPUT_SERVER_SOURCE_MANAGER_INJECT_EVENT_CB_IS_NULL = -65041; + constexpr int32_t ERR_DH_INPUT_SERVER_SOURCE_TRANSPORT_PERMISSION_DENIED = -65042; + constexpr int32_t ERR_DH_INPUT_SERVER_SOURCE_TRANSPORT_CONTEXT = -65043; // handler error code constexpr int32_t ERR_DH_INPUT_SINK_HANDLER_INIT_SINK_SA_FAIL = -66000; diff --git a/distributedinput.gni b/distributedinput.gni index d8ed859665c22eb02fbfd53a1a0c0ca00475fdef..fa07b6016eb2b2b136b7c8ceb4465dd92af69845 100644 --- a/distributedinput.gni +++ b/distributedinput.gni @@ -47,3 +47,11 @@ av_transport_path = "${distributedhardwarefwk_path}/av_transport" unittest_output_path = "distributed_input/distributed_input" distributedinput_ldflags = [ "-lpthread" ] + +declare_args() { + check_same_account = true + if (!defined(global_parts_info) || !defined( + global_parts_info.distributedhardware_distributed_hardware_adapter)) { + check_same_account = false + } +} \ No newline at end of file diff --git a/interfaces/ipc/test/fuzztest/distributedinputstub_fuzzer/BUILD.gn b/interfaces/ipc/test/fuzztest/distributedinputstub_fuzzer/BUILD.gn index 3490245affc915e1add095a2b16fa30521e7354d..20a2b0f9092989f3bed90a9cbd616d3a3f5d84d9 100644 --- a/interfaces/ipc/test/fuzztest/distributedinputstub_fuzzer/BUILD.gn +++ b/interfaces/ipc/test/fuzztest/distributedinputstub_fuzzer/BUILD.gn @@ -55,6 +55,7 @@ ohos_fuzztest("DistributedInputStubFuzzTest") { "${common_path}/test/mock/socket_mock.cpp", "${common_path}/test/mock/softbus_bus_center_mock.cpp", "${distributedinput_path}/services/transportbase/src/distributed_input_transport_base.cpp", + "${distributedinput_path}/services/transportbase/src/softbus_permission_check.cpp", "${distributedinput_path}/utils/src/dinput_context.cpp", "${distributedinput_path}/utils/src/dinput_utils_tool.cpp", "${ipc_path}/src/add_white_list_infos_call_back_proxy.cpp", @@ -105,6 +106,7 @@ ohos_fuzztest("DistributedInputStubFuzzTest") { "access_token:libtoken_setproc", "access_token:libtokenid_sdk", "c_utils:utils", + "device_manager:devicemanagersdk", "distributed_hardware_fwk:distributed_av_sender", "distributed_hardware_fwk:distributedhardwareutils", "distributed_hardware_fwk:libdhfwk_sdk", @@ -118,6 +120,8 @@ ohos_fuzztest("DistributedInputStubFuzzTest") { "json:nlohmann_json_static", "libevdev:libevdev", "openssl:libcrypto_shared", + "os_account:libaccountkits", + "os_account:os_account_innerkits", "safwk:system_ability_fwk", "samgr:samgr_proxy", ] diff --git a/services/sink/transport/test/sinktransunittest/distributed_input_sinktrans_test.cpp b/services/sink/transport/test/sinktransunittest/distributed_input_sinktrans_test.cpp index 4530322c4e43d8e69b46d7792efd423d272080ed..c4f56fef7da5a2cd332394c4f61c1d8f130566eb 100644 --- a/services/sink/transport/test/sinktransunittest/distributed_input_sinktrans_test.cpp +++ b/services/sink/transport/test/sinktransunittest/distributed_input_sinktrans_test.cpp @@ -18,6 +18,7 @@ #include "nlohmann/json.hpp" #include "dinput_errcode.h" #include "distributed_input_sink_manager.h" +#include "softbus_permission_check.h" using namespace testing::ext; using namespace OHOS::DistributedHardware::DistributedInput; @@ -40,6 +41,31 @@ namespace { const std::string SOFTBUSCMDTYPE = "softbus_cmd_type"; } +bool SoftBusPermissionCheck::CheckSrcPermission(const std::string &sinkNetworkId) +{ + return true; +} + +bool SoftBusPermissionCheck::CheckSinkPermission(const AccountInfo &callerAccountInfo) +{ + return true; +} + +bool SoftBusPermissionCheck::SetAccessInfoToSocket(const int32_t sessionId) +{ + return true; +} +bool SoftBusPermissionCheck::TransCallerInfo(SocketAccessInfo *callerInfo, + AccountInfo &callerAccountInfo, const std::string &networkId) +{ + return true; +} + +bool SoftBusPermissionCheck::FillLocalInfo(SocketAccessInfo *localInfo) +{ + return true; +} + void DistributedInputSinkTransTest::SetUp() { } diff --git a/services/source/sourcemanager/test/sourcemanagerunittest/distributed_input_sourcemanager_test.cpp b/services/source/sourcemanager/test/sourcemanagerunittest/distributed_input_sourcemanager_test.cpp index 1ad8b2acd0526dbf46c5324102decae740a57496..dc62e13aceb86f6f261aaf9a888051ad94892ac5 100644 --- a/services/source/sourcemanager/test/sourcemanagerunittest/distributed_input_sourcemanager_test.cpp +++ b/services/source/sourcemanager/test/sourcemanagerunittest/distributed_input_sourcemanager_test.cpp @@ -34,6 +34,7 @@ #include "distributed_input_source_transport.h" #include "distributed_input_transport_base.h" #include "dinput_utils_tool.h" +#include "softbus_permission_check.h" using namespace testing::ext; using namespace OHOS::DistributedHardware::DistributedInput; @@ -46,6 +47,31 @@ namespace { const uint32_t INPUTTYPE_MOUSE = static_cast(DInputDeviceType::MOUSE); } +bool SoftBusPermissionCheck::CheckSrcPermission(const std::string &sinkNetworkId) +{ + return true; +} + +bool SoftBusPermissionCheck::CheckSinkPermission(const AccountInfo &callerAccountInfo) +{ + return true; +} + +bool SoftBusPermissionCheck::SetAccessInfoToSocket(const int32_t sessionId) +{ + return true; +} +bool SoftBusPermissionCheck::TransCallerInfo(SocketAccessInfo *callerInfo, + AccountInfo &callerAccountInfo, const std::string &networkId) +{ + return true; +} + +bool SoftBusPermissionCheck::FillLocalInfo(SocketAccessInfo *localInfo) +{ + return true; +} + void DistributedInputSourceManagerTest::SetUp() { sourceManager_ = new DistributedInputSourceManager(DISTRIBUTED_HARDWARE_INPUT_SOURCE_SA_ID, true); diff --git a/services/source/transport/test/sourcetransunittest/distributed_input_sourcetrans_test.cpp b/services/source/transport/test/sourcetransunittest/distributed_input_sourcetrans_test.cpp index a1eed377e96d2dcb2e805ed5f1749a03224f21c1..3c078ad1930d3b15702bd372446824a0c74248a8 100644 --- a/services/source/transport/test/sourcetransunittest/distributed_input_sourcetrans_test.cpp +++ b/services/source/transport/test/sourcetransunittest/distributed_input_sourcetrans_test.cpp @@ -21,6 +21,7 @@ #include "dinput_softbus_define.h" #include "distributed_input_source_manager.h" #include "distributed_input_transport_base.h" +#include "softbus_permission_check.h" using namespace testing::ext; using namespace OHOS::DistributedHardware::DistributedInput; @@ -28,6 +29,31 @@ using namespace std; namespace OHOS { namespace DistributedHardware { namespace DistributedInput { +bool SoftBusPermissionCheck::CheckSrcPermission(const std::string &sinkNetworkId) +{ + return true; +} + +bool SoftBusPermissionCheck::CheckSinkPermission(const AccountInfo &callerAccountInfo) +{ + return true; +} + +bool SoftBusPermissionCheck::SetAccessInfoToSocket(const int32_t sessionId) +{ + return true; +} +bool SoftBusPermissionCheck::TransCallerInfo(SocketAccessInfo *callerInfo, + AccountInfo &callerAccountInfo, const std::string &networkId) +{ + return true; +} + +bool SoftBusPermissionCheck::FillLocalInfo(SocketAccessInfo *localInfo) +{ + return true; +} + void DistributedInputSourceTransTest::SetUp() { } diff --git a/services/transportbase/BUILD.gn b/services/transportbase/BUILD.gn index e41d5ccd69e8262c7b3e30f223b30419937839af..d0ac1c18b5d6eaf69cc7fceb21a655e6d7c8bdfb 100644 --- a/services/transportbase/BUILD.gn +++ b/services/transportbase/BUILD.gn @@ -36,7 +36,10 @@ ohos_shared_library("libdinput_trans_base") { "${distributedinput_path}/inputdevicehandler/include", ] - sources = [ "src/distributed_input_transport_base.cpp" ] + sources = [ + "src/distributed_input_transport_base.cpp", + "src/softbus_permission_check.cpp", + ] defines = [ "HI_LOG_ENABLE", @@ -57,6 +60,7 @@ ohos_shared_library("libdinput_trans_base") { external_deps = [ "c_utils:utils", + "device_manager:devicemanagersdk", "distributed_hardware_fwk:distributed_av_receiver", "distributed_hardware_fwk:distributed_av_sender", "distributed_hardware_fwk:distributedhardwareutils", @@ -68,6 +72,8 @@ ohos_shared_library("libdinput_trans_base") { "ipc:ipc_core", "json:nlohmann_json_static", "libevdev:libevdev", + "os_account:libaccountkits", + "os_account:os_account_innerkits", "safwk:system_ability_fwk", "samgr:samgr_proxy", ] diff --git a/services/transportbase/include/distributed_input_transport_base.h b/services/transportbase/include/distributed_input_transport_base.h index 7fc0463e35bd75037886af7634a723fcae157718..f738515211bf15570a7aca06de73c0525b0a7f60 100644 --- a/services/transportbase/include/distributed_input_transport_base.h +++ b/services/transportbase/include/distributed_input_transport_base.h @@ -67,7 +67,7 @@ public: int32_t GetSessionIdByDevId(const std::string &srcId); std::string GetDevIdBySessionId(int32_t sessionId); int32_t SendMsg(int32_t sessionId, std::string &message); - + bool OnNegotiate2(int32_t socket, PeerSocketInfo info, SocketAccessInfo *peerInfo, SocketAccessInfo *localInfo); private: DistributedInputTransportBase() = default; ~DistributedInputTransportBase(); diff --git a/services/transportbase/include/softbus_permission_check.h b/services/transportbase/include/softbus_permission_check.h new file mode 100644 index 0000000000000000000000000000000000000000..77d132f856d3140c6eff78053c4459afdd2bd94a --- /dev/null +++ b/services/transportbase/include/softbus_permission_check.h @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DISTRIBUTED_INPUT_TRANSPORT_BASE_SOFTBUS_PERMISSION_CHECK_H +#define DISTRIBUTED_INPUT_TRANSPORT_BASE_SOFTBUS_PERMISSION_CHECK_H + +#include + +#include "transport/trans_type.h" + +namespace OHOS { +namespace DistributedHardware { +namespace DistributedInput { +const int32_t INVALID_USER_ID = -1; +struct AccountInfo { + int32_t userId_ = INVALID_USER_ID; + uint64_t tokenId_ = 0; + std::string accountId_; + std::string networkId_; +}; + +class SoftBusPermissionCheck { +public: + static bool CheckSrcPermission(const std::string &sinkNetworkId); + static bool CheckSinkPermission(const AccountInfo &callerAccountInfo); + static bool GetLocalAccountInfo(AccountInfo &localAccountInfo); + static int32_t GetCurrentUserId(); + static bool TransCallerInfo(SocketAccessInfo *callerInfo, + AccountInfo &callerAccountInfo, const std::string &networkId); + static bool FillLocalInfo(SocketAccessInfo *localInfo); + static bool SetAccessInfoToSocket(const int32_t sessionId); +private: + static bool CheckSrcIsSameAccount(const std::string &sinkNetworkId, const AccountInfo &localAccountInfo); + static bool CheckSinkIsSameAccount(const AccountInfo &callerAccountInfo, const AccountInfo &calleeAccountInfo); + static bool CheckSrcAccessControl(const std::string &sinkNetworkId, const AccountInfo &localAccountInfo); + static bool CheckSinkAccessControl(const AccountInfo &callerAccountInfo, const AccountInfo &calleeAccountInfo); + static bool GetLocalNetworkId(std::string &networkId); +}; +} // namespace DistributedInput +} // namespace DistributedHardware +} // namespace OHOS + +#endif // FILEMANAGEMENT_DFS_SERVICE_SOFTBUS_PERMISSION_CHECK_H \ No newline at end of file diff --git a/services/transportbase/src/distributed_input_transport_base.cpp b/services/transportbase/src/distributed_input_transport_base.cpp index 278ea32845f75eaff45f1230da86a37218ac50db..c5c3c9926ed41e255247599bd3bd1a6c6b23aeac 100644 --- a/services/transportbase/src/distributed_input_transport_base.cpp +++ b/services/transportbase/src/distributed_input_transport_base.cpp @@ -33,6 +33,7 @@ #include "hidumper.h" #include "softbus_common.h" +#include "softbus_permission_check.h" namespace OHOS { namespace DistributedHardware { @@ -101,6 +102,11 @@ void OnQos(int32_t socket, QoSEvent eventId, const QosTV *qos, uint32_t qosCount } } +static bool OnNegotiate2(int32_t socket, PeerSocketInfo info, SocketAccessInfo *peerInfo, SocketAccessInfo *localInfo) +{ + return DistributedInputTransportBase::GetInstance().OnNegotiate2(socket, info, peerInfo, localInfo); +} + ISocketListener iSocketListener = { .OnBind = OnBind, .OnShutdown = OnShutdown, @@ -108,7 +114,8 @@ ISocketListener iSocketListener = { .OnMessage = OnMessage, .OnStream = OnStream, .OnFile = OnFile, - .OnQos = OnQos + .OnQos = OnQos, + .OnNegotiate2 = OnNegotiate2 }; int32_t DistributedInputTransportBase::Init() @@ -230,12 +237,21 @@ int32_t DistributedInputTransportBase::StartSession(const std::string &remoteDev DHLOGE("Softbus session has already opened, deviceId: %{public}s", GetAnonyString(remoteDevId).c_str()); return DH_SUCCESS; } + if (!SoftBusPermissionCheck::CheckSrcPermission(remoteDevId)) { + DHLOGE("Permission denied"); + return ERR_DH_INPUT_SERVER_SOURCE_TRANSPORT_PERMISSION_DENIED; + } int socket = CreateClientSocket(remoteDevId); if (socket < DH_SUCCESS) { DHLOGE("StartSession failed, ret: %{public}d", socket); return ERR_DH_INPUT_SERVER_SOURCE_TRANSPORT_OPEN_SESSION_FAIL; } + if (!SoftBusPermissionCheck::SetAccessInfoToSocket(socket)) { + DHLOGW("Fill and set accessInfo failed"); + Shutdown(socket); + return ERR_DH_INPUT_SERVER_SOURCE_TRANSPORT_CONTEXT; + } StartAsyncTrace(DINPUT_HITRACE_LABEL, DINPUT_OPEN_SESSION_START, DINPUT_OPEN_SESSION_TASK); ret = Bind(socket, g_qosInfo, g_QosTV_Param_Index, &iSocketListener); if (ret < DH_SUCCESS) { @@ -555,6 +571,27 @@ int32_t DistributedInputTransportBase::GetSessionIdByDevId(const std::string &sr DHLOGE("get session id failed, srcId = %{public}s", GetAnonyString(srcId).c_str()); return ERR_DH_INPUT_SERVER_SINK_TRANSPORT_GET_SESSIONID_FAIL; } + +bool DistributedInputTransportBase::OnNegotiate2(int32_t socket, PeerSocketInfo info, SocketAccessInfo *peerInfo, + SocketAccessInfo *localInfo) +{ + if (peerInfo == nullptr) { + DHLOGE("peerInfo is nullptr. sink must be old version"); + return true; + } + + AccountInfo callerAccountInfo; + std::string networkId = info.networkId; + if (!SoftBusPermissionCheck::TransCallerInfo(peerInfo, callerAccountInfo, networkId)) { + DHLOGE("extraAccessInfo is nullptr."); + return false; + } + if (!SoftBusPermissionCheck::FillLocalInfo(localInfo)) { + DHLOGE("FillLocalInfo failed."); + return false; + } + return SoftBusPermissionCheck::CheckSinkPermission(callerAccountInfo); +} } // namespace DistributedInput } // namespace DistributedHardware } // namespace OHOS \ No newline at end of file diff --git a/services/transportbase/src/softbus_permission_check.cpp b/services/transportbase/src/softbus_permission_check.cpp new file mode 100644 index 0000000000000000000000000000000000000000..74290332320347de2a96137cf110eb5304c5677d --- /dev/null +++ b/services/transportbase/src/softbus_permission_check.cpp @@ -0,0 +1,276 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "softbus_permission_check.h" + +#include "device_manager.h" +#include "dm_device_info.h" +#include "dinput_errcode.h" +#include "dinput_log.h" +#include "dinput_utils_tool.h" +#include "ipc_skeleton.h" +#include "ohos_account_kits.h" +#include "os_account_manager.h" +#include "transport/socket.h" + +namespace OHOS { +namespace DistributedHardware { +namespace DistributedInput { +constexpr const char *ACCOUNT_ID = "accountId"; +static inline const std::string SERVICE_NAME { "ohos.dhardware.dinput" }; +using namespace DistributedHardware; +bool SoftBusPermissionCheck::CheckSrcPermission(const std::string &sinkNetworkId) +{ + DHLOGI("Begin"); + AccountInfo localAccountInfo; + if (!GetLocalAccountInfo(localAccountInfo)) { + DHLOGE("Get os account data failed"); + return false; + } +#ifdef SUPPORT_SAME_ACCOUNT + if (!CheckSrcIsSameAccount(sinkNetworkId, localAccountInfo)) { + DHLOGE("Check src same account failed"); + return false; + } +#endif + return true; +} + +bool SoftBusPermissionCheck::CheckSinkPermission(const AccountInfo &callerAccountInfo) +{ + DHLOGI("Begin"); + AccountInfo localAccountInfo; + if (!GetLocalAccountInfo(localAccountInfo)) { + DHLOGE("Get local account info failed"); + return false; + } +#ifdef SUPPORT_SAME_ACCOUNT + if (!CheckSinkIsSameAccount(callerAccountInfo, localAccountInfo)) { + DHLOGE("Check sink same account failed"); + return false; + } +#endif + return true; +} + +bool SoftBusPermissionCheck::GetLocalAccountInfo(AccountInfo &localAccountInfo) +{ + int32_t userId = GetCurrentUserId(); + if (userId == INVALID_USER_ID) { + DHLOGE("Get current userid failed"); + return false; + } + localAccountInfo.userId_ = userId; +#ifdef SUPPORT_SAME_ACCOUNT + AccountSA::OhosAccountInfo osAccountInfo; + int ret = AccountSA::OhosAccountKits::GetInstance().GetOhosAccountInfo(osAccountInfo); + if (ret != 0 || osAccountInfo.uid_ == "") { + DHLOGE("Get accountId from Ohos account info failed, ret: %{public}d.", ret); + return false; + } + localAccountInfo.accountId_ = osAccountInfo.uid_; +#endif + localAccountInfo.tokenId_ = IPCSkeleton::GetSelfTokenID(); + + if (!GetLocalNetworkId(localAccountInfo.networkId_)) { + DHLOGE("Get local networkid failed"); + return false; + } + DHLOGI("Get local accountinfo success, accountId %{public}s, userId %{public}s, networkId %{public}s.", + GetAnonyString(localAccountInfo.accountId_).c_str(), std::to_string(localAccountInfo.userId_).c_str(), + GetAnonyString(localAccountInfo.networkId_).c_str()); + return true; +} + +bool SoftBusPermissionCheck::CheckSrcIsSameAccount(const std::string &sinkNetworkId, + const AccountInfo &localAccountInfo) +{ +#ifdef SUPPORT_SAME_ACCOUNT + DmAccessCaller caller = { + .accountId = localAccountInfo.accountId_, + .networkId = localAccountInfo.networkId_, + .userId = localAccountInfo.userId_, + }; + DmAccessCallee callee = { + .networkId = sinkNetworkId + }; + if (!DeviceManager::GetInstance().CheckSrcIsSameAccount(caller, callee)) { + DHLOGE("Check src same account failed"); + return false; + } +#endif + return true; +} + +bool SoftBusPermissionCheck::CheckSinkIsSameAccount(const AccountInfo &callerAccountInfo, + const AccountInfo &calleeAccountInfo) +{ +#ifdef SUPPORT_SAME_ACCOUNT + DmAccessCaller caller = { + .accountId = callerAccountInfo.accountId_, + .networkId = callerAccountInfo.networkId_, + .userId = callerAccountInfo.userId_, + }; + DmAccessCallee callee = { + .accountId = calleeAccountInfo.accountId_, + .networkId = calleeAccountInfo.networkId_, + .userId = calleeAccountInfo.userId_, + }; + if (!DeviceManager::GetInstance().CheckSinkIsSameAccount(caller, callee)) { + DHLOGE("Check sink same account failed"); + return false; + } +#endif + return true; +} + +bool SoftBusPermissionCheck::CheckSrcAccessControl(const std::string &sinkNetworkId, + const AccountInfo &localAccountInfo) +{ + DmAccessCaller caller { + .accountId = localAccountInfo.accountId_, + .pkgName = SERVICE_NAME, + .networkId = localAccountInfo.networkId_, + .userId = localAccountInfo.userId_, + .tokenId = localAccountInfo.tokenId_, + }; + DmAccessCallee callee = { + .networkId = sinkNetworkId, + }; + if (!DeviceManager::GetInstance().CheckSrcAccessControl(caller, callee)) { + DHLOGE("Check src acl failed"); + return false; + } + return true; +} + +bool SoftBusPermissionCheck::CheckSinkAccessControl(const AccountInfo &callerAccountInfo, + const AccountInfo &calleeAccountInfo) +{ + DmAccessCaller caller { + .accountId = callerAccountInfo.accountId_, + .pkgName = SERVICE_NAME, + .networkId = callerAccountInfo.networkId_, + .userId = callerAccountInfo.userId_, + .tokenId = callerAccountInfo.tokenId_, + }; + DmAccessCallee callee { + .accountId = calleeAccountInfo.accountId_, + .networkId = calleeAccountInfo.networkId_, + .pkgName = SERVICE_NAME, + .userId = calleeAccountInfo.userId_, + .tokenId = calleeAccountInfo.tokenId_, + }; + if (!DeviceManager::GetInstance().CheckSinkAccessControl(caller, callee)) { + DHLOGE("Check sink acl failed"); + return false; + } + return true; +} + +int32_t SoftBusPermissionCheck::GetCurrentUserId() +{ + std::vector userIds{}; + auto ret = AccountSA::OsAccountManager::QueryActiveOsAccountIds(userIds); + if (ret != NO_ERROR || userIds.empty()) { + DHLOGE("Query active os account id failed, ret = %{public}d", ret); + return INVALID_USER_ID; + } + return userIds[0]; +} + +bool SoftBusPermissionCheck::GetLocalNetworkId(std::string &networkId) +{ + DistributedHardware::DmDeviceInfo localDeviceInfo{}; + int errCode = DeviceManager::GetInstance().GetLocalDeviceInfo(SERVICE_NAME, localDeviceInfo); + if (errCode != 0) { + DHLOGE("Get localdeviceInfo failed, ret = %{public}d", errCode); + return false; + } + networkId = localDeviceInfo.networkId; + return true; +} + +bool SoftBusPermissionCheck::SetAccessInfoToSocket(const int32_t sessionId) +{ +#ifdef SUPPORT_SAME_ACCOUNT + AccountInfo accountInfo; + if (!GetLocalAccountInfo(accountInfo)) { + DHLOGE("GetOsAccountData failed."); + return false; + } + nlohmann::json jsonObj; + jsonObj[ACCOUNT_ID] = accountInfo.accountId_; + + SocketAccessInfo accessInfo; + accessInfo.userId = accountInfo.userId_; + std::string jsonStr = jsonObj.dump(); + size_t len = jsonStr.size(); + std::shared_ptr charArr(new char[len + 1], [](char *p) {delete[] p;}); + if (strcpy_s(charArr.get(), len + 1, jsonStr.c_str()) != 0) { + DHLOGE("strcpy_s failed."); + return false; + } + accessInfo.extraAccessInfo = charArr.get(); + accessInfo.localTokenId = accountInfo.tokenId_; + if (SetAccessInfo(sessionId, accessInfo) != 0) { + DHLOGE("set access info failed"); + return false; + } +#endif + return true; +} + +bool SoftBusPermissionCheck::TransCallerInfo(SocketAccessInfo *callerInfo, + AccountInfo &callerAccountInfo, const std::string &networkId) +{ + if (callerInfo == nullptr || callerInfo->extraAccessInfo == nullptr) { + DHLOGE("callerInfo or extraAccessInfo is nullptr."); + return true; + } + nlohmann::json jsonObj = nlohmann::json::parse(std::string(callerInfo->extraAccessInfo), nullptr, false); + if (jsonObj.is_discarded()) { + DHLOGE("jsonObj parse failed."); + return false; + } + if (!jsonObj.contains(ACCOUNT_ID) || !jsonObj[ACCOUNT_ID].is_string()) { + DHLOGE("get ext jsonObj parse failed."); + return false; + } + callerAccountInfo.accountId_ = jsonObj[ACCOUNT_ID].get(); + callerAccountInfo.userId_ = callerInfo->userId; + callerAccountInfo.networkId_ = networkId; + DHLOGI("TransCallerInfo success"); + return true; +} + +bool SoftBusPermissionCheck::FillLocalInfo(SocketAccessInfo *localInfo) +{ + if (localInfo == nullptr) { + DHLOGE("localInfo is nullptr."); + return false; + } + int32_t userId = GetCurrentUserId(); + if (userId == INVALID_USER_ID) { + DHLOGE("get current user id falied"); + return false; + } + localInfo->userId = userId; + localInfo->localTokenId = IPCSkeleton::GetSelfTokenID(); + return true; +} +} // namespace DistributedInput +} // namespace DistributedHardware +} // namespace OHOS \ No newline at end of file diff --git a/services/transportbase/test/transbaseunittest/BUILD.gn b/services/transportbase/test/transbaseunittest/BUILD.gn index 1aee55e110982cda930ef187e5a1bddae0916ce0..26a52c7688ca59494d40380de373ec0459a308e7 100644 --- a/services/transportbase/test/transbaseunittest/BUILD.gn +++ b/services/transportbase/test/transbaseunittest/BUILD.gn @@ -20,7 +20,10 @@ module_out_path = unittest_output_path group("transbaseunittest") { testonly = true - deps = [ ":distributed_input_transbase_test" ] + deps = [ + ":distributed_input_transbase_test", + ":softbus_permission_check_test", + ] } ## UnitTest distributed_input_manager_service_test {{{ @@ -65,6 +68,7 @@ ohos_unittest("distributed_input_transbase_test") { "HI_LOG_ENABLE", "DH_LOG_TAG=\"distributedinpututtest\"", "LOG_DOMAIN=0xD004120", + "NORMAL_MOCK", ] deps = [ @@ -93,3 +97,56 @@ ohos_unittest("distributed_input_transbase_test") { cflags_cc = [ "-DHILOG_ENABLE" ] } ## UnitTest distributed_input_manager_service_test }}} + +ohos_unittest("softbus_permission_check_test") { + module_out_path = module_out_path + + include_dirs = [ + "${common_path}/include", + "${distributedinput_path}/services/transportbase/include", + "${utils_path}/include", + ] + + sources = [ + "${distributedinput_path}/services/transportbase/src/softbus_permission_check.cpp", + "device_manager_impl_mock.cpp", + "mock_other_method.cpp", + "socket_mock.cpp", + "softbus_permission_check_test.cpp", + ] + + cflags = [ + "-Wall", + "-Werror", + "-g3", + "-Dprivate=public", + "-Dprotected=public", + ] + + defines = [ + "HI_LOG_ENABLE", + "DH_LOG_TAG=\"distributedinpututtest\"", + "LOG_DOMAIN=0xD004120", + "NORMAL_MOCK", + ] + + deps = [ "${utils_path}:libdinput_utils" ] + + external_deps = [ + "c_utils:utils", + "device_manager:devicemanagersdk", + "dsoftbus:softbus_client", + "googletest:gmock_main", + "googletest:gtest_main", + "hilog:libhilog", + "ipc:ipc_core", + "os_account:libaccountkits", + "os_account:os_account_innerkits", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] + + if (check_same_account) { + defines += [ "SUPPORT_SAME_ACCOUNT" ] + } +} \ No newline at end of file diff --git a/services/transportbase/test/transbaseunittest/device_manager_impl_mock.cpp b/services/transportbase/test/transbaseunittest/device_manager_impl_mock.cpp new file mode 100644 index 0000000000000000000000000000000000000000..19b24efebbbb7bd36d8e5d9c9fe40949641c9d42 --- /dev/null +++ b/services/transportbase/test/transbaseunittest/device_manager_impl_mock.cpp @@ -0,0 +1,113 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "device_manager_impl.h" +#include "device_manager_impl_mock.h" +#include "dm_constants.h" + +#include "gtest/gtest.h" + +namespace OHOS { +namespace DistributedHardware { +#ifndef NORMAL_MOCK +const std::string NETWORKID_ONE = "45656596896323231"; +const std::string NETWORKID_TWO = "45656596896323232"; +const std::string NETWORKID_THREE = "45656596896323233"; +constexpr int32_t NETWORKTYPE_WITH_WIFI = 2; +constexpr int32_t NETWORKTYPE_NONE_WIFI = 4; +#endif + +int32_t DeviceManagerImpl::InitDeviceManager(const std::string &pkgName, std::shared_ptr dmInitCallback) +{ + return DeviceManagerBase::deviceManager->InitDeviceManager(pkgName, dmInitCallback); +} + +int32_t DeviceManagerImpl::UnInitDeviceManager(const std::string &pkgName) +{ + return DeviceManagerBase::deviceManager->UnInitDeviceManager(pkgName); +} + +int32_t DeviceManagerImpl::GetTrustedDeviceList(const std::string &pkgName, + const std::string &extra, + std::vector &deviceList) +{ + return DeviceManagerBase::deviceManager->GetTrustedDeviceList(pkgName, extra, deviceList); +} + +int32_t DeviceManagerImpl::GetLocalDeviceInfo(const std::string &pkgName, DmDeviceInfo &info) +{ + return DeviceManagerBase::deviceManager->GetLocalDeviceInfo(pkgName, info); +} + +int32_t DeviceManagerImpl::RegisterDevStateCallback(const std::string &pkgName, + const std::string &extra, + std::shared_ptr callback) +{ + return DeviceManagerBase::deviceManager->RegisterDevStateCallback(pkgName, extra, callback); +} + +int32_t DeviceManagerImpl::UnRegisterDevStateCallback(const std::string &pkgName) +{ + return DeviceManagerBase::deviceManager->UnRegisterDevStateCallback(pkgName); +} + +#ifdef NORMAL_MOCK +int32_t DeviceManagerImpl::GetNetworkTypeByNetworkId(const std::string &pkgName, + const std::string &netWorkId, + int32_t &netWorkType) +{ + return DeviceManagerBase::deviceManager->GetNetworkTypeByNetworkId(pkgName, netWorkId, netWorkType); +} +#else +int32_t DeviceManagerImpl::GetNetworkTypeByNetworkId(const std::string &pkgName, + const std::string &netWorkId, + int32_t &netWorkType) +{ + GTEST_LOG_(INFO) << "GetTrustedDeviceList start"; + if (netWorkId == NETWORKID_ONE) { + return ERR_DM_INPUT_PARA_INVALID; + } + + if (netWorkId == NETWORKID_TWO) { + netWorkType = NETWORKTYPE_WITH_WIFI; + return DM_OK; + } + + netWorkType = NETWORKTYPE_NONE_WIFI; + return DM_OK; +} +#endif + +bool DeviceManagerImpl::CheckSrcAccessControl(const DmAccessCaller &caller, const DmAccessCallee &callee) +{ + return DeviceManagerBase::deviceManager->CheckSrcAccessControl(caller, callee); +} + +bool DeviceManagerImpl::CheckSinkAccessControl(const DmAccessCaller &caller, const DmAccessCallee &callee) +{ + return DeviceManagerBase::deviceManager->CheckSinkAccessControl(caller, callee); +} + +bool DeviceManagerImpl::CheckSrcIsSameAccount(const DmAccessCaller &caller, const DmAccessCallee &callee) +{ + return DeviceManagerBase::deviceManager->CheckSrcIsSameAccount(caller, callee); +} + +bool DeviceManagerImpl::CheckSinkIsSameAccount(const DmAccessCaller &caller, const DmAccessCallee &callee) +{ + return DeviceManagerBase::deviceManager->CheckSinkIsSameAccount(caller, callee); +} +} // namespace DistributedHardware +} // namespace OHOS diff --git a/services/transportbase/test/transbaseunittest/device_manager_impl_mock.h b/services/transportbase/test/transbaseunittest/device_manager_impl_mock.h new file mode 100644 index 0000000000000000000000000000000000000000..526376d0bc583d5bc25a2ff1d2064463277fb588 --- /dev/null +++ b/services/transportbase/test/transbaseunittest/device_manager_impl_mock.h @@ -0,0 +1,75 @@ +/* + * Copyright (C) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef DISTRIBUTED_INPUT_DEVICE_MANAGER_MOCK_H +#define DISTRIBUTED_INPUT_DEVICE_MANAGER_MOCK_H + +#include +#include +#include + +#include "device_manager.h" +#include "softbus_bus_center.h" + +namespace OHOS::DistributedHardware { +class DeviceManagerBase { +public: + virtual ~DeviceManagerBase() = default; +public: + virtual int32_t InitDeviceManager(const std::string &pkgName, + std::shared_ptr dmInitCallback) = 0; + virtual int32_t UnInitDeviceManager(const std::string &pkgName) = 0; + virtual int32_t GetTrustedDeviceList(const std::string &pkgName, + const std::string &extra, std::vector &deviceList) = 0; + virtual int32_t RegisterDevStateCallback(const std::string &pkgName, + const std::string &extra, std::shared_ptr callback) = 0; + virtual int32_t UnRegisterDevStateCallback(const std::string &pkgName) = 0; + virtual int32_t GetLocalDeviceInfo(const std::string &pkgName, DmDeviceInfo &info) = 0; + virtual bool CheckSrcAccessControl(const DmAccessCaller &caller, const DmAccessCallee &callee) = 0; + virtual bool CheckSinkAccessControl(const DmAccessCaller &caller, const DmAccessCallee &callee) = 0; + virtual bool CheckSrcIsSameAccount(const DmAccessCaller &caller, const DmAccessCallee &callee) = 0; + virtual bool CheckSinkIsSameAccount(const DmAccessCaller &caller, const DmAccessCallee &callee) = 0; + #ifdef NORMAL_MOCK + virtual int32_t GetNetworkTypeByNetworkId(const std::string &pkgName, const std::string &netWorkId, + int32_t &netWorkType) = 0; + #endif +public: + virtual int32_t GetLocalNodeDeviceInfo(const char *pkgName, NodeBasicInfo *info) = 0; +public: + static inline std::shared_ptr deviceManager = nullptr; +}; + +class DeviceManagerMock : public DeviceManagerBase { +public: + MOCK_METHOD2(InitDeviceManager, int32_t(const std::string &pkgName, + std::shared_ptr dmInitCallback)); + MOCK_METHOD1(UnInitDeviceManager, int32_t(const std::string &pkgName)); + MOCK_METHOD3(GetTrustedDeviceList, int32_t(const std::string &pkgName, + const std::string &extra, std::vector &deviceList)); + MOCK_METHOD3(RegisterDevStateCallback, int32_t(const std::string &pkgName, + const std::string &extra, std::shared_ptr callback)); + MOCK_METHOD1(UnRegisterDevStateCallback, int32_t(const std::string &pkgName)); + MOCK_METHOD2(GetLocalNodeDeviceInfo, int32_t(const char *pkgName, NodeBasicInfo *info)); + MOCK_METHOD2(GetLocalDeviceInfo, int32_t(const std::string &pkgName, DmDeviceInfo &info)); + MOCK_METHOD2(CheckSrcAccessControl, bool(const DmAccessCaller &caller, const DmAccessCallee &callee)); + MOCK_METHOD2(CheckSinkAccessControl, bool(const DmAccessCaller &caller, const DmAccessCallee &callee)); + MOCK_METHOD2(CheckSrcIsSameAccount, bool(const DmAccessCaller &caller, const DmAccessCallee &callee)); + MOCK_METHOD2(CheckSinkIsSameAccount, bool(const DmAccessCaller &caller, const DmAccessCallee &callee)); + #ifdef NORMAL_MOCK + MOCK_METHOD3(GetNetworkTypeByNetworkId, int32_t(const std::string &pkgName, const std::string &netWorkId, + int32_t &netWorkType)); + #endif +}; +} +#endif \ No newline at end of file diff --git a/services/transportbase/test/transbaseunittest/distributed_input_transbase_test.cpp b/services/transportbase/test/transbaseunittest/distributed_input_transbase_test.cpp index 197bd15c0a07cc3b5da7eece284d4f40d0f1cb46..3555ac16f471a11ac3bf90198a6c758845f049e2 100644 --- a/services/transportbase/test/transbaseunittest/distributed_input_transbase_test.cpp +++ b/services/transportbase/test/transbaseunittest/distributed_input_transbase_test.cpp @@ -19,6 +19,7 @@ #include "dinput_errcode.h" #include "dinput_softbus_define.h" +#include "softbus_permission_check.h" using namespace testing::ext; using namespace OHOS::DistributedHardware::DistributedInput; @@ -31,8 +32,45 @@ namespace { const std::string REMOTE_DEV_ID = "f6d4c0864707aefte7a78f09473aa122ff57fc81c00981fcf5be989e7d112591"; const std::string DINPUT_PKG_NAME_TEST = "ohos.dhardware.dinput"; } + +static bool g_checkSrc = true; +static bool g_checkSink = true; +static bool g_setAccess = true; +static bool g_transCaller = true; +static bool g_fillLocal = true; + +bool SoftBusPermissionCheck::CheckSrcPermission(const std::string &sinkNetworkId) +{ + return g_checkSrc; +} + +bool SoftBusPermissionCheck::CheckSinkPermission(const AccountInfo &callerAccountInfo) +{ + return g_checkSink; +} + +bool SoftBusPermissionCheck::SetAccessInfoToSocket(const int32_t sessionId) +{ + return g_setAccess; +} +bool SoftBusPermissionCheck::TransCallerInfo(SocketAccessInfo *callerInfo, + AccountInfo &callerAccountInfo, const std::string &networkId) +{ + return g_transCaller; +} + +bool SoftBusPermissionCheck::FillLocalInfo(SocketAccessInfo *localInfo) +{ + return g_fillLocal; +} + void DistributedInputTransbaseTest::SetUp() { + g_checkSrc = true; + g_checkSink = true; + g_setAccess = true; + g_transCaller = true; + g_fillLocal = true; } void DistributedInputTransbaseTest::TearDown() @@ -74,6 +112,15 @@ HWTEST_F(DistributedInputTransbaseTest, StartSession02, testing::ext::TestSize.L DistributedInputTransportBase::GetInstance().remoteDevSessionMap_[srcId] = sessionId; int32_t ret = DistributedInputTransportBase::GetInstance().StartSession(srcId); EXPECT_EQ(DH_SUCCESS, ret); + + DistributedInputTransportBase::GetInstance().remoteDevSessionMap_.clear(); + g_setAccess = false; + ret = DistributedInputTransportBase::GetInstance().StartSession(srcId); + EXPECT_EQ(ERR_DH_INPUT_SERVER_SOURCE_TRANSPORT_CONTEXT, ret); + + g_checkSrc = false; + ret = DistributedInputTransportBase::GetInstance().StartSession(srcId); + EXPECT_EQ(ERR_DH_INPUT_SERVER_SOURCE_TRANSPORT_PERMISSION_DENIED, ret); } HWTEST_F(DistributedInputTransbaseTest, GetDevIdBySessionId01, testing::ext::TestSize.Level1) @@ -218,6 +265,28 @@ HWTEST_F(DistributedInputTransbaseTest, OnSessionClosed_001, testing::ext::TestS EXPECT_EQ(DH_SUCCESS, ret); } +HWTEST_F(DistributedInputTransbaseTest, OnNegotiate2_001, testing::ext::TestSize.Level1) +{ + PeerSocketInfo info; + EXPECT_TRUE(DistributedInputTransportBase::GetInstance().OnNegotiate2(0, info, nullptr, nullptr)); + + char networkId[10] = "networkId"; + SocketAccessInfo peerInfo; + info.networkId = networkId; + g_transCaller = false; + EXPECT_FALSE(DistributedInputTransportBase::GetInstance().OnNegotiate2(0, info, &peerInfo, nullptr)); + + g_transCaller = true; + g_fillLocal = false; + EXPECT_FALSE(DistributedInputTransportBase::GetInstance().OnNegotiate2(0, info, &peerInfo, nullptr)); + + g_fillLocal = true; + g_checkSink = false; + EXPECT_FALSE(DistributedInputTransportBase::GetInstance().OnNegotiate2(0, info, &peerInfo, nullptr)); + + g_checkSink = true; + EXPECT_TRUE(DistributedInputTransportBase::GetInstance().OnNegotiate2(0, info, &peerInfo, nullptr)); +} } // namespace DistributedInput } // namespace DistributedHardware } // namespace OHOS diff --git a/services/transportbase/test/transbaseunittest/mock_other_method.cpp b/services/transportbase/test/transbaseunittest/mock_other_method.cpp new file mode 100644 index 0000000000000000000000000000000000000000..abf90094f8cae57094376cff1cb1ea0f66147783 --- /dev/null +++ b/services/transportbase/test/transbaseunittest/mock_other_method.cpp @@ -0,0 +1,100 @@ +/* + * Copyright (C) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "os_account_manager.h" + +#include "mock_other_method.h" + +namespace OHOS { +namespace AccountSA { +/** + * Interfaces for ohos account subsystem. + */ +class OhosAccountKitsImpl : public OhosAccountKits { +public: + std::pair QueryOhosAccountInfo() + { + return {}; + } + + ErrCode GetOhosAccountInfo(OhosAccountInfo &accountInfo); + + ErrCode GetOsAccountDistributedInfo(int32_t localId, OhosAccountInfo &accountInfo) + { + return 0; + } + + std::pair QueryOsAccountDistributedInfo(std::int32_t localId) + { + return {}; + } + + ErrCode UpdateOhosAccountInfo(const std::string& accountName, const std::string& uid, + const std::string& eventStr) + { + return 0; + } + + ErrCode SetOhosAccountInfo(const OhosAccountInfo &ohosAccountInfo, + const std::string &eventStr) + { + return 0; + } + + ErrCode SetOsAccountDistributedInfo( + const int32_t localId, const OhosAccountInfo& ohosAccountInfo, const std::string& eventStr) + { + return 0; + } + + ErrCode QueryDeviceAccountId(std::int32_t& accountId) + { + return 0; + } + + std::int32_t GetDeviceAccountIdByUID(std::int32_t& uid) + { + return 0; + } + + ErrCode SubscribeDistributedAccountEvent(const DISTRIBUTED_ACCOUNT_SUBSCRIBE_TYPE type, + const std::shared_ptr &callback) + { + return 0; + } + + ErrCode UnsubscribeDistributedAccountEvent(const DISTRIBUTED_ACCOUNT_SUBSCRIBE_TYPE type, + const std::shared_ptr &callback) + { + return 0; + } +}; + +ErrCode OsAccountManager::QueryActiveOsAccountIds(std::vector& ids) +{ + return OHOS::DistributedHardware::DeviceOtherMethod::otherMethod->QueryActiveOsAccountIds(ids); +} + +ErrCode OhosAccountKitsImpl::GetOhosAccountInfo(AccountSA::OhosAccountInfo &accountInfo) +{ + return OHOS::DistributedHardware::DeviceOtherMethod::otherMethod->GetOhosAccountInfo(accountInfo); +} + +OhosAccountKits &OhosAccountKits::GetInstance() +{ + static OhosAccountKitsImpl test; + return test; +} +} // namespace AccountSA +} // namespace OHOS diff --git a/services/transportbase/test/transbaseunittest/mock_other_method.h b/services/transportbase/test/transbaseunittest/mock_other_method.h new file mode 100644 index 0000000000000000000000000000000000000000..de1682567f30fc659230d632c90f978dfa1a4947 --- /dev/null +++ b/services/transportbase/test/transbaseunittest/mock_other_method.h @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef DISTRIBUTED_INPUT_DEVICE_OTHER_METHOD_MOCK_H +#define DISTRIBUTED_INPUT_DEVICE_OTHER_METHOD_MOCK_H + +#include + +#include + +#include "ohos_account_kits.h" +#include "os_account_manager.h" + +namespace OHOS::DistributedHardware { +class DeviceOtherMethod { +public: + virtual ~DeviceOtherMethod() = default; +public: + virtual int QueryActiveOsAccountIds(std::vector& ids) = 0; + virtual int GetOhosAccountInfo(AccountSA::OhosAccountInfo &accountInfo) = 0; +public: + static inline std::shared_ptr otherMethod = nullptr; +}; + +class DeviceOtherMethodMock : public DeviceOtherMethod { +public: + MOCK_METHOD1(QueryActiveOsAccountIds, int(std::vector& ids)); + MOCK_METHOD1(GetOhosAccountInfo, int(AccountSA::OhosAccountInfo &accountInfo)); +}; +} +#endif \ No newline at end of file diff --git a/services/transportbase/test/transbaseunittest/socket_mock.cpp b/services/transportbase/test/transbaseunittest/socket_mock.cpp new file mode 100644 index 0000000000000000000000000000000000000000..c0e7a96e6441f87a42a02047191506a42734acee --- /dev/null +++ b/services/transportbase/test/transbaseunittest/socket_mock.cpp @@ -0,0 +1,48 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "socket_mock.h" + +#include "inner_socket.h" + +int32_t Socket(SocketInfo info) +{ + return OHOS::DistributedHardware::DSocket::dSocket->Socket(info); +} + +int32_t Listen(int32_t socket, const QosTV qos[], uint32_t qosCount, const ISocketListener *listener) +{ + return OHOS::DistributedHardware::DSocket::dSocket->Listen(socket, qos, qosCount, listener); +} + +int32_t Bind(int32_t socket, const QosTV qos[], uint32_t qosCount, const ISocketListener *listener) +{ + return OHOS::DistributedHardware::DSocket::dSocket->Bind(socket, qos, qosCount, listener); +} + +void Shutdown(int32_t socket) +{ + (void)socket; +} + +int SendFile(int32_t socket, const char *sFileList[], const char *dFileList[], uint32_t fileCnt) +{ + return OHOS::DistributedHardware::DSocket::dSocket->SendFile(socket, sFileList, dFileList, fileCnt); +} + +int32_t SetAccessInfo(int32_t socket, SocketAccessInfo accessInfo) +{ + return OHOS::DistributedHardware::DSocket::dSocket->SetAccessInfo(socket, accessInfo); +} \ No newline at end of file diff --git a/services/transportbase/test/transbaseunittest/socket_mock.h b/services/transportbase/test/transbaseunittest/socket_mock.h new file mode 100644 index 0000000000000000000000000000000000000000..d7f782e01236667024539b6a526f2a447c758ef9 --- /dev/null +++ b/services/transportbase/test/transbaseunittest/socket_mock.h @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef DISTRIBUTED_INPUT_SOCKET_MOCK_H +#define DISTRIBUTED_INPUT_SOCKET_MOCK_H + +#include +#include + +#include "socket.h" + +namespace OHOS::DistributedHardware { +class DSocket { +public: + virtual ~DSocket() = default; +public: + virtual int32_t Socket(SocketInfo info) = 0; + virtual int32_t Listen(int32_t, const QosTV qos[], uint32_t, const ISocketListener *) = 0; + virtual int32_t Bind(int32_t, const QosTV qos[], uint32_t, const ISocketListener *) = 0; + virtual int SendFile(int32_t, const char *sFileList[], const char *dFileList[], uint32_t) = 0; + virtual int32_t Bind(int32_t socket, const ISocketListener *listener) = 0; + virtual int32_t SetAccessInfo(int32_t socket, SocketAccessInfo accessInfo) = 0; +public: + static inline std::shared_ptr dSocket = nullptr; +}; + +class SocketMock : public DSocket { +public: + MOCK_METHOD1(Socket, int32_t(SocketInfo info)); + MOCK_METHOD4(Listen, int32_t(int32_t, const QosTV qos[], uint32_t, const ISocketListener *)); + MOCK_METHOD4(Bind, int32_t(int32_t, const QosTV qos[], uint32_t, const ISocketListener *)); + MOCK_METHOD4(SendFile, int(int32_t, const char *sFileList[], const char *dFileList[], uint32_t)); + MOCK_METHOD2(Bind, int32_t(int32_t socket, const ISocketListener *listener)); + MOCK_METHOD2(SetAccessInfo, int32_t(int32_t socket, SocketAccessInfo accessInfo)); +}; +} +#endif \ No newline at end of file diff --git a/services/transportbase/test/transbaseunittest/softbus_permission_check_test.cpp b/services/transportbase/test/transbaseunittest/softbus_permission_check_test.cpp new file mode 100644 index 0000000000000000000000000000000000000000..1c8beb20cf0435a8522e6eb800e7594ca32b28e2 --- /dev/null +++ b/services/transportbase/test/transbaseunittest/softbus_permission_check_test.cpp @@ -0,0 +1,421 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "gtest/gtest.h" +#include +#include + +#include "device_manager_impl_mock.h" +#include "dinput_errcode.h" +#include "dinput_log.h" +#include "dinput_utils_tool.h" +#include "mock_other_method.h" +#include "socket_mock.h" +#include "softbus_permission_check.h" + +namespace OHOS { +namespace DistributedHardware { +namespace DistributedInput { +using namespace testing; +using namespace testing::ext; +using namespace std; + +class SoftbusPermissionCheckTest : public testing::Test { +public: + static void SetUpTestCase(void); + static void TearDownTestCase(void); + void SetUp() {}; + void TearDown() {}; +public: + static inline shared_ptr otherMethodMock_ = nullptr; + static inline shared_ptr socketMock_ = nullptr; + static inline shared_ptr deviceManagerMock_ = nullptr; +}; + +void SoftbusPermissionCheckTest::SetUpTestCase(void) +{ + GTEST_LOG_(INFO) << "SetUpTestCase"; + otherMethodMock_ = make_shared(); + DeviceOtherMethodMock::otherMethod = otherMethodMock_; + deviceManagerMock_ = make_shared(); + DeviceManagerMock::deviceManager = deviceManagerMock_; + socketMock_ = make_shared(); + SocketMock::dSocket = socketMock_; +} + +void SoftbusPermissionCheckTest::TearDownTestCase(void) +{ + GTEST_LOG_(INFO) << "TearDownTestCase"; + SocketMock::dSocket = nullptr; + socketMock_ = nullptr; + DeviceManagerMock::deviceManager = nullptr; + deviceManagerMock_ = nullptr; + DeviceOtherMethodMock::otherMethod = nullptr; + otherMethodMock_ = nullptr; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_GetLocalNetworkId_001 + * @tc.desc: Verify the GetLocalNetworkId function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_GetLocalNetworkId_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_GetLocalNetworkId_001 start"; + std::string networkId; + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(0)); + EXPECT_TRUE(SoftBusPermissionCheck::GetLocalNetworkId(networkId)); + + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(INVALID_USER_ID)); + EXPECT_FALSE(SoftBusPermissionCheck::GetLocalNetworkId(networkId)); + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_GetLocalNetworkId_001 end"; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_GetCurrentUserId_001 + * @tc.desc: Verify the GetCurrentUserId function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_GetCurrentUserId_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_GetCurrentUserId_001 start"; + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)).WillOnce(Return(INVALID_USER_ID)); + auto userId = SoftBusPermissionCheck::GetCurrentUserId(); + EXPECT_EQ(userId, INVALID_USER_ID); + + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)).WillOnce(Return(DH_SUCCESS)); + userId = SoftBusPermissionCheck::GetCurrentUserId(); + EXPECT_EQ(userId, INVALID_USER_ID); + + std::vector userIds{100, 101}; + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + userId = SoftBusPermissionCheck::GetCurrentUserId(); + EXPECT_EQ(userId, userIds[0]); + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_GetCurrentUserId_001 end"; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_FillLocalInfo_001 + * @tc.desc: Verify the FillLocalInfo function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_FillLocalInfo_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_FillLocalInfo_001 start"; + SocketAccessInfo *localInfoPtr = nullptr; + EXPECT_FALSE(SoftBusPermissionCheck::FillLocalInfo(localInfoPtr)); + + SocketAccessInfo localInfo; + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)).WillOnce(Return(INVALID_USER_ID)); + EXPECT_FALSE(SoftBusPermissionCheck::FillLocalInfo(&localInfo)); + + std::vector userIds{100, 101}; + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + EXPECT_TRUE(SoftBusPermissionCheck::FillLocalInfo(&localInfo)); + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_FillLocalInfo_001 end"; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_TransCallerInfo_001 + * @tc.desc: Verify the TransCallerInfo function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_TransCallerInfo_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_TransCallerInfo_001 start"; + SocketAccessInfo *localInfoPtr = nullptr; + AccountInfo callerAccountInfo; + std::string networkId; + EXPECT_TRUE(SoftBusPermissionCheck::TransCallerInfo(localInfoPtr, callerAccountInfo, networkId)); + + SocketAccessInfo localInfo; + localInfo.extraAccessInfo = nullptr; + EXPECT_TRUE(SoftBusPermissionCheck::TransCallerInfo(&localInfo, callerAccountInfo, networkId)); + + localInfo.extraAccessInfo = const_cast("test"); + EXPECT_FALSE(SoftBusPermissionCheck::TransCallerInfo(&localInfo, callerAccountInfo, networkId)); + + localInfo.extraAccessInfo = const_cast("{\"accountId\":1}"); + EXPECT_FALSE(SoftBusPermissionCheck::TransCallerInfo(&localInfo, callerAccountInfo, networkId)); + + localInfo.extraAccessInfo = const_cast("{\"accountId\":\"test\"}"); + EXPECT_TRUE(SoftBusPermissionCheck::TransCallerInfo(&localInfo, callerAccountInfo, networkId)); + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_TransCallerInfo_001 end"; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_GetLocalAccountInfo_001 + * @tc.desc: Verify the GetLocalAccountInfo function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_GetLocalAccountInfo_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_GetLocalAccountInfo_001 start"; + AccountInfo localAccountInfo; + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)).WillOnce(Return(INVALID_USER_ID)); + EXPECT_FALSE(SoftBusPermissionCheck::GetLocalAccountInfo(localAccountInfo)); + + std::vector userIds{100, 101}; +#ifdef SUPPORT_SAME_ACCOUNT + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + AccountSA::OhosAccountInfo osAccountInfo; + EXPECT_CALL(*otherMethodMock_, GetOhosAccountInfo(_)) + .WillOnce(DoAll(SetArgReferee<0>(osAccountInfo), Return(INVALID_USER_ID))); + EXPECT_FALSE(SoftBusPermissionCheck::GetLocalAccountInfo(localAccountInfo)); + + osAccountInfo.uid_ = ""; // accountinfo uid = "" + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + EXPECT_CALL(*otherMethodMock_, GetOhosAccountInfo(_)) + .WillOnce(DoAll(SetArgReferee<0>(osAccountInfo), Return(DH_SUCCESS))); + EXPECT_FALSE(SoftBusPermissionCheck::GetLocalAccountInfo(localAccountInfo)); +#endif + + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); +#ifdef SUPPORT_SAME_ACCOUNT + osAccountInfo.uid_ = "test"; + EXPECT_CALL(*otherMethodMock_, GetOhosAccountInfo(_)) + .WillOnce(DoAll(SetArgReferee<0>(osAccountInfo), Return(DH_SUCCESS))); +#endif + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(INVALID_USER_ID)); + EXPECT_FALSE(SoftBusPermissionCheck::GetLocalAccountInfo(localAccountInfo)); + + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); +#ifdef SUPPORT_SAME_ACCOUNT + EXPECT_CALL(*otherMethodMock_, GetOhosAccountInfo(_)) + .WillOnce(DoAll(SetArgReferee<0>(osAccountInfo), Return(DH_SUCCESS))); +#endif + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(0)); + EXPECT_TRUE(SoftBusPermissionCheck::GetLocalAccountInfo(localAccountInfo)); + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_GetLocalAccountInfo_001 end"; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_SetAccessInfoToSocket_001 + * @tc.desc: Verify the SetAccessInfoToSocket function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_SetAccessInfoToSocket_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_SetAccessInfoToSocket_001 start"; + int32_t socketId = 0; +#ifdef SUPPORT_SAME_ACCOUNT + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)).WillOnce(Return(INVALID_USER_ID)); + EXPECT_FALSE(SoftBusPermissionCheck::SetAccessInfoToSocket(socketId)); + + std::vector userIds{100, 101}; + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + AccountSA::OhosAccountInfo osAccountInfo; + osAccountInfo.uid_ = "test"; + EXPECT_CALL(*otherMethodMock_, GetOhosAccountInfo(_)) + .WillOnce(DoAll(SetArgReferee<0>(osAccountInfo), Return(DH_SUCCESS))); + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(0)); + EXPECT_CALL(*socketMock_, SetAccessInfo(_, _)).WillOnce(Return(INVALID_USER_ID)); + EXPECT_FALSE(SoftBusPermissionCheck::SetAccessInfoToSocket(socketId)); + + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + EXPECT_CALL(*otherMethodMock_, GetOhosAccountInfo(_)) + .WillOnce(DoAll(SetArgReferee<0>(osAccountInfo), Return(DH_SUCCESS))); + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(0)); + EXPECT_CALL(*socketMock_, SetAccessInfo(_, _)).WillOnce(Return(DH_SUCCESS)); + EXPECT_TRUE(SoftBusPermissionCheck::SetAccessInfoToSocket(socketId)); +#else + EXPECT_TRUE(SoftBusPermissionCheck::SetAccessInfoToSocket(socketId)); +#endif + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_SetAccessInfoToSocket_001 end"; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_CheckSrcIsSameAccount_001 + * @tc.desc: Verify the CheckSrcIsSameAccount function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_CheckSrcIsSameAccount_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSrcIsSameAccount_001 start"; + std::string networkId; + AccountInfo callerAccountInfo; +#ifdef SUPPORT_SAME_ACCOUNT + EXPECT_CALL(*deviceManagerMock_, CheckSrcIsSameAccount(_, _)).WillOnce(Return(true)); + EXPECT_TRUE(SoftBusPermissionCheck::CheckSrcIsSameAccount(networkId, callerAccountInfo)); + + EXPECT_CALL(*deviceManagerMock_, CheckSrcIsSameAccount(_, _)).WillOnce(Return(false)); + EXPECT_FALSE(SoftBusPermissionCheck::CheckSrcIsSameAccount(networkId, callerAccountInfo)); +#else + EXPECT_TRUE(SoftBusPermissionCheck::CheckSrcIsSameAccount(networkId, callerAccountInfo)); + +#endif + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSrcIsSameAccount_001 end"; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_CheckSinkIsSameAccount_001 + * @tc.desc: Verify the CheckSinkIsSameAccount function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_CheckSinkIsSameAccount_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSinkIsSameAccount_001 start"; + const AccountInfo callerAccountInfo; + const AccountInfo calleeAccountInfo; +#ifdef SUPPORT_SAME_ACCOUNT + EXPECT_CALL(*deviceManagerMock_, CheckSinkIsSameAccount(_, _)).WillOnce(Return(true)); + EXPECT_TRUE(SoftBusPermissionCheck::CheckSinkIsSameAccount(callerAccountInfo, calleeAccountInfo)); + + EXPECT_CALL(*deviceManagerMock_, CheckSinkIsSameAccount(_, _)).WillOnce(Return(false)); + EXPECT_FALSE(SoftBusPermissionCheck::CheckSinkIsSameAccount(callerAccountInfo, calleeAccountInfo)); +#else + EXPECT_TRUE(SoftBusPermissionCheck::CheckSinkIsSameAccount(callerAccountInfo, calleeAccountInfo)); +#endif + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSinkIsSameAccount_001 end"; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_CheckSrcAccessControl_001 + * @tc.desc: Verify the CheckSrcAccessControl function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_CheckSrcAccessControl_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSrcAccessControl_001 start"; + std::string networkId; + AccountInfo localAccountInfo; + EXPECT_CALL(*deviceManagerMock_, CheckSrcAccessControl(_, _)).WillOnce(Return(true)); + EXPECT_TRUE(SoftBusPermissionCheck::CheckSrcAccessControl(networkId, localAccountInfo)); + + EXPECT_CALL(*deviceManagerMock_, CheckSrcAccessControl(_, _)).WillOnce(Return(false)); + EXPECT_FALSE(SoftBusPermissionCheck::CheckSrcAccessControl(networkId, localAccountInfo)); + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSrcAccessControl_001 end"; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_CheckSinkAccessControl_001 + * @tc.desc: Verify the CheckSinkAccessControl function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_CheckSinkAccessControl_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSinkAccessControl_001 start"; + const AccountInfo callerAccountInfo; + const AccountInfo calleeAccountInfo; + EXPECT_CALL(*deviceManagerMock_, CheckSinkAccessControl(_, _)).WillOnce(Return(true)); + EXPECT_TRUE(SoftBusPermissionCheck::CheckSinkAccessControl(callerAccountInfo, calleeAccountInfo)); + + EXPECT_CALL(*deviceManagerMock_, CheckSinkAccessControl(_, _)).WillOnce(Return(false)); + EXPECT_FALSE(SoftBusPermissionCheck::CheckSinkAccessControl(callerAccountInfo, calleeAccountInfo)); + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSinkAccessControl_001 end"; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_CheckSrcPermission_001 + * @tc.desc: Verify the CheckSrcPermission function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_CheckSrcPermission_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSrcPermission_001 start"; + std::string networkId; // GetLocalAccount failed + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)).WillOnce(Return(INVALID_USER_ID)); + EXPECT_FALSE(SoftBusPermissionCheck::CheckSrcPermission(networkId)); + + std::vector userIds{100, 101}; +#ifdef SUPPORT_SAME_ACCOUNT + AccountSA::OhosAccountInfo osAccountInfo; + osAccountInfo.uid_ = "test"; + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + EXPECT_CALL(*otherMethodMock_, GetOhosAccountInfo(_)) + .WillOnce(DoAll(SetArgReferee<0>(osAccountInfo), Return(DH_SUCCESS))); + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(0)); + EXPECT_CALL(*deviceManagerMock_, CheckSrcIsSameAccount(_, _)).WillOnce(Return(true)); + EXPECT_TRUE(SoftBusPermissionCheck::CheckSrcPermission(networkId)); + + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + EXPECT_CALL(*otherMethodMock_, GetOhosAccountInfo(_)) + .WillOnce(DoAll(SetArgReferee<0>(osAccountInfo), Return(DH_SUCCESS))); + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(0)); + EXPECT_CALL(*deviceManagerMock_, CheckSrcIsSameAccount(_, _)).WillOnce(Return(false)); + EXPECT_FALSE(SoftBusPermissionCheck::CheckSrcPermission(networkId)); +#else + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(0)); + EXPECT_TRUE(SoftBusPermissionCheck::CheckSrcPermission(networkId)); +#endif + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSrcPermission_001 end"; +} + +/** + * @tc.name: SoftbusPermissionCheckTest_CheckSinkPermission_001 + * @tc.desc: Verify the CheckSinkPermission function. + * @tc.type: FUNC + * @tc.require: ICCZFE + */ +HWTEST_F(SoftbusPermissionCheckTest, SoftbusPermissionCheckTest_CheckSinkPermission_001, TestSize.Level1) +{ + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSinkPermission_001 start"; + AccountInfo callerAccountInfo; + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)).WillOnce(Return(INVALID_USER_ID)); + EXPECT_FALSE(SoftBusPermissionCheck::CheckSinkPermission(callerAccountInfo)); + + std::vector userIds{100, 101}; +#ifdef SUPPORT_SAME_ACCOUNT + AccountSA::OhosAccountInfo osAccountInfo; + osAccountInfo.uid_ = "test"; + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + EXPECT_CALL(*otherMethodMock_, GetOhosAccountInfo(_)) + .WillOnce(DoAll(SetArgReferee<0>(osAccountInfo), Return(DH_SUCCESS))); + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(0)); + EXPECT_CALL(*deviceManagerMock_, CheckSinkIsSameAccount(_, _)).WillOnce(Return(true)); + EXPECT_TRUE(SoftBusPermissionCheck::CheckSinkPermission(callerAccountInfo)); + + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + EXPECT_CALL(*otherMethodMock_, GetOhosAccountInfo(_)) + .WillOnce(DoAll(SetArgReferee<0>(osAccountInfo), Return(DH_SUCCESS))); + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(0)); + EXPECT_CALL(*deviceManagerMock_, CheckSinkIsSameAccount(_, _)).WillOnce(Return(false)); + EXPECT_FALSE(SoftBusPermissionCheck::CheckSinkPermission(callerAccountInfo)); +#else + EXPECT_CALL(*otherMethodMock_, QueryActiveOsAccountIds(_)) + .WillOnce(DoAll(SetArgReferee<0>(userIds), Return(DH_SUCCESS))); + EXPECT_CALL(*deviceManagerMock_, GetLocalDeviceInfo(_, _)).WillOnce(Return(0)); + EXPECT_TRUE(SoftBusPermissionCheck::CheckSinkPermission(callerAccountInfo)); +#endif + GTEST_LOG_(INFO) << "SoftbusPermissionCheckTest_CheckSinkPermission_001 end"; +} +} // namespace DistributedInput +} // namespace DistributedHardware +} // namespace OHOS diff --git a/test/fuzztest/distributedinputtransportbase_fuzzer/BUILD.gn b/test/fuzztest/distributedinputtransportbase_fuzzer/BUILD.gn index cfc426ca1097d8508404c8844dd1f5e3bfcbcb6e..f12ceec15fb0b3fc6cf1efba2e09571bffea604f 100644 --- a/test/fuzztest/distributedinputtransportbase_fuzzer/BUILD.gn +++ b/test/fuzztest/distributedinputtransportbase_fuzzer/BUILD.gn @@ -45,6 +45,7 @@ ohos_fuzztest("DistributedInputTransportBaseFuzzTest") { sources = [ "${distributedinput_path}/services/transportbase/src/distributed_input_transport_base.cpp", + "${distributedinput_path}/services/transportbase/src/softbus_permission_check.cpp", "distributed_input_transport_base_fuzzer.cpp", ] @@ -57,6 +58,7 @@ ohos_fuzztest("DistributedInputTransportBaseFuzzTest") { external_deps = [ "c_utils:utils", + "device_manager:devicemanagersdk", "distributed_hardware_fwk:distributed_av_sender", "distributed_hardware_fwk:distributedhardwareutils", "distributed_hardware_fwk:libdhfwk_sdk", @@ -67,6 +69,8 @@ ohos_fuzztest("DistributedInputTransportBaseFuzzTest") { "ipc:ipc_core", "json:nlohmann_json_static", "libevdev:libevdev", + "os_account:libaccountkits", + "os_account:os_account_innerkits", "safwk:system_ability_fwk", "samgr:samgr_proxy", ]