From 4b072aa71586f7dc9f0cb868bfa205b20c0d123e Mon Sep 17 00:00:00 2001 From: sunxuhui Date: Mon, 13 Jan 2025 11:28:41 +0800 Subject: [PATCH] =?UTF-8?q?=E4=B8=80=E9=94=AE=E5=BC=80=E5=85=B3=E6=8E=A7?= =?UTF-8?q?=E5=88=B6=E6=9D=83=E9=99=90=E4=BD=BF=E7=94=A8=E8=AE=B0=E5=BD=95?= =?UTF-8?q?tdd=E7=94=A8=E4=BE=8B=E8=A1=A5=E5=85=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: sunxuhui --- .../innerkits/privacy/include/privacy_error.h | 1 + .../innerkits/privacy/src/privacy_kit.cpp | 10 +- .../test/unittest/src/privacy_kit_test.cpp | 128 ++++++++++++++++-- .../src/record/permission_record_manager.cpp | 2 +- .../gettokenidbyuserid_fuzzer/BUILD.gn | 2 +- .../gettokenidbyuserid_fuzzer/corpus/init | 2 +- .../gettokenidbyuserid_fuzzer.cpp | 2 +- .../gettokenidbyuserid_fuzzer.h | 2 +- .../gettokenidbyuserid_fuzzer/project.xml | 2 +- .../BUILD.gn | 2 +- .../corpus/init | 2 +- ...ermissionusedrecordtogglestatus_fuzzer.cpp | 2 +- ...tpermissionusedrecordtogglestatus_fuzzer.h | 2 +- .../project.xml | 2 +- .../BUILD.gn | 2 +- .../corpus/init | 2 +- .../project.xml | 2 +- ...ermissionusedrecordtogglestatus_fuzzer.cpp | 2 +- ...tpermissionusedrecordtogglestatus_fuzzer.h | 2 +- .../gettokenidbyuseridstub_fuzzer/BUILD.gn | 2 +- .../gettokenidbyuseridstub_fuzzer/corpus/init | 2 +- .../gettokenidbyuseridstub_fuzzer.cpp | 2 +- .../gettokenidbyuseridstub_fuzzer.h | 2 +- .../gettokenidbyuseridstub_fuzzer/project.xml | 2 +- .../BUILD.gn | 2 +- .../corpus/init | 2 +- ...ssionusedrecordtogglestatusstub_fuzzer.cpp | 2 +- ...missionusedrecordtogglestatusstub_fuzzer.h | 2 +- .../project.xml | 2 +- .../BUILD.gn | 2 +- .../corpus/init | 2 +- .../project.xml | 2 +- ...ssionusedrecordtogglestatusstub_fuzzer.cpp | 2 +- ...missionusedrecordtogglestatusstub_fuzzer.h | 2 +- 34 files changed, 160 insertions(+), 41 deletions(-) diff --git a/interfaces/innerkits/privacy/include/privacy_error.h b/interfaces/innerkits/privacy/include/privacy_error.h index e750da019..85e8f35f8 100644 --- a/interfaces/innerkits/privacy/include/privacy_error.h +++ b/interfaces/innerkits/privacy/include/privacy_error.h @@ -65,6 +65,7 @@ enum PrivacyError { ERR_REMOTE_CONNECTION, ERR_ADD_DEATH_RECIPIENT_FAILED, ERR_FIRST_CALLER_NOT_EDM, + ERR_TOGGLE_IS_FALSE, }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/privacy/src/privacy_kit.cpp b/interfaces/innerkits/privacy/src/privacy_kit.cpp index e4bdf39cb..687e42dd8 100644 --- a/interfaces/innerkits/privacy/src/privacy_kit.cpp +++ b/interfaces/innerkits/privacy/src/privacy_kit.cpp @@ -91,8 +91,16 @@ int32_t PrivacyKit::AddPermissionUsedRecord(const AddPermParamInfo& info, bool a } if (!FindAndInsertRecord(info)) { - return PrivacyManagerClient::GetInstance().AddPermissionUsedRecord(info, asyncMode); + int32_t ret = PrivacyManagerClient::GetInstance().AddPermissionUsedRecord(info, asyncMode); + if (ret == PrivacyError::ERR_TOGGLE_IS_FALSE) { + std::lock_guard lock(g_lockCache); + std::string recordStr = GetRecordUniqueStr(info); + g_recordMap.erase(recordStr); + return RET_SUCCESS; + } + return ret; } + return RET_SUCCESS; } diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index da8f1e9fa..dc422a297 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -63,7 +63,7 @@ static constexpr int32_t RESULT_NUM_THREE = 3; const static uint32_t MAX_PERMISSION_USED_TYPE_SIZE = 2000; const static int32_t NOT_EXSIT_PID = 99999999; const static int32_t INVALID_USER_ID = -1; -const static int32_t USER_ID_1 = 1; +const static int32_t USER_ID_2 = 2; static PermissionStateFull g_infoManagerTestStateA = { .permissionName = "ohos.permission.CAMERA", @@ -162,6 +162,17 @@ static HapInfoParams g_infoParmsF = { .appIDDesc = "privacy_test.bundleF" }; +static HapPolicyParams g_policyPramsG = { + .apl = APL_NORMAL, + .domain = "test.domain.G", +}; +static HapInfoParams g_infoParmsG = { + .userID = 2, + .bundleName = "ohos.privacy_test.bundleG", + .instIndex = 0, + .appIDDesc = "privacy_test.bundleG" +}; + static UsedRecordDetail g_usedRecordDetail = { .status = 2, .timestamp = 2L, @@ -205,6 +216,7 @@ static AccessTokenID g_tokenIdB = 0; static AccessTokenIDEx g_tokenIdC = {0}; static AccessTokenID g_tokenIdE = 0; static AccessTokenID g_tokenIdF = 0; +static AccessTokenID g_tokenIdG = 0; static void DeleteTestToken() { @@ -238,6 +250,12 @@ static void DeleteTestToken() AccessTokenKit::DeleteToken(tokenId); PrivacyKit::RemovePermissionUsedRecords(tokenId); + tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsG.userID, + g_infoParmsG.bundleName, + g_infoParmsG.instIndex); + AccessTokenKit::DeleteToken(tokenId); + PrivacyKit::RemovePermissionUsedRecords(tokenId); + tokenId = AccessTokenKit::GetHapTokenID(g_normalInfoParms.userID, g_normalInfoParms.bundleName, g_normalInfoParms.instIndex); @@ -280,12 +298,14 @@ void PrivacyKitTest::SetUp() AccessTokenKit::AllocHapToken(g_infoParmsC, g_policyPramsC); AccessTokenKit::AllocHapToken(g_infoParmsE, g_policyPramsE); AccessTokenKit::AllocHapToken(g_infoParmsF, g_policyPramsF); + AccessTokenKit::AllocHapToken(g_infoParmsG, g_policyPramsG); g_tokenIdA = AccessTokenKit::GetHapTokenID(g_infoParmsA.userID, g_infoParmsA.bundleName, g_infoParmsA.instIndex); g_tokenIdB = AccessTokenKit::GetHapTokenID(g_infoParmsB.userID, g_infoParmsB.bundleName, g_infoParmsB.instIndex); g_tokenIdC = AccessTokenKit::GetHapTokenIDEx(g_infoParmsC.userID, g_infoParmsC.bundleName, g_infoParmsC.instIndex); g_tokenIdE = AccessTokenKit::GetHapTokenID(g_infoParmsE.userID, g_infoParmsE.bundleName, g_infoParmsE.instIndex); g_tokenIdF = AccessTokenKit::GetHapTokenID(g_infoParmsF.userID, g_infoParmsF.bundleName, g_infoParmsF.instIndex); + g_tokenIdG = AccessTokenKit::GetHapTokenID(g_infoParmsG.userID, g_infoParmsG.bundleName, g_infoParmsG.instIndex); } void PrivacyKitTest::TearDown() @@ -2645,7 +2665,7 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder03, TestSize.Level1) /** * @tc.name: SetPermissionUsedRecordToggleStatus001 - * @tc.desc: Test SetPermissionUsedRecordToggleStatus and GetPermissionUsedRecordToggleStatus function. + * @tc.desc: SetPermissionUsedRecordToggleStatus and GetPermissionUsedRecordToggleStatus with invalid userID. * @tc.type: FUNC * @tc.require: */ @@ -2656,21 +2676,111 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1 int32_t resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(INVALID_USER_ID, status); EXPECT_EQ(resSet, PrivacyError::ERR_PARAM_INVALID); EXPECT_EQ(resGet, PrivacyError::ERR_PARAM_INVALID); +} - resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_1, status); +/** + * @tc.name: SetPermissionUsedRecordToggleStatus002 + * @tc.desc: SetPermissionUsedRecordToggleStatus with true status and false status. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level1) +{ + int32_t permRecordSize = 0; + bool status = true; + + int32_t resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status); EXPECT_EQ(resGet, 0); EXPECT_TRUE(status); - resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_1, false); - resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_1, status); + + AddPermParamInfo info; + info.tokenId = g_tokenIdG; + info.permissionName = "ohos.permission.READ_CONTACTS"; + info.successCount = 1; + info.failCount = 0; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); + permRecordSize++; + + info.permissionName = "ohos.permission.WRITE_CONTACTS"; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); + permRecordSize++; + + PermissionUsedRequest request; + PermissionUsedResult result; + std::vector permissionList; + BuildQueryRequest(g_tokenIdG, g_infoParmsG.bundleName, permissionList, request); + + request.flag = FLAG_PERMISSION_USAGE_DETAIL; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + ASSERT_EQ(1, static_cast(result.bundleRecords.size())); + ASSERT_EQ(permRecordSize, static_cast(result.bundleRecords[0].permissionRecords.size())); + + int32_t resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, false); + EXPECT_EQ(resSet, 0); + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + ASSERT_EQ(0, static_cast(result.bundleRecords.size())); + + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); + info.permissionName = "ohos.permission.READ_CONTACTS"; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); + + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + ASSERT_EQ(0, static_cast(result.bundleRecords.size())); + + resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true); EXPECT_EQ(resSet, 0); +} + +/** + * @tc.name: SetPermissionUsedRecordToggleStatus003 + * @tc.desc: SetPermissionUsedRecordToggleStatus with false status and true status. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus003, TestSize.Level1) +{ + int32_t permRecordSize = 0; + bool status = true; + + int32_t resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, false); + int32_t resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status); + EXPECT_EQ(resSet, 0); + EXPECT_EQ(resGet, 0); EXPECT_FALSE(status); - resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_1, true); - resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_1, status); + AddPermParamInfo info; + info.tokenId = g_tokenIdG; + info.permissionName = "ohos.permission.READ_CONTACTS"; + info.successCount = 1; + info.failCount = 0; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); + + info.permissionName = "ohos.permission.WRITE_CONTACTS"; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); + + PermissionUsedRequest request; + PermissionUsedResult result; + std::vector permissionList; + BuildQueryRequest(g_tokenIdG, g_infoParmsG.bundleName, permissionList, request); + request.flag = FLAG_PERMISSION_USAGE_DETAIL; + + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + ASSERT_EQ(0, static_cast(result.bundleRecords.size())); + + resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true); + resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status); EXPECT_EQ(resSet, 0); EXPECT_EQ(resGet, 0); EXPECT_TRUE(status); - resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_1, true); - EXPECT_EQ(resSet, 0); + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); + permRecordSize++; + + info.permissionName = "ohos.permission.READ_CONTACTS"; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); + permRecordSize++; + + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + ASSERT_EQ(1, static_cast(result.bundleRecords.size())); + ASSERT_EQ(permRecordSize, static_cast(result.bundleRecords[0].permissionRecords.size())); } diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index bd95284b4..aa70adad6 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -430,7 +430,7 @@ int32_t PermissionRecordManager::AddPermissionUsedRecord(const AddPermParamInfo& if (!CheckPermissionUsedRecordToggleStatus(tokenInfo.userID)) { ACCESSTOKEN_LOG_INFO(LABEL, "The permission used record toggle status is false."); - return Constant::SUCCESS; + return PrivacyError::ERR_TOGGLE_IS_FALSE; } ExecuteDeletePermissionRecordTask(); diff --git a/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/BUILD.gn index 1a41731b9..23e3bcb9c 100644 --- a/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/corpus/init index 61a7da989..2aea1356e 100644 --- a/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/corpus/init +++ b/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/corpus/init @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/gettokenidbyuserid_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/gettokenidbyuserid_fuzzer.cpp index 1c3e7b90b..81386931b 100644 --- a/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/gettokenidbyuserid_fuzzer.cpp +++ b/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/gettokenidbyuserid_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at diff --git a/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/gettokenidbyuserid_fuzzer.h b/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/gettokenidbyuserid_fuzzer.h index c977ca1ff..b652ef25a 100644 --- a/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/gettokenidbyuserid_fuzzer.h +++ b/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/gettokenidbyuserid_fuzzer.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at diff --git a/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/project.xml index 7133b2b92..66e1dcac4 100644 --- a/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/project.xml +++ b/test/fuzztest/innerkits/accesstoken/gettokenidbyuserid_fuzzer/project.xml @@ -1,5 +1,5 @@ -