From 267554efb3458598204661d70e71859886be0edd Mon Sep 17 00:00:00 2001 From: Atsws Date: Mon, 10 Feb 2025 17:35:13 +0800 Subject: [PATCH] test Signed-off-by: Atsws --- .../accesstoken/src/hap_info_parcel.cpp | 8 --- .../accesstoken/include/hap_token_info.h | 2 - .../HapTokenTest/init_hap_token_test.cpp | 72 ------------------- .../include/token/accesstoken_info_manager.h | 1 - .../src/token/accesstoken_info_manager.cpp | 49 +++++-------- 5 files changed, 16 insertions(+), 116 deletions(-) diff --git a/frameworks/accesstoken/src/hap_info_parcel.cpp b/frameworks/accesstoken/src/hap_info_parcel.cpp index bac45bdb6..9a46ce07e 100644 --- a/frameworks/accesstoken/src/hap_info_parcel.cpp +++ b/frameworks/accesstoken/src/hap_info_parcel.cpp @@ -29,10 +29,6 @@ bool HapInfoParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteInt32(this->hapInfoParameter.apiVersion)); RETURN_IF_FALSE(out.WriteBool(this->hapInfoParameter.isSystemApp)); RETURN_IF_FALSE(out.WriteString(this->hapInfoParameter.appDistributionType)); - RETURN_IF_FALSE(out.WriteBool(this->hapInfoParameter.isRestore)); - if (this->hapInfoParameter.isRestore) { - RETURN_IF_FALSE(out.WriteUint32(this->hapInfoParameter.tokenID)); - } return true; } @@ -50,10 +46,6 @@ HapInfoParcel* HapInfoParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(in.ReadInt32(hapInfoParcel->hapInfoParameter.apiVersion), hapInfoParcel); RELEASE_IF_FALSE(in.ReadBool(hapInfoParcel->hapInfoParameter.isSystemApp), hapInfoParcel); RELEASE_IF_FALSE(in.ReadString(hapInfoParcel->hapInfoParameter.appDistributionType), hapInfoParcel); - RELEASE_IF_FALSE(in.ReadBool(hapInfoParcel->hapInfoParameter.isRestore), hapInfoParcel); - if (hapInfoParcel->hapInfoParameter.isRestore) { - RELEASE_IF_FALSE(in.ReadUint32(hapInfoParcel->hapInfoParameter.tokenID), hapInfoParcel); - } return hapInfoParcel; } } // namespace AccessToken diff --git a/interfaces/innerkits/accesstoken/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h index b8b79d432..61739328a 100644 --- a/interfaces/innerkits/accesstoken/include/hap_token_info.h +++ b/interfaces/innerkits/accesstoken/include/hap_token_info.h @@ -71,8 +71,6 @@ public: bool isSystemApp; /* app type */ std::string appDistributionType; - bool isRestore = false; - AccessTokenID tokenID = INVALID_TOKENID; }; /** diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp index 2a1e8be05..3e412d1fa 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp @@ -904,78 +904,6 @@ HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest005, TestSize.Level1) ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.AGENT_REQUIRE_FORM"); EXPECT_EQ(PERMISSION_DENIED, ret); } - -/** - * @tc.name: InitHapTokenAbnormalTest006 - * @tc.desc: InitHapToken isRestore with INVALID_TOKENID - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest006, TestSize.Level1) -{ - HapInfoParams infoParams; - HapPolicyParams policyParams; - TestCommon::GetHapParams(infoParams, policyParams); - - infoParams.isRestore = true; - infoParams.tokenID = INVALID_TOKENID; - - PreAuthorizationInfo preAuthorizationInfo; - preAuthorizationInfo.permissionName = ""; - policyParams.preAuthorizationInfo = {preAuthorizationInfo}; - AccessTokenIDEx fullTokenId; - int32_t ret = AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId); - EXPECT_EQ(ERR_PARAM_INVALID, ret); -} - -/** - * @tc.name: InitHapTokenSpecsTest009 - * @tc.desc: InitHapToken isRestore with real token - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest009, TestSize.Level1) -{ - HapInfoParams infoParams; - HapPolicyParams policyParams; - TestCommon::GetHapParams(infoParams, policyParams); - policyParams.apl = APL_SYSTEM_CORE; - - PermissionStateFull permissionStateFull001 = { - .permissionName = "ohos.permission.ACCESS_CERT_MANAGER", - .isGeneral = false, - .resDeviceID = {"local"}, - .grantStatus = {PERMISSION_GRANTED}, - .grantFlags = {PERMISSION_SYSTEM_FIXED} - }; - - policyParams.permStateList = {permissionStateFull001, g_infoManagerCameraState}; - AccessTokenIDEx fullTokenId; - int32_t ret = AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId); - AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID; - ASSERT_EQ(RET_SUCCESS, ret); - - ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.ACCESS_CERT_MANAGER"); - EXPECT_EQ(PERMISSION_GRANTED, ret); - - (void)AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", PERMISSION_USER_SET); - ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA"); - EXPECT_EQ(ret, PERMISSION_GRANTED); - - ret = AccessTokenKit::DeleteToken(tokenID); - EXPECT_EQ(RET_SUCCESS, ret); - - infoParams.isRestore = true; - infoParams.tokenID = tokenID; - ret = AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId); - EXPECT_EQ(RET_SUCCESS, ret); - - ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.ACCESS_CERT_MANAGER"); - EXPECT_EQ(PERMISSION_GRANTED, ret); - - ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA"); - EXPECT_EQ(ret, PERMISSION_DENIED); -} } // namespace AccessToken } // namespace Security } // namespace OHOS \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index 0813ab189..e34719890 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -134,7 +134,6 @@ private: bool IsPermissionReqValid(int32_t tokenApl, const std::string& permissionName, const std::vector& nativeAcls); void NativeTokenToString(AccessTokenID tokenID, std::string& info); - int32_t CheckHapInfoParam(const HapInfoParams& info, const HapPolicy& policy); bool hasInited_; std::atomic_int32_t dumpTaskNum_; diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 37864da82..7696c925f 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -203,7 +203,7 @@ int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr infoGuard(this->hapTokenInfoLock_); if (hapTokenInfoMap_.count(id) > 0) { LOGE(ATM_DOMAIN, ATM_TAG, "Token %{public}u info has exist.", id); - return AccessTokenError::ERR_TOKENID_HAS_EXISTED; + return AccessTokenError::ERR_TOKENID_NOT_EXIST; } if (!info->IsRemote()) { @@ -460,49 +460,33 @@ static void GetPolicyCopied(const HapPolicy& policy, HapPolicy& policyNew) } #endif -int32_t AccessTokenInfoManager::CheckHapInfoParam(const HapInfoParams& info, const HapPolicy& policy) +int AccessTokenInfoManager::CreateHapTokenInfo( + const HapInfoParams& info, const HapPolicy& policy, AccessTokenIDEx& tokenIdEx) { if ((!DataValidator::IsUserIdValid(info.userID)) || (!DataValidator::IsBundleNameValid(info.bundleName)) || (!DataValidator::IsAppIDDescValid(info.appIDDesc)) || (!DataValidator::IsDomainValid(policy.domain)) || - (!DataValidator::IsDlpTypeValid(info.dlpType)) || (info.isRestore && info.tokenID == INVALID_TOKENID)) { + (!DataValidator::IsDlpTypeValid(info.dlpType))) { LOGE(ATM_DOMAIN, ATM_TAG, "Hap token param failed"); return AccessTokenError::ERR_PARAM_INVALID; } - return ERR_OK; -} - -int AccessTokenInfoManager::CreateHapTokenInfo( - const HapInfoParams& info, const HapPolicy& policy, AccessTokenIDEx& tokenIdEx) -{ - if (CheckHapInfoParam(info, policy) != ERR_OK) { - return AccessTokenError::ERR_PARAM_INVALID; - } - AccessTokenID tokenId = info.tokenID; - if (info.isRestore) { - LOGI(ATM_DOMAIN, ATM_TAG, "isRestore is true, tokenId is %{public}u", tokenId); - int32_t res = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP); - if (res != RET_SUCCESS) { - LOGE(ATM_DOMAIN, ATM_TAG, "Token Id register failed, res is %{public}d", res); - return res; - } - } else { - int32_t dlpFlag = (info.dlpType > DLP_COMMON) ? 1 : 0; - int32_t cloneFlag = ((dlpFlag == 0) && (info.instIndex) > 0) ? 1 : 0; - tokenId = AccessTokenIDManager::GetInstance().CreateAndRegisterTokenId(TOKEN_HAP, dlpFlag, cloneFlag); - if (tokenId == 0) { - LOGE(ATM_DOMAIN, ATM_TAG, "Token Id create failed"); - return ERR_TOKENID_CREATE_FAILED; - } + int32_t dlpFlag = (info.dlpType > DLP_COMMON) ? 1 : 0; + int32_t cloneFlag = ((dlpFlag == 0) && (info.instIndex) > 0) ? 1 : 0; + AccessTokenID tokenId = AccessTokenIDManager::GetInstance().CreateAndRegisterTokenId(TOKEN_HAP, dlpFlag, cloneFlag); + if (tokenId == 0) { + LOGE(ATM_DOMAIN, ATM_TAG, "Token Id create failed"); + return ERR_TOKENID_CREATE_FAILED; } PermissionManager::GetInstance().AddDefPermissions(policy.permList, tokenId, false); #ifdef SUPPORT_SANDBOX_APP std::shared_ptr tokenInfo; - HapPolicy policyNew = policy; if (info.dlpType != DLP_COMMON) { + HapPolicy policyNew; GetPolicyCopied(policy, policyNew); DlpPermissionSetManager::GetInstance().UpdatePermStateWithDlpInfo(info.dlpType, policyNew.permStateList); + tokenInfo = std::make_shared(tokenId, info, policyNew); + } else { + tokenInfo = std::make_shared(tokenId, info, policy); } - tokenInfo = std::make_shared(tokenId, info, policyNew); #else std::shared_ptr tokenInfo = std::make_shared(tokenId, info, policy); #endif @@ -515,9 +499,8 @@ int AccessTokenInfoManager::CreateHapTokenInfo( RemoveHapTokenInfoFromDb(tokenId); return ret; } - LOGI(ATM_DOMAIN, ATM_TAG, - "Create hap token %{public}u bundleName %{public}s user %{public}d inst %{public}d isRestore %{public}d ok", - tokenId, tokenInfo->GetBundleName().c_str(), tokenInfo->GetUserID(), tokenInfo->GetInstIndex(), info.isRestore); + LOGI(ATM_DOMAIN, ATM_TAG, "Create hap token %{public}u bundleName %{public}s user %{public}d inst %{public}d ok", + tokenId, tokenInfo->GetBundleName().c_str(), tokenInfo->GetUserID(), tokenInfo->GetInstIndex()); AllocAccessTokenIDEx(info, tokenId, tokenIdEx); return RET_SUCCESS; } -- Gitee