From a5c13a05b3e3c9c7c4252f7cb3459ede5e771ee9 Mon Sep 17 00:00:00 2001 From: lixinsheng2 Date: Sun, 19 May 2024 09:16:28 +0800 Subject: [PATCH 001/103] =?UTF-8?q?=E4=B8=B4=E6=97=B6=E4=BF=AE=E6=94=B9?= =?UTF-8?q?=E9=97=B4=E6=8E=A5=E4=BE=9D=E8=B5=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: lixinsheng2 --- frameworks/accesstoken/BUILD.gn | 5 ++++- frameworks/common/BUILD.gn | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/frameworks/accesstoken/BUILD.gn b/frameworks/accesstoken/BUILD.gn index 1ebfb8bbc..72403db81 100644 --- a/frameworks/accesstoken/BUILD.gn +++ b/frameworks/accesstoken/BUILD.gn @@ -25,7 +25,10 @@ config("accesstoken_communication_adapter_cxx_public_config") { ohos_shared_library("accesstoken_communication_adapter_cxx") { subsystem_name = "security" - innerapi_tags = [ "platformsdk_indirect" ] + innerapi_tags = [ + "platformsdk_indirect", + "chipsetsdk_indirect", + ] part_name = "access_token" sanitize = { cfi = true diff --git a/frameworks/common/BUILD.gn b/frameworks/common/BUILD.gn index 3b7e2574d..63da13ed0 100644 --- a/frameworks/common/BUILD.gn +++ b/frameworks/common/BUILD.gn @@ -21,7 +21,10 @@ config("accesstoken_common_cxx_public_config") { ohos_shared_library("accesstoken_common_cxx") { subsystem_name = "security" - innerapi_tags = [ "platformsdk_indirect" ] + innerapi_tags = [ + "platformsdk_indirect", + "chipsetsdk_indirect", + ] part_name = "access_token" sanitize = { cfi = true -- Gitee From ff11068a1d835ea6eb06fe341b7e955b61a8998d Mon Sep 17 00:00:00 2001 From: bigtea Date: Tue, 11 Mar 2025 16:33:27 +0800 Subject: [PATCH 002/103] Add list lock in tokensync Signed-off-by: bigtea --- .../cpp/include/token/token_modify_notifier.h | 3 +- .../cpp/src/token/token_modify_notifier.cpp | 32 ++++++++++++------- 2 files changed, 23 insertions(+), 12 deletions(-) diff --git a/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h b/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h index 22620fa41..7f30196bd 100644 --- a/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h +++ b/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h @@ -56,7 +56,8 @@ private: bool hasInited_; OHOS::Utils::RWLock initLock_; - OHOS::Utils::RWLock Notifylock_; + OHOS::Utils::RWLock listLock_; + OHOS::Utils::RWLock notifyLock_; #ifdef RESOURCESCHEDULE_FFRT_ENABLE std::atomic_int32_t curTaskNum_; #else diff --git a/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp b/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp index d40f3f28b..525a1b52b 100644 --- a/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp @@ -58,7 +58,7 @@ void TokenModifyNotifier::AddHapTokenObservation(AccessTokenID tokenID) LOGI(ATM_DOMAIN, ATM_TAG, "Observation token is not hap token"); return; } - Utils::UniqueWriteGuard infoGuard(this->Notifylock_); + Utils::UniqueWriteGuard infoGuard(this->listLock_); if (observationSet_.count(tokenID) <= 0) { observationSet_.insert(tokenID); } @@ -66,7 +66,7 @@ void TokenModifyNotifier::AddHapTokenObservation(AccessTokenID tokenID) void TokenModifyNotifier::NotifyTokenDelete(AccessTokenID tokenID) { - Utils::UniqueWriteGuard infoGuard(this->Notifylock_); + Utils::UniqueWriteGuard infoGuard(this->listLock_); if (observationSet_.count(tokenID) <= 0) { LOGD(ATM_DOMAIN, ATM_TAG, "Hap token is not observed"); return; @@ -78,7 +78,7 @@ void TokenModifyNotifier::NotifyTokenDelete(AccessTokenID tokenID) void TokenModifyNotifier::NotifyTokenModify(AccessTokenID tokenID) { - Utils::UniqueWriteGuard infoGuard(this->Notifylock_); + Utils::UniqueWriteGuard infoGuard(this->listLock_); if (observationSet_.count(tokenID) <= 0) { LOGD(ATM_DOMAIN, ATM_TAG, "Hap token is not observed"); return; @@ -115,14 +115,26 @@ void TokenModifyNotifier::NotifyTokenSyncTask() { LOGI(ATM_DOMAIN, ATM_TAG, "Called!"); - Utils::UniqueWriteGuard infoGuard(this->Notifylock_); + Utils::UniqueWriteGuard infoGuard(this->notifyLock_); + LOGI(ATM_DOMAIN, ATM_TAG, "Start execution!"); LibraryLoader loader(TOKEN_SYNC_LIBPATH); TokenSyncKitInterface* tokenSyncKit = loader.GetObject(); if (tokenSyncKit == nullptr) { LOGE(ATM_DOMAIN, ATM_TAG, "Dlopen libtokensync_sdk failed."); return; } - for (AccessTokenID deleteToken : deleteTokenList_) { + + std::vector deleteList; + std::vector modifiedList; + { + Utils::UniqueWriteGuard listGuard(this->listLock_); + deleteList = deleteTokenList_; + modifiedList = modifiedTokenList_; + deleteTokenList_.clear(); + modifiedTokenList_.clear(); + } + + for (AccessTokenID deleteToken : deleteList) { int ret = TOKEN_SYNC_SUCCESS; if (tokenSyncCallbackObject_ != nullptr) { ret = tokenSyncCallbackObject_->DeleteRemoteHapTokenInfo(deleteToken); @@ -133,7 +145,7 @@ void TokenModifyNotifier::NotifyTokenSyncTask() } } - for (AccessTokenID modifyToken : modifiedTokenList_) { + for (AccessTokenID modifyToken : modifiedList) { HapTokenInfoForSync hapSync; int ret = AccessTokenInfoManager::GetInstance().GetHapTokenSync(modifyToken, hapSync); if (ret != RET_SUCCESS) { @@ -148,8 +160,6 @@ void TokenModifyNotifier::NotifyTokenSyncTask() LOGE(ATM_DOMAIN, ATM_TAG, "Fail to update remote haptoken info, ret is %{public}d", ret); } } - deleteTokenList_.clear(); - modifiedTokenList_.clear(); LOGI(ATM_DOMAIN, ATM_TAG, "Over!"); } @@ -157,7 +167,7 @@ void TokenModifyNotifier::NotifyTokenSyncTask() int32_t TokenModifyNotifier::GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) { if (tokenSyncCallbackObject_ != nullptr) { - Utils::UniqueReadGuard infoGuard(this->Notifylock_); + Utils::UniqueReadGuard infoGuard(this->notifyLock_); int32_t ret = tokenSyncCallbackObject_->GetRemoteHapTokenInfo(deviceID, tokenID); if (ret != TOKEN_SYNC_OPENSOURCE_DEVICE) { return ret; @@ -175,7 +185,7 @@ int32_t TokenModifyNotifier::GetRemoteHapTokenInfo(const std::string& deviceID, int32_t TokenModifyNotifier::RegisterTokenSyncCallback(const sptr& callback) { - Utils::UniqueWriteGuard infoGuard(this->Notifylock_); + Utils::UniqueWriteGuard infoGuard(this->notifyLock_); tokenSyncCallbackObject_ = new TokenSyncCallbackProxy(callback); tokenSyncCallbackDeathRecipient_ = sptr::MakeSptr(); callback->AddDeathRecipient(tokenSyncCallbackDeathRecipient_); @@ -185,7 +195,7 @@ int32_t TokenModifyNotifier::RegisterTokenSyncCallback(const sptr int32_t TokenModifyNotifier::UnRegisterTokenSyncCallback() { - Utils::UniqueWriteGuard infoGuard(this->Notifylock_); + Utils::UniqueWriteGuard infoGuard(this->notifyLock_); if (tokenSyncCallbackObject_ != nullptr && tokenSyncCallbackDeathRecipient_ != nullptr) { tokenSyncCallbackObject_->AsObject()->RemoveDeathRecipient(tokenSyncCallbackDeathRecipient_); } -- Gitee From ac6638cde5bce1317b0710759c551e5097e228e9 Mon Sep 17 00:00:00 2001 From: zc Date: Thu, 20 Mar 2025 17:18:56 +0800 Subject: [PATCH 003/103] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=9D=83=E9=99=90oho?= =?UTF-8?q?s.permission.MANAGE=5FAPP=5FUNINSTALL=20Signed-off-by:=20zc=20?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 770b03143..468d73aa5 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -2841,6 +2841,16 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_APP_UNINSTALL", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 18, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false }, { "name": "ohos.permission.RECEIVE_APP_INSTALL_INFO_CHANGE", -- Gitee From 82affcfc7a26c5352de1ea2c9695abfec8276528 Mon Sep 17 00:00:00 2001 From: markYao Date: Thu, 12 Dec 2024 10:31:23 +0800 Subject: [PATCH 004/103] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=9D=83=E9=99=90oho?= =?UTF-8?q?s.permission.SEND=5FNOTIFICATION=5FCROSS=5FUSER?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: markYao --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 770b03143..17ec59ccd 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6321,6 +6321,16 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.SEND_NOTIFICATION_CROSS_USER", + "grantMode": "system_grant", + "availableLevel": "system_core", + "availableType": "SYSTEM", + "since": 16, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false } ] } \ No newline at end of file -- Gitee From 779b258fca32ff1a59059173dd094ee7ccea4eb5 Mon Sep 17 00:00:00 2001 From: chennian Date: Thu, 20 Mar 2025 13:29:19 +0800 Subject: [PATCH 005/103] Modify testcase Signed-off-by: chennian Change-Id: I8008bfa0a9204044b1129b06f0e6a2250c8379b2 --- .../accesstoken/test/unittest/BUILD.gn | 6 - .../accesstoken_kit_coverage_test.cpp | 8 +- .../get_hap_token_info_from_remote_test.cpp | 20 +- .../EdmPolicyTest/edm_policy_set_test.cpp | 12 +- .../HapTokenTest/get_hap_token_test.cpp | 32 +- .../PermDenyTest/accesstoken_deny_test.cpp | 21 +- .../accesstoken_location_request_test.cpp | 11 +- .../request_permission_on_setting_test.cpp | 4 +- .../set_perm_dialog_cap_test.cpp | 16 +- .../PermissionsTest/get_permission_test.cpp | 57 -- ...ant_permission_for_specified_time_test.cpp | 4 +- .../PermissionsTest/grant_permission_test.cpp | 28 +- .../revoke_permission_test.cpp | 28 +- ...gister_perm_state_change_callback_test.cpp | 152 ++-- ...gister_perm_state_change_callback_test.cpp | 78 +- .../unittest/SaTest/dump_token_info_test.cpp | 2 +- .../test/unittest/common/test_common.cpp | 19 - .../test/unittest/common/test_common.h | 2 - interfaces/innerkits/privacy/test/BUILD.gn | 1 + .../unittest/src/permission_deny_test.cpp | 16 +- .../test/unittest/src/privacy_kit_test.cpp | 671 +++++++++--------- .../test/unittest/src/privacy_test_common.cpp | 193 +++++ .../test/unittest/src/privacy_test_common.h | 60 ++ .../privacymanager/test/coverage/BUILD.gn | 6 +- ...ermission_record_manager_coverage_test.cpp | 120 ++-- .../privacymanager/test/unittest/BUILD.gn | 4 + .../permission_record_manager_test.cpp | 190 +++-- .../unittest/privacy_manager_service_test.cpp | 155 ++-- .../test/unittest/sensitive_manager_test.cpp | 32 +- .../tokensyncmanager/test/coverage/BUILD.gn | 2 + .../token_sync_service_coverage_test.cpp | 9 +- .../tokensyncmanager/test/unittest/BUILD.gn | 2 + .../test/unittest/token_sync_service_test.cpp | 30 +- 33 files changed, 1062 insertions(+), 929 deletions(-) create mode 100644 interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.cpp create mode 100644 interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.h diff --git a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn index 1808c7cde..1727ef9f3 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn @@ -114,9 +114,6 @@ ohos_unittest("libaccesstoken_sdk_test") { "DlpTest/share_permission_with_sandbox_test.cpp", ] } - if (build_variant == "user") { - cflags_cc += [ "-DATM_BUILD_VARIANT_USER_ENABLE" ] - } } ohos_unittest("accesstoken_mock_test") { @@ -182,7 +179,4 @@ ohos_unittest("accesstoken_mock_test") { if (token_sync_enable == true) { cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] } - if (build_variant == "user") { - cflags_cc += [ "-DATM_BUILD_VARIANT_USER_ENABLE" ] - } } diff --git a/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp index 1f1c76a04..0a225086d 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp @@ -265,18 +265,18 @@ HWTEST_F(AccessTokenCoverageTest, VerifyAccessToken005, TestSize.Level1) // ret = PERMISSION_GRANTED + firstTokenID = 0 std::string permissionName = "ohos.permission.GET_BUNDLE_INFO"; firstTokenID = 0; - ASSERT_EQ(PermissionState::PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken( + EXPECT_EQ(PermissionState::PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken( callerTokenID, firstTokenID, permissionName, false)); firstTokenID = 1; // ret = PERMISSION_GRANTED + firstTokenID != 0 - ASSERT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken( + EXPECT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken( callerTokenID, firstTokenID, permissionName, false)); - TestCommon::DeleteTestHapToken(callerTokenID); + ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(callerTokenID)); callerTokenID = 0; // ret = PERMISSION_DENIED - ASSERT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken( + EXPECT_EQ(PermissionState::PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken( callerTokenID, firstTokenID, permissionName, false)); } diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp index a7a1826ad..fe3b10e11 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp @@ -155,19 +155,19 @@ HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest001, Te HapTokenInfoForSync infoSync; int ret = AccessTokenKit::GetHapTokenInfoFromRemote(localTokenID, infoSync); - ASSERT_EQ(ret, RET_SUCCESS); - ASSERT_EQ(infoSync.permStateList.size(), static_cast(2)); + EXPECT_EQ(ret, RET_SUCCESS); + EXPECT_EQ(infoSync.permStateList.size(), static_cast(2)); - ASSERT_EQ(infoSync.permStateList[0].permissionName, g_infoManagerTestPolicyPrams.permStateList[0].permissionName); + EXPECT_EQ(infoSync.permStateList[0].permissionName, g_infoManagerTestPolicyPrams.permStateList[0].permissionName); - ASSERT_EQ(infoSync.permStateList[1].permissionName, g_infoManagerTestPolicyPrams.permStateList[1].permissionName); + EXPECT_EQ(infoSync.permStateList[1].permissionName, g_infoManagerTestPolicyPrams.permStateList[1].permissionName); - ASSERT_EQ(infoSync.baseInfo.bundleName, g_infoManagerTestInfoParms.bundleName); - ASSERT_EQ(infoSync.baseInfo.userID, g_infoManagerTestInfoParms.userID); - ASSERT_EQ(infoSync.baseInfo.instIndex, g_infoManagerTestInfoParms.instIndex); - ASSERT_EQ(infoSync.baseInfo.ver, 1); - ASSERT_EQ(infoSync.baseInfo.tokenID, localTokenID); - ASSERT_EQ(infoSync.baseInfo.tokenAttr, 0); + EXPECT_EQ(infoSync.baseInfo.bundleName, g_infoManagerTestInfoParms.bundleName); + EXPECT_EQ(infoSync.baseInfo.userID, g_infoManagerTestInfoParms.userID); + EXPECT_EQ(infoSync.baseInfo.instIndex, g_infoManagerTestInfoParms.instIndex); + EXPECT_EQ(infoSync.baseInfo.ver, 1); + EXPECT_EQ(infoSync.baseInfo.tokenID, localTokenID); + EXPECT_EQ(infoSync.baseInfo.tokenAttr, 0); EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(localTokenID)); } diff --git a/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp index 3c9bfe92e..ef98b757d 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp @@ -269,7 +269,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy006, TestSize.Level1) std::vector permStatList; EXPECT_EQ(RET_SUCCESS, AccessTokenKit::GetReqPermissions(fullIdUser2.tokenIdExStruct.tokenID, permStatList, true)); - ASSERT_EQ(static_cast(2), permStatList.size()); + EXPECT_EQ(static_cast(2), permStatList.size()); EXPECT_EQ(INTERNET, permStatList[0].permissionName); EXPECT_EQ(PERMISSION_GRANTED, permStatList[0].grantStatus[0]); @@ -335,21 +335,15 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level1) AccessTokenIDEx fullIdUser2; EXPECT_EQ(RET_SUCCESS, TestCommon::AllocTestHapToken(g_testHapInfoParams, g_testPolicyParams, fullIdUser2)); - g_testHapInfoParams.userID = MOCK_USER_ID_10003; - AccessTokenIDEx fullIdUser3; - EXPECT_EQ(RET_SUCCESS, - TestCommon::AllocTestHapToken(g_testHapInfoParams, g_testPolicyParams, fullIdUser3)); UserState user1 = {.userId = MOCK_USER_ID_10001, .isActive = false}; UserState user2 = {.userId = MOCK_USER_ID_10002, .isActive = true}; - UserState user3 = {.userId = MOCK_USER_ID_10003, .isActive = true}; - std::vector userListBefore = { user1, user2, user3 }; + std::vector userListBefore = { user1, user2 }; std::vector permList = { INTERNET, LOCATION }; int32_t ret = AccessTokenKit::InitUserPolicy(userListBefore, permList); EXPECT_EQ(ret, 0); EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser1.tokenIdExStruct.tokenID, INTERNET), PERMISSION_DENIED); EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser2.tokenIdExStruct.tokenID, INTERNET), PERMISSION_GRANTED); - EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser3.tokenIdExStruct.tokenID, INTERNET), PERMISSION_GRANTED); EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser1.tokenIdExStruct.tokenID, LOCATION), PERMISSION_DENIED); EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser2.tokenIdExStruct.tokenID, LOCATION), @@ -363,7 +357,6 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level1) EXPECT_EQ(ret, 0); EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser1.tokenIdExStruct.tokenID, INTERNET), PERMISSION_GRANTED); EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser2.tokenIdExStruct.tokenID, INTERNET), PERMISSION_DENIED); - EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser3.tokenIdExStruct.tokenID, INTERNET), PERMISSION_GRANTED); EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser1.tokenIdExStruct.tokenID, LOCATION), PERMISSION_DENIED); EXPECT_EQ(AccessTokenKit::VerifyAccessToken(fullIdUser2.tokenIdExStruct.tokenID, LOCATION), @@ -371,7 +364,6 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level1) EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(fullIdUser1.tokenIdExStruct.tokenID)); EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(fullIdUser2.tokenIdExStruct.tokenID)); - EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(fullIdUser3.tokenIdExStruct.tokenID)); int32_t res = AccessTokenKit::ClearUserPolicy(); EXPECT_EQ(res, 0); diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp index 91c471ad1..f91a41454 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp @@ -66,6 +66,7 @@ void GetHapTokenTest::TearDownTestCase() g_mock = nullptr; } SetSelfTokenID(g_selfTokenId); + TestCommon::ResetTestEvironment(); } void GetHapTokenTest::SetUp() @@ -183,10 +184,9 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDExFuncTest001, TestSize.Level1) ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx); HapTokenInfo hapTokenInfoRes; AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; - int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes); - ASSERT_EQ(RET_SUCCESS, ret); - ASSERT_EQ(hapTokenInfoRes.bundleName, g_infoManagerTestSystemInfoParms.bundleName); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes)); + EXPECT_EQ(hapTokenInfoRes.bundleName, g_infoManagerTestSystemInfoParms.bundleName); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } /** @@ -311,18 +311,18 @@ HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest001, TestSize.Level1) ASSERT_EQ(true, TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx)); AccessTokenIDEx tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0); - ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx); + EXPECT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx); UpdateHapInfoParams info; info.appIDDesc = g_infoManagerTestSystemInfoParms.appIDDesc; info.apiVersion = g_infoManagerTestSystemInfoParms.apiVersion; info.isSystemApp = false; - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams)); tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0); - ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx); + EXPECT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx); - ASSERT_EQ(false, TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx)); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); + EXPECT_EQ(false, TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); } /** @@ -335,20 +335,20 @@ HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest002, TestSize.Level1) { AccessTokenIDEx tokenIdEx = {0}; TestCommon::AllocTestHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx); - ASSERT_TRUE(TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx)); + EXPECT_TRUE(TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx)); AccessTokenIDEx tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0); - ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx); + EXPECT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx); UpdateHapInfoParams info; info.appIDDesc = g_infoManagerTestNormalInfoParms.appIDDesc; info.apiVersion = g_infoManagerTestNormalInfoParms.apiVersion; info.isSystemApp = true; - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(tokenIdEx, info, g_infoManagerTestPolicyPrams)); tokenIdEx1 = AccessTokenKit::GetHapTokenIDEx(1, "accesstoken_test", 0); - ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx); + EXPECT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx); - ASSERT_EQ(true, TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx)); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); + EXPECT_EQ(true, TokenIdKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); } /** @@ -365,7 +365,7 @@ HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest003, TestSize.Level1) ASSERT_EQ(tokenIdEx.tokenIDEx, tokenIdEx1.tokenIDEx); bool res = AccessTokenKit::IsSystemAppByFullTokenID(tokenIdEx.tokenIDEx); ASSERT_TRUE(res); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); } } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp index d1f8e2222..a00807532 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp @@ -398,32 +398,19 @@ HWTEST_F(AccessTokenDenyTest, UnregisterPermStateChangeCallback001, TestSize.Lev scopeInfo.permList = {"ohos.permission.CAMERA"}; scopeInfo.tokenIDs = {}; auto callbackPtr = std::make_shared(scopeInfo); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr)); EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(g_testTokenIDEx.tokenIDEx)); - ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx)); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); setuid(g_selfUid); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); } -#ifndef ATM_BUILD_VARIANT_USER_ENABLE -/** - * @tc.name: ReloadNativeTokenInfo001 - * @tc.desc: ReloadNativeTokenInfo with no permission - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(AccessTokenDenyTest, ReloadNativeTokenInfo001, TestSize.Level1) -{ - ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::ReloadNativeTokenInfo()); -} -#endif - /** * @tc.name: GetNativeTokenId001 * @tc.desc: Verify the GetNativeTokenId abnormal branch return nullptr proxy. diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp index faaf9209a..1c8547325 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 1922 Huawei Device Co., Ltd. + * Copyright (c) 2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -210,7 +210,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState001, TestSize.Le AccessTokenIDEx tokenIdEx = AllocHapToken(permissionStateFulls, BACKGROUND_LOCATION_API_VERSION); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenID); - ASSERT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); PermissionListState permVague1 = { .permissionName = "ohos.permission.APPROXIMATELY_LOCATION", @@ -222,9 +222,10 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState001, TestSize.Le PermissionGrantInfo info; PermissionOper ret = AccessTokenKit::GetSelfPermissionsState(permsList1, info); - ASSERT_EQ(DYNAMIC_OPER, ret); - ASSERT_EQ(static_cast(1), permsList1.size()); - ASSERT_EQ(DYNAMIC_OPER, permsList1[0].state); + EXPECT_EQ(DYNAMIC_OPER, ret); + EXPECT_EQ(static_cast(1), permsList1.size()); + EXPECT_EQ(DYNAMIC_OPER, permsList1[0].state); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } /** diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp index 4d022d65e..0653481af 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 1922 Huawei Device Co., Ltd. + * Copyright (c) 2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -121,7 +121,7 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest003, TestSiz ASSERT_NE(INVALID_TOKENID, tokenID); AccessTokenKit::RequestAppPermOnSetting(tokenID); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } /** diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp index 3d6bab78e..1f99e9ec1 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp @@ -132,19 +132,19 @@ HWTEST_F(SetPermDialogCapTest, SetPermDialogCapFuncTest001, TestSize.Level1) permsList.emplace_back(tmp); // test dialog is forbiddedn - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true)); - ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true)); + EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx)); PermissionGrantInfo info; - ASSERT_EQ(FORBIDDEN_OPER, AccessTokenKit::GetSelfPermissionsState(permsList, info)); - ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(selfToken)); + EXPECT_EQ(FORBIDDEN_OPER, AccessTokenKit::GetSelfPermissionsState(permsList, info)); + EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(selfToken)); // test dialog is not forbiddedn - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::SetPermDialogCap(hapBaseInfo, false)); - ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::SetPermDialogCap(hapBaseInfo, false)); + EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx)); ASSERT_NE(FORBIDDEN_OPER, AccessTokenKit::GetSelfPermissionsState(permsList, info)); - ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(selfToken)); + EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(selfToken)); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); } } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp index 69aa3bb99..c26dc6733 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp @@ -110,17 +110,11 @@ HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest001, TestSize.Level { LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionUsedTypeAbnormalTest001"); std::string permisson = "ohos.permission.CAMERA"; -#ifndef ATM_BUILD_VARIANT_USER_ENABLE // caller is not native, IsPrivilegedCalling return false(uid != accesstoken_uid) int32_t selfUid = getuid(); setuid(1); EXPECT_EQ(PermUsedTypeEnum::INVALID_USED_TYPE, AccessTokenKit::GetPermissionUsedType(g_selfTokenId, permisson)); setuid(selfUid); -#else - // caller is not native, IsPrivilegedCalling return false - EXPECT_EQ(PermUsedTypeEnum::INVALID_USED_TYPE, - AccessTokenKit::GetPermissionUsedType(g_selfTokenId, permisson)); -#endif } /** @@ -468,57 +462,6 @@ HWTEST_F(GetPermissionTest, ReloadNativeTokenInfo001, TestSize.Level1) ASSERT_EQ(RET_SUCCESS, ret); } -#ifndef ATM_BUILD_VARIANT_USER_ENABLE -uint64_t GetNativeTokenTest(const char *processName, const char **perms, int32_t permNum) -{ - uint64_t tokenId; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = permNum, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - .processName = processName, - }; - - tokenId = GetAccessTokenId(&infoInstance); - AccessTokenKit::ReloadNativeTokenInfo(); - return tokenId; -} - -/** - * @tc.name: ReloadNativeTokenInfo002 - * @tc.desc: ReloadNativeTokenInfo with same bundlename twicely. - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetPermissionTest, ReloadNativeTokenInfo002, TestSize.Level1) -{ - const char **perms = new const char *[1]; - perms[0] = "ohos.permission.MANAGE_HAP_TOKENID"; - uint64_t token1 = GetNativeTokenTest("TestCase_core", perms, 1); - ASSERT_NE(INVALID_TOKENID, token1); - ASSERT_EQ( - PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(token1, "ohos.permission.MANAGE_HAP_TOKENID", false)); - - uint64_t token2 = GetNativeTokenTest("TestCase_core", nullptr, 0); - ASSERT_NE(INVALID_TOKENID, token2); - - ASSERT_EQ(token1, token2); - ASSERT_EQ( - PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(token2, "ohos.permission.MANAGE_HAP_TOKENID", false)); - - uint64_t token3 = GetNativeTokenTest("TestCase_core", perms, 1); - ASSERT_NE(INVALID_TOKENID, token3); - - ASSERT_EQ(token1, token3); - ASSERT_EQ( - PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(token3, "ohos.permission.MANAGE_HAP_TOKENID", false)); -} -#endif - /** * @tc.name: GetKernelPermissionTest001 * @tc.desc: diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp index 892426db4..c88a7bc8a 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp @@ -154,8 +154,10 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbn ASSERT_NE(INVALID_TOKENID, tokenID); uint32_t onceTime = 10; // 10: 10s - ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, + EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, AccessTokenKit::GrantPermissionForSpecifiedTime(tokenID, SHORT_TEMP_PERMISSION, onceTime)); + + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } /** diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp index 3c5538bef..6cf38323b 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp @@ -40,6 +40,7 @@ static const unsigned int TEST_TOKENID_INVALID = 0; static const int CYCLE_TIMES = 100; static const int TEST_USER_ID = 0; static constexpr int32_t DEFAULT_API_VERSION = 8; +static MockHapToken* g_mock = nullptr; }; void GrantPermissionTest::SetUpTestCase() @@ -47,6 +48,11 @@ void GrantPermissionTest::SetUpTestCase() g_selfTokenId = GetSelfTokenID(); TestCommon::SetTestEvironment(g_selfTokenId); + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); + g_mock = new (std::nothrow) MockHapToken("GrantPermissionTest", reqPerm); + // clean up test cases AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -55,6 +61,10 @@ void GrantPermissionTest::SetUpTestCase() void GrantPermissionTest::TearDownTestCase() { + if (g_mock != nullptr) { + delete g_mock; + g_mock = nullptr; + } AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; TestCommon::DeleteTestHapToken(tokenID); @@ -118,9 +128,6 @@ void GrantPermissionTest::TearDown() HWTEST_F(GrantPermissionTest, GrantPermissionFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionFuncTest001"); - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GrantPermissionFuncTest001", reqPerm); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -149,9 +156,6 @@ HWTEST_F(GrantPermissionTest, GrantPermissionFuncTest001, TestSize.Level0) HWTEST_F(GrantPermissionTest, GrantPermissionAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionAbnormalTest001"); - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GrantPermissionAbnormalTest001", reqPerm); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -185,9 +189,6 @@ HWTEST_F(GrantPermissionTest, GrantPermissionAbnormalTest001, TestSize.Level0) HWTEST_F(GrantPermissionTest, GrantPermissionAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionAbnormalTest002"); - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GrantPermissionAbnormalTest002", reqPerm); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -208,9 +209,6 @@ HWTEST_F(GrantPermissionTest, GrantPermissionAbnormalTest002, TestSize.Level0) HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionSpecsTest001"); - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GrantPermissionSpecsTest001", reqPerm); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -261,9 +259,6 @@ HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest002, TestSize.Level0) HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionSpecsTest003"); - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GrantPermissionSpecsTest003", reqPerm, true); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -284,9 +279,6 @@ HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest003, TestSize.Level0) */ HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest004, TestSize.Level0) { - std::vector reqPerm; - MockHapToken mock("GrantPermissionSpecsTest004", reqPerm, true); - AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; int ret = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.SECURE_PASTE", PERMISSION_COMPONENT_SET); diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp index de702225e..bb24a2e78 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp @@ -40,6 +40,7 @@ static const unsigned int TEST_TOKENID_INVALID = 0; static const int CYCLE_TIMES = 100; static const int TEST_USER_ID = 0; static constexpr int32_t DEFAULT_API_VERSION = 8; +static MockHapToken* g_mock = nullptr; }; void RevokePermissionTest::SetUpTestCase() @@ -47,6 +48,10 @@ void RevokePermissionTest::SetUpTestCase() g_selfTokenId = GetSelfTokenID(); TestCommon::SetTestEvironment(g_selfTokenId); + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); + g_mock = new (std::nothrow) MockHapToken("RevokePermissionTest", reqPerm); + // clean up test cases AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -55,6 +60,11 @@ void RevokePermissionTest::SetUpTestCase() void RevokePermissionTest::TearDownTestCase() { + if (g_mock != nullptr) { + delete g_mock; + g_mock = nullptr; + } + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; TestCommon::DeleteTestHapToken(tokenID); @@ -119,9 +129,6 @@ void RevokePermissionTest::TearDown() HWTEST_F(RevokePermissionTest, RevokePermissionFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionFuncTest001"); - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); - MockHapToken mock("RevokePermissionFuncTest001", reqPerm); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -150,9 +157,6 @@ HWTEST_F(RevokePermissionTest, RevokePermissionFuncTest001, TestSize.Level0) HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionAbnormalTest001"); - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); - MockHapToken mock("RevokePermissionAbnormalTest001", reqPerm); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -173,9 +177,6 @@ HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest001, TestSize.Level0) HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionAbnormalTest002"); - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); - MockHapToken mock("RevokePermissionAbnormalTest002", reqPerm); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -206,9 +207,6 @@ HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest002, TestSize.Level0) HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionAbnormalTest003"); - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); - MockHapToken mock("RevokePermissionAbnormalTest003", reqPerm); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -230,9 +228,6 @@ HWTEST_F(RevokePermissionTest, RevokePermissionAbnormalTest003, TestSize.Level0) HWTEST_F(RevokePermissionTest, RevokePermissionSpecsTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionSpecsTest001"); - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); - MockHapToken mock("RevokePermissionSpecsTest001", reqPerm); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -284,9 +279,6 @@ HWTEST_F(RevokePermissionTest, RevokePermissionSpecsTest002, TestSize.Level0) HWTEST_F(RevokePermissionTest, RevokePermissionSpecsTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RevokePermissionSpecsTest003"); - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); - MockHapToken mock("RevokePermissionSpecsTest003", reqPerm, true); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; diff --git a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp index 0e1383786..1f13e450f 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp @@ -128,33 +128,33 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(tokenID, INVALID_TOKENID); - ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); - ASSERT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false)); + EXPECT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } /** @@ -201,17 +201,17 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun ASSERT_NE(tokenID, INVALID_TOKENID); res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false); - ASSERT_EQ(PERMISSION_DENIED, res); + EXPECT_EQ(PERMISSION_DENIED, res); res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s EXPECT_EQ(false, callbackPtr->ready_); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); } /** @@ -244,14 +244,14 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun ASSERT_NE(tokenID, INVALID_TOKENID); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); - ASSERT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false)); + EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); } /** @@ -282,17 +282,17 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun auto callbackPtr = std::make_shared(scopeInfo); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr)); callbackPtr->ready_ = false; - ASSERT_EQ(PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false)); - ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false)); + EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); } @@ -378,13 +378,13 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbn ASSERT_NE(tokenID, INVALID_TOKENID); callbackPtr->ready_ = false; - ASSERT_EQ(PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false)); - ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); - ASSERT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false)); + EXPECT_EQ(PERMISSION_DENIED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false)); + EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(PERMISSION_GRANTED, AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(false, callbackPtr->ready_); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } /** @@ -423,17 +423,17 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbn scopeInfo.tokenIDs = {tokenIdEx.tokenIdExStruct.tokenID}; scopeInfo.permList = {"ohos.permission.INVALID", "ohos.permission.CAMERA"}; auto callbackPtr = std::make_shared(scopeInfo); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr)); int32_t res = TestCommon::GrantPermissionByTest(tokenIdEx.tokenIdExStruct.tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); } /** @@ -505,16 +505,16 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe scopeInfo.tokenIDs.emplace_back(tokenIdEx.tokenIdExStruct.tokenID); if (i == TOKENIDS_LIST_SIZE_MAX_TEST) { auto callbackPtr1 = std::make_shared(scopeInfo); - ASSERT_EQ( + EXPECT_EQ( AccessTokenError::ERR_PARAM_INVALID, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr1)); break; } auto callbackPtr1 = std::make_shared(scopeInfo); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr1)); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr1)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr1)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr1)); } - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); } /** @@ -575,7 +575,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe scopeInfo.permList = {"ohos.permission.CAMERA"}; auto callbackPtr = std::make_shared(scopeInfo); int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); res = TestCommon::GrantPermissionByTest(tokenIdEx.tokenIdExStruct.tokenID, "ohos.permission.CAMERA", 2); EXPECT_EQ(RET_SUCCESS, res); @@ -599,11 +599,11 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe EXPECT_EQ(true, callbackPtr->ready_); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr)); } /** @@ -638,7 +638,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe scopeInfo.permList = {"ohos.permission.READ_MEDIA"}; auto callbackPtr = std::make_shared(scopeInfo); int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); res = TestCommon::GrantPermissionByTest(tokenIdEx.tokenIdExStruct.tokenID, "ohos.permission.READ_MEDIA", PERMISSION_SYSTEM_FIXED); @@ -657,12 +657,12 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe EXPECT_EQ(false, callbackPtr->ready_); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); } /** @@ -692,27 +692,27 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac SetSelfTokenID(tokenID); int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); SetSelfTokenID(g_selfShellTokenId); res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false); - ASSERT_EQ(PERMISSION_GRANTED, res); + EXPECT_EQ(PERMISSION_GRANTED, res); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); callbackPtr->ready_ = false; res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); SetSelfTokenID(tokenID); res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); SetSelfTokenID(g_selfShellTokenId); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); @@ -744,23 +744,23 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac callbackPtr->ready_ = false; SetSelfTokenID(tokenID); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr)); SetSelfTokenID(g_selfShellTokenId); - ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); callbackPtr->ready_ = false; SetSelfTokenID(tokenID); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr)); SetSelfTokenID(g_selfShellTokenId); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); @@ -793,27 +793,27 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac SetSelfTokenID(tokenID); int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); SetSelfTokenID(g_selfShellTokenId); res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false); - ASSERT_EQ(PERMISSION_GRANTED, res); + EXPECT_EQ(PERMISSION_GRANTED, res); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); callbackPtr->ready_ = false; res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); SetSelfTokenID(tokenID); res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); SetSelfTokenID(g_selfShellTokenId); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); @@ -852,30 +852,30 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac callbackPtr->ready_ = false; SetSelfTokenID(tokenID); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr)); SetSelfTokenID(g_selfShellTokenId); - ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.MICROPHONE", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.MICROPHONE", 2)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.MICROPHONE", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.MICROPHONE", 2)); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); SetSelfTokenID(tokenID); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr)); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } @@ -913,32 +913,32 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac SetSelfTokenID(tokenID); int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr1); - ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res); + EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, res); scopeInfo.permList = {"ohos.permission.INVALID", "ohos.permission.CAMERA"}; auto callbackPtr = std::make_shared(scopeInfo); res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); SetSelfTokenID(g_selfShellTokenId); res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA", false); - ASSERT_EQ(PERMISSION_GRANTED, res); + EXPECT_EQ(PERMISSION_GRANTED, res); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); callbackPtr->ready_ = false; res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s EXPECT_EQ(true, callbackPtr->ready_); SetSelfTokenID(tokenID); res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } @@ -979,12 +979,12 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac if (i == PERMS_LIST_SIZE_MAX_TEST) { // 1025 is a invalid size auto callbackPtr = std::make_shared(scopeInfo); int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res); + EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, res); break; } auto callbackPtr = std::make_shared(scopeInfo); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr)); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr)); } ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } @@ -1016,7 +1016,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac callbackPtr->ready_ = false; int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res); + EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, res); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } @@ -1061,7 +1061,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac // tokenIDs size si 0, int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr1); - ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res); + EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, res); scopeInfo.tokenIDs = {tokenID, tokenID2}; auto callbackPtr = std::make_shared(scopeInfo); @@ -1069,11 +1069,11 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac // tokenIDs size != 1 res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res); + EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, res); SetSelfTokenID(g_selfShellTokenId); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); - ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID2)); } /** @@ -1106,11 +1106,11 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac if (i == MAX_CALLBACK_MAP_SIZE) { // 200 is the max size auto callbackPtr = std::make_shared(scopeInfo); int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(AccessTokenError::ERR_CALLBACKS_EXCEED_LIMITATION, res); + EXPECT_EQ(AccessTokenError::ERR_CALLBACKS_EXCEED_LIMITATION, res); break; } auto callbackPtr = std::make_shared(scopeInfo); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr)); callbackList.emplace_back(callbackPtr); } for (int32_t i = 0; i < MAX_CALLBACK_MAP_SIZE; i++) { // release 200 callback diff --git a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp index d3338ef36..0331e7b96 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp @@ -198,7 +198,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal SetSelfTokenID(tokenID); int32_t res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res); + EXPECT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); SetSelfTokenID(g_selfShellTokenId); @@ -238,13 +238,13 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal SetSelfTokenID(tokenID); int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(AccessTokenError::ERR_CALLBACK_ALREADY_EXIST, res); + EXPECT_EQ(AccessTokenError::ERR_CALLBACK_ALREADY_EXIST, res); res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res); + EXPECT_EQ(AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER, res); SetSelfTokenID(g_selfShellTokenId); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); @@ -284,25 +284,25 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal SetSelfTokenID(tokenID); int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); SetSelfTokenID(g_selfShellTokenId); callbackPtr->ready_ = false; res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); callbackPtr->ready_ = false; res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } @@ -348,25 +348,25 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal SetSelfTokenID(tokenID); int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); SetSelfTokenID(g_selfShellTokenId); callbackPtr->ready_ = false; res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); callbackPtr->ready_ = false; res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } @@ -405,27 +405,27 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal SetSelfTokenID(tokenID); int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); SetSelfTokenID(g_selfShellTokenId); SetSelfTokenID(tokenID); res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); SetSelfTokenID(g_selfShellTokenId); callbackPtr->ready_ = false; res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); callbackPtr->ready_ = false; res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } @@ -470,28 +470,28 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal callbackPtr->ready_ = false; SetSelfTokenID(tokenID); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr)); - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr)); SetSelfTokenID(g_selfShellTokenId); callbackPtr->ready_ = false; - ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); - ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2)); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); - ASSERT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.DISTRIBUTED_DATASYNC", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.DISTRIBUTED_DATASYNC", 2)); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); - ASSERT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.DISTRIBUTED_DATASYNC", 2)); + EXPECT_EQ(RET_SUCCESS, TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.DISTRIBUTED_DATASYNC", 2)); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } @@ -530,25 +530,25 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal SetSelfTokenID(tokenID); int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); res = AccessTokenKit::UnRegisterSelfPermStateChangeCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); SetSelfTokenID(g_selfShellTokenId); callbackPtr->ready_ = false; res = TestCommon::GrantPermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); callbackPtr->ready_ = false; res = TestCommon::RevokePermissionByTest(tokenID, "ohos.permission.CAMERA", 2); - ASSERT_EQ(RET_SUCCESS, res); + EXPECT_EQ(RET_SUCCESS, res); usleep(500000); // 500000us = 0.5s - ASSERT_EQ(false, callbackPtr->ready_); + EXPECT_EQ(false, callbackPtr->ready_); ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenID)); } diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp index 7a32f4660..83424dac6 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp @@ -98,7 +98,7 @@ HWTEST_F(DumpTokenInfoTest, DumpTokenInfoAbnormalTest001, TestSize.Level1) AtmToolsParamInfo info; info.tokenId = 123; AccessTokenKit::DumpTokenInfo(info, dumpInfo); - ASSERT_EQ("", dumpInfo); + EXPECT_EQ("", dumpInfo); setuid(g_selfUid); EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId)); diff --git a/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp b/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp index 93f0d22d4..bd50abdad 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp @@ -336,25 +336,6 @@ int32_t TestCommon::RevokePermissionByTest(AccessTokenID tokenID, const std::str return AccessTokenKit::RevokePermission(tokenID, permission, flag); } -uint64_t TestCommon::GetNativeToken(const char *processName, const char **perms, int32_t permNum) -{ - uint64_t tokenId; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = permNum, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - .processName = processName, - }; - - tokenId = GetAccessTokenId(&infoInstance); - AccessTokenKit::ReloadNativeTokenInfo(); - return tokenId; -} - AccessTokenID TestCommon::GetNativeTokenIdFromProcess(const std::string &process) { uint64_t selfTokenId = GetSelfTokenID(); diff --git a/interfaces/innerkits/accesstoken/test/unittest/common/test_common.h b/interfaces/innerkits/accesstoken/test/unittest/common/test_common.h index f58fb6bb4..56d814aad 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/common/test_common.h +++ b/interfaces/innerkits/accesstoken/test/unittest/common/test_common.h @@ -66,8 +66,6 @@ public: HapPolicyParams& hapPolicy, AccessTokenIDEx& tokenIdEx); static AccessTokenIDEx AllocAndGrantHapTokenByTest(const HapInfoParams& info, HapPolicyParams& policy); static int32_t DeleteTestHapToken(AccessTokenID tokenID); - static void GetNativeTokenTest(); - static uint64_t GetNativeToken(const char* processName, const char** perms, int32_t permNum); static AccessTokenID GetNativeTokenIdFromProcess(const std::string& process); static AccessTokenIDEx GetHapTokenIdFromBundle( int32_t userID, const std::string& bundleName, int32_t instIndex); diff --git a/interfaces/innerkits/privacy/test/BUILD.gn b/interfaces/innerkits/privacy/test/BUILD.gn index e4a1974ae..5619b3333 100644 --- a/interfaces/innerkits/privacy/test/BUILD.gn +++ b/interfaces/innerkits/privacy/test/BUILD.gn @@ -41,6 +41,7 @@ ohos_unittest("libprivacy_sdk_test") { "mock/src/app_manager_access_client.cpp", "unittest/src/permission_deny_test.cpp", "unittest/src/privacy_kit_test.cpp", + "unittest/src/privacy_test_common.cpp", ] cflags_cc = [ "-DHILOG_ENABLE" ] diff --git a/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp index ba30b8a57..82ac32a39 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -18,6 +18,7 @@ #include "on_permission_used_record_callback_stub.h" #include "privacy_kit.h" #include "privacy_error.h" +#include "privacy_test_common.h" #include "token_setproc.h" namespace OHOS { @@ -47,15 +48,17 @@ using namespace testing::ext; void PermDenyTest::SetUpTestCase() { g_selfTokenId = GetSelfTokenID(); + PrivacyTestCommon::SetTestEvironment(g_selfTokenId); } void PermDenyTest::TearDownTestCase() { + PrivacyTestCommon::ResetTestEvironment(); } void PermDenyTest::SetUp() { - AccessTokenIDEx tokenIDEx = AccessTokenKit::AllocHapToken(g_InfoParms, g_PolicyPrams); + AccessTokenIDEx tokenIDEx = PrivacyTestCommon::AllocTestHapToken(g_InfoParms, g_PolicyPrams); g_FullTokenId = tokenIDEx.tokenIDEx; g_testTokenId = tokenIDEx.tokenIdExStruct.tokenID; @@ -65,8 +68,13 @@ void PermDenyTest::SetUp() void PermDenyTest::TearDown() { EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId)); - AccessTokenKit::DeleteToken(g_testTokenId); - PrivacyKit::RemovePermissionUsedRecords(g_testTokenId); + PrivacyTestCommon::DeleteTestHapToken(g_testTokenId); + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); + MockHapToken mock("PermDenyTest", reqPerm, true); + PrivacyKit::RemovePermissionUsedRecords(g_testTokenId); + } } /** diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 8aec9013b..a9f0372e1 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022-2024 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -37,6 +37,7 @@ #include "perm_setproc.h" #include "privacy_error.h" #include "privacy_kit.h" +#include "privacy_test_common.h" #include "state_change_callback_stub.h" #include "string_ex.h" #include "token_setproc.h" @@ -46,8 +47,8 @@ using namespace OHOS::Security::AccessToken; const static int32_t RET_NO_ERROR = 0; static const uint32_t ACCESS_TOKEN_UID = 3020; -static constexpr int32_t DEFAULT_API_VERSION = 8; static AccessTokenID g_nativeToken = 0; +static MockHapToken* g_mock = nullptr; #ifdef AUDIO_FRAMEWORK_ENABLE static bool g_isMicMute = false; #endif @@ -122,13 +123,6 @@ static HapPolicyParams g_policyPramsC = { .permStateList = {g_infoManagerTestStateC} }; -static PermissionStateFull g_infoManagerTestStateD = { - .permissionName = "ohos.permission.MICROPHONE_BACKGROUND", - .isGeneral = true, - .resDeviceID = {"localC"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {1} -}; static HapInfoParams g_infoParmsD = { .userID = 1, .bundleName = "ohos.privacy_test.bundleD", @@ -200,88 +194,59 @@ static BundleUsedRecord g_bundleUsedRecord = { .bundleName = "com.ohos.test", }; -static HapInfoParams g_normalInfoParms = { - .userID = 1, - .bundleName = "accesstoken_test", - .instIndex = 0, - .appIDDesc = "testtesttesttest", - .apiVersion = DEFAULT_API_VERSION, - .isSystemApp = false -}; -static HapInfoParams g_systemInfoParms = { - .userID = 1, - .bundleName = "accesstoken_test", - .instIndex = 0, - .appIDDesc = "testtesttesttest", - .apiVersion = DEFAULT_API_VERSION, - .isSystemApp = true -}; - static AccessTokenID g_selfTokenId = 0; static AccessTokenID g_tokenIdA = 0; static AccessTokenID g_tokenIdB = 0; -static AccessTokenIDEx g_tokenIdC = {0}; +static AccessTokenID g_tokenIdC = 0; static AccessTokenID g_tokenIdE = 0; static AccessTokenID g_tokenIdF = 0; static AccessTokenID g_tokenIdG = 0; static void DeleteTestToken() { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsA.userID, - g_infoParmsA.bundleName, - g_infoParmsA.instIndex); - AccessTokenKit::DeleteToken(tokenId); - PrivacyKit::RemovePermissionUsedRecords(tokenId); - - tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsB.userID, - g_infoParmsB.bundleName, - g_infoParmsB.instIndex); - AccessTokenKit::DeleteToken(tokenId); - PrivacyKit::RemovePermissionUsedRecords(tokenId); - - tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsC.userID, - g_infoParmsC.bundleName, - g_infoParmsC.instIndex); - AccessTokenKit::DeleteToken(tokenId); - PrivacyKit::RemovePermissionUsedRecords(tokenId); - - tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsE.userID, - g_infoParmsE.bundleName, - g_infoParmsE.instIndex); - AccessTokenKit::DeleteToken(tokenId); - PrivacyKit::RemovePermissionUsedRecords(tokenId); - - tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsF.userID, - g_infoParmsF.bundleName, - g_infoParmsF.instIndex); - AccessTokenKit::DeleteToken(tokenId); - PrivacyKit::RemovePermissionUsedRecords(tokenId); - - tokenId = AccessTokenKit::GetHapTokenID(g_infoParmsG.userID, - g_infoParmsG.bundleName, - g_infoParmsG.instIndex); - AccessTokenKit::DeleteToken(tokenId); - PrivacyKit::RemovePermissionUsedRecords(tokenId); - - tokenId = AccessTokenKit::GetHapTokenID(g_normalInfoParms.userID, - g_normalInfoParms.bundleName, - g_normalInfoParms.instIndex); - AccessTokenKit::DeleteToken(tokenId); - PrivacyKit::RemovePermissionUsedRecords(tokenId); - - tokenId = AccessTokenKit::GetHapTokenID(g_systemInfoParms.userID, - g_systemInfoParms.bundleName, - g_systemInfoParms.instIndex); - AccessTokenKit::DeleteToken(tokenId); - PrivacyKit::RemovePermissionUsedRecords(tokenId); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_infoParmsA.userID, g_infoParmsA.bundleName, g_infoParmsA.instIndex); + PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); + PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID); + + tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_infoParmsB.userID, g_infoParmsB.bundleName, g_infoParmsB.instIndex); + PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); + PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID); + + tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_infoParmsC.userID, g_infoParmsC.bundleName, g_infoParmsC.instIndex); + PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); + PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID); + + tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_infoParmsE.userID, g_infoParmsE.bundleName, g_infoParmsE.instIndex); + PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); + PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID); + + tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_infoParmsF.userID, g_infoParmsF.bundleName, g_infoParmsF.instIndex); + PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); + PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID); + + tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_infoParmsG.userID, g_infoParmsG.bundleName, g_infoParmsG.instIndex); + PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); + PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID); } void PrivacyKitTest::SetUpTestCase() { - DeleteTestToken(); g_selfTokenId = GetSelfTokenID(); - g_nativeToken = AccessTokenKit::GetNativeTokenId("privacy_service"); - + PrivacyTestCommon::SetTestEvironment(g_selfTokenId); + + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); + g_mock = new (std::nothrow) MockHapToken("PrivacyKitTest", reqPerm, true); + + g_nativeToken = PrivacyTestCommon::GetNativeTokenIdFromProcess("privacy_service"); + + DeleteTestToken(); #ifdef AUDIO_FRAMEWORK_ENABLE auto audioGroupManager = OHOS::AudioStandard::AudioSystemManager::GetInstance()->GetGroupManager( OHOS::AudioStandard::DEFAULT_VOLUME_GROUP_ID); @@ -291,6 +256,12 @@ void PrivacyKitTest::SetUpTestCase() void PrivacyKitTest::TearDownTestCase() { + if (g_mock != nullptr) { + delete g_mock; + g_mock = nullptr; + } + SetSelfTokenID(g_selfTokenId); + PrivacyTestCommon::ResetTestEvironment(); } void PrivacyKitTest::SetUp() @@ -300,19 +271,30 @@ void PrivacyKitTest::SetUp() OHOS::AudioStandard::DEFAULT_VOLUME_GROUP_ID); audioGroupManager->SetMicrophoneMutePersistent(false, OHOS::AudioStandard::PolicyType::PRIVACY_POLCIY_TYPE); #endif - AccessTokenKit::AllocHapToken(g_infoParmsA, g_policyPramsA); - AccessTokenKit::AllocHapToken(g_infoParmsB, g_policyPramsB); - AccessTokenKit::AllocHapToken(g_infoParmsC, g_policyPramsC); - AccessTokenKit::AllocHapToken(g_infoParmsE, g_policyPramsE); - AccessTokenKit::AllocHapToken(g_infoParmsF, g_policyPramsF); - AccessTokenKit::AllocHapToken(g_infoParmsG, g_policyPramsG); + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsA, g_policyPramsA); + g_tokenIdA = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, g_tokenIdA); + + tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsB, g_policyPramsB); + g_tokenIdB = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, g_tokenIdB); + + tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsC, g_policyPramsC); + g_tokenIdC = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, g_tokenIdC); + + tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsE, g_policyPramsE); + g_tokenIdE = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, g_tokenIdE); - g_tokenIdA = AccessTokenKit::GetHapTokenID(g_infoParmsA.userID, g_infoParmsA.bundleName, g_infoParmsA.instIndex); - g_tokenIdB = AccessTokenKit::GetHapTokenID(g_infoParmsB.userID, g_infoParmsB.bundleName, g_infoParmsB.instIndex); - g_tokenIdC = AccessTokenKit::GetHapTokenIDEx(g_infoParmsC.userID, g_infoParmsC.bundleName, g_infoParmsC.instIndex); - g_tokenIdE = AccessTokenKit::GetHapTokenID(g_infoParmsE.userID, g_infoParmsE.bundleName, g_infoParmsE.instIndex); - g_tokenIdF = AccessTokenKit::GetHapTokenID(g_infoParmsF.userID, g_infoParmsF.bundleName, g_infoParmsF.instIndex); - g_tokenIdG = AccessTokenKit::GetHapTokenID(g_infoParmsG.userID, g_infoParmsG.bundleName, g_infoParmsG.instIndex); + tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsF, g_policyPramsF); + g_tokenIdF = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, g_tokenIdF); + + tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_infoParmsG, g_policyPramsG); + g_tokenIdG = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, g_tokenIdG); } void PrivacyKitTest::TearDown() @@ -322,7 +304,6 @@ void PrivacyKitTest::TearDown() OHOS::AudioStandard::DEFAULT_VOLUME_GROUP_ID); audioGroupManager->SetMicrophoneMutePersistent(g_isMicMute, OHOS::AudioStandard::PolicyType::PRIVACY_POLCIY_TYPE); #endif - EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId)); DeleteTestToken(); } @@ -594,17 +575,16 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord006, TestSize.Level1) } /** - * @tc.name: AddPermissionUsedRecord008 + * @tc.name: AddPermissionUsedRecord007 * @tc.desc: AddPermissionUsedRecord caller is normal app. * @tc.type: FUNC * @tc.require: issueI66BH3 */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord008, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord007, TestSize.Level1) { - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); + MockHapToken mock("AddPermissionUsedRecord007", reqPerm, false); AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -616,12 +596,12 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord008, TestSize.Level1) } /** - * @tc.name: AddPermissionUsedRecord009 + * @tc.name: AddPermissionUsedRecord008 * @tc.desc: query permission record detail count. * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord009, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord008, TestSize.Level1) { int32_t permRecordSize = 0; @@ -673,12 +653,12 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord009, TestSize.Level1) } /** - * @tc.name: AddPermissionUsedRecord010 + * @tc.name: AddPermissionUsedRecord009 * @tc.desc: test record cross minute not merge. * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord010, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord009, TestSize.Level1) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -744,13 +724,11 @@ HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords002, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords003, TestSize.Level1) { - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); - ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, - PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID)); - EXPECT_EQ(0, AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID)); + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); + MockHapToken mock("RemovePermissionUsedRecords003", reqPerm, false); + AccessTokenID tokenID = GetSelfTokenID(); + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::RemovePermissionUsedRecords(tokenID)); } /** @@ -919,16 +897,16 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords004, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords005, TestSize.Level1) { - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); + MockHapToken mock("GetPermissionUsedRecords005", reqPerm, false); + AccessTokenID tokenID = GetSelfTokenID(); PermissionUsedRequest request; PermissionUsedResult result; std::vector permissionList; // query by tokenId - BuildQueryRequest(g_tokenIdA, "", permissionList, request); + BuildQueryRequest(tokenID, "", permissionList, request); ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::GetPermissionUsedRecords(request, result)); } @@ -1022,33 +1000,32 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync002, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync003, TestSize.Level1) { - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_systemInfoParms, g_policyPramsA); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + std::vector reqPerm; + MockHapToken mock("GetPermissionUsedRecordsAsync003", reqPerm, true); + AccessTokenID tokenID = GetSelfTokenID(); PermissionUsedRequest request; std::vector permissionList; - BuildQueryRequest(g_tokenIdA, "", permissionList, request); + BuildQueryRequest(tokenID, "", permissionList, request); OHOS::sptr callback(new TestCallBack()); ASSERT_EQ(ERR_PERMISSION_DENIED, PrivacyKit::GetPermissionUsedRecords(request, callback)); } /** * @tc.name: GetPermissionUsedRecordsAsync004 - * @tc.desc: cannot GetPermissionUsedRecordsAsync without permission. + * @tc.desc: cannot GetPermissionUsedRecordsAsync caller is normal app. * @tc.type: FUNC * @tc.require: issueI5P4IU */ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync004, TestSize.Level1) { - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + std::vector reqPerm; + MockHapToken mock("GetPermissionUsedRecordsAsync004", reqPerm, false); + AccessTokenID tokenID = GetSelfTokenID(); + PermissionUsedRequest request; std::vector permissionList; - BuildQueryRequest(g_tokenIdA, "", permissionList, request); + BuildQueryRequest(tokenID, "", permissionList, request); OHOS::sptr callback(new TestCallBack()); ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::GetPermissionUsedRecords(request, callback)); } @@ -1366,10 +1343,8 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback009, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback010, TestSize.Level1) { - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + std::vector reqPerm; + MockHapToken mock("RegisterPermActiveStatusCallback010", reqPerm, false); std::vector permList1 = {"ohos.permission.CAMERA"}; auto callbackPtr = std::make_shared(permList1); @@ -1387,14 +1362,11 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback011, TestSize.Level1) std::vector permList1 = {"ohos.permission.CAMERA"}; auto callbackPtr1 = std::make_shared(permList1); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::RegisterPermActiveStatusCallback(callbackPtr1)); - - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); - ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::UnRegisterPermActiveStatusCallback(callbackPtr1)); - - EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId)); + { + std::vector reqPerm; + MockHapToken mockTmp("RegisterPermActiveStatusCallback011_1", reqPerm, false); + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::UnRegisterPermActiveStatusCallback(callbackPtr1)); + } ASSERT_EQ(RET_NO_ERROR, PrivacyKit::UnRegisterPermActiveStatusCallback(callbackPtr1)); } @@ -1475,7 +1447,8 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission001, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission002, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId)); + std::vector reqPerm; + MockHapToken mock("IsAllowedUsingPermission002", reqPerm, true); std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName)); } @@ -1488,14 +1461,133 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission002, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission003, TestSize.Level1) { - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_systemInfoParms, g_policyPramsA); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + std::vector reqPerm; + MockHapToken mock("IsAllowedUsingPermission003", reqPerm, true); + std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName)); } + +/** + * @tc.name: IsAllowedUsingPermission004 + * @tc.desc: IsAllowedUsingPermission with valid tokenId. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission004, TestSize.Level1) +{ + std::string permissionName = "ohos.permission.MICROPHONE"; + std::vector list; + int32_t ret = AppManagerAccessClient::GetInstance().GetForegroundApplications(list); + ASSERT_EQ(0, ret); + if (list.empty()) { + GTEST_LOG_(INFO) << "GetForegroundApplications empty "; + return; + } + uint32_t tokenIdForeground = list[0].accessTokenId; + ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName)); +} + +/** + * @tc.name: IsAllowedUsingPermission005 + * @tc.desc: IsAllowedUsingPermission with valid pid. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission005, TestSize.Level1) +{ + std::vector list; + ASSERT_EQ(0, AppManagerAccessClient::GetInstance().GetForegroundApplications(list)); + if (list.empty()) { + GTEST_LOG_(INFO) << "GetForegroundApplications empty "; + return; + } + + uint32_t tokenIdForeground = list[0].accessTokenId; + int32_t pidForground = list[0].pid; + std::string permissionName = "ohos.permission.MICROPHONE"; + ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID)); + ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground)); + + permissionName = "ohos.permission.CAMERA"; + ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID)); + ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground)); +} + +/** + * @tc.name: IsAllowedUsingPermission006 + * @tc.desc: IsAllowedUsingPermission with MICROPHONE_BACKGROUND permission. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission006, TestSize.Level1) +{ + std::string permissionName = "ohos.permission.MICROPHONE"; + ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName)); + + HapInfoParams info = { + .userID = 1, + .bundleName = "ohos.privacy_test.microphone", + .instIndex = 0, + .appIDDesc = "privacy_test.microphone" + }; + + PermissionStateFull infoManagerTestStateD = { + .permissionName = "ohos.permission.MICROPHONE_BACKGROUND", + .isGeneral = true, + .resDeviceID = {"localC"}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .grantFlags = {1} + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = {infoManagerTestStateD} + }; + + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(info, policy); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(0, tokenId); // hap MICROPHONE_BACKGROUND permission + ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenId, permissionName)); // background hap + + info.isSystemApp = true; + info.bundleName = "ohos.privacy_test.microphone.sys_app"; + tokenIdEx = PrivacyTestCommon::AllocTestHapToken(info, policy); + AccessTokenID sysApptokenId = tokenIdEx.tokenIdExStruct.tokenID; + + uint32_t selfUid = getuid(); + uint64_t selfTokenId = GetSelfTokenID(); + setuid(ACCESS_TOKEN_UID); + + uint32_t opCode1 = -1; + uint32_t opCode2 = -1; + ASSERT_EQ(true, TransferPermissionToOpcode("ohos.permission.SET_FOREGROUND_HAP_REMINDER", opCode1)); + ASSERT_EQ(true, TransferPermissionToOpcode("ohos.permission.PERMISSION_USED_STATS", opCode2)); + ASSERT_EQ(0, AddPermissionToKernel(sysApptokenId, {opCode1, opCode2}, {1, 1})); + EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + + // callkit set hap to foreground with MICROPHONE_BACKGROUND + EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(tokenId, true)); + EXPECT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenId, permissionName)); + + // callkit set g_tokenIdE to foreground without MICROPHONE_BACKGROUND + EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true)); + EXPECT_EQ(true, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName)); + + EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(tokenId, false)); + EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false)); + + ASSERT_EQ(0, RemovePermissionFromKernel(sysApptokenId)); + ASSERT_EQ(0, PrivacyTestCommon::DeleteTestHapToken(tokenId)); + ASSERT_EQ(0, PrivacyTestCommon::DeleteTestHapToken(sysApptokenId)); + + setuid(selfUid); + EXPECT_EQ(0, SetSelfTokenID(selfTokenId)); +} + /** * @tc.name: StartUsingPermission001 * @tc.desc: StartUsingPermission with invalid tokenId or permission or usedType. @@ -1657,11 +1749,9 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission009, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, StartUsingPermission010, TestSize.Level1) { - g_policyPramsA.permStateList.emplace_back(g_infoManagerTestStateC); - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); + MockHapToken mock("StartUsingPermission010", reqPerm, false); std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName)); @@ -1732,10 +1822,10 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission013, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, StartUsingPermission014, TestSize.Level1) { - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); + MockHapToken mock("StartUsingPermission014", reqPerm, false); + std::string permissionName = "ohos.permission.CAMERA"; auto callbackPtr = std::make_shared(); ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, @@ -1818,10 +1908,9 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission005, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, StopUsingPermission006, TestSize.Level1) { - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_normalInfoParms, g_policyPramsA); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); + MockHapToken mock("StopUsingPermission006", reqPerm, false); std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::StopUsingPermission(g_tokenIdE, permissionName)); @@ -2066,7 +2155,6 @@ HWTEST_F(PrivacyKitTest, InitProxy001, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, RegisterSecCompEnhance001, TestSize.Level1) { - SetSelfTokenID(g_tokenIdA); SecCompEnhanceData data; data.callback = nullptr; data.challenge = 0; @@ -2078,8 +2166,7 @@ HWTEST_F(PrivacyKitTest, RegisterSecCompEnhance001, TestSize.Level1) data.callback = new (std::nothrow) StateChangeCallback(callbackPtr); EXPECT_EQ(RET_SUCCESS, PrivacyKit::RegisterSecCompEnhance(data)); - AccessTokenID secCompId = AccessTokenKit::GetNativeTokenId("security_component_service"); - EXPECT_EQ(0, SetSelfTokenID(secCompId)); + MockNativeToken mock("security_component_service"); SecCompEnhanceData data1; EXPECT_EQ(RET_SUCCESS, PrivacyKit::GetSecCompEnhance(getpid(), data1)); EXPECT_NE(RET_SUCCESS, PrivacyKit::GetSecCompEnhance(0, data1)); @@ -2095,8 +2182,7 @@ HWTEST_F(PrivacyKitTest, RegisterSecCompEnhance001, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, GetSpecialSecCompEnhance001, TestSize.Level1) { - AccessTokenID secCompId = AccessTokenKit::GetNativeTokenId("security_component_service"); - EXPECT_EQ(0, SetSelfTokenID(secCompId)); + MockNativeToken mock("security_component_service"); std::vector res; ASSERT_EQ(RET_SUCCESS, PrivacyKit::GetSpecialSecCompEnhance("", res)); @@ -2340,7 +2426,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos001, TestSize.Level1) // g_tokenIdB add picker used type ASSERT_EQ(RET_SUCCESS, PrivacyKit::AddPermissionUsedRecord(info)); - info.tokenId = g_tokenIdC.tokenIdExStruct.tokenID; + info.tokenId = g_tokenIdC; info.type = PermissionUsedType::SECURITY_COMPONENT_TYPE; // g_tokenIdC add security component used type ASSERT_EQ(RET_SUCCESS, PrivacyKit::AddPermissionUsedRecord(info)); @@ -2354,7 +2440,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos001, TestSize.Level1) ASSERT_EQ(PermissionUsedType::NORMAL_TYPE, result.type); // g_tokenIdA only normal type } else if (result.tokenId == g_tokenIdB) { ASSERT_EQ(PermissionUsedType::PICKER_TYPE, result.type); // g_tokenIdB only picker type - } else if (result.tokenId == g_tokenIdC.tokenIdExStruct.tokenID) { + } else if (result.tokenId == g_tokenIdC) { // g_tokenIdC only security component type ASSERT_EQ(PermissionUsedType::SECURITY_COMPONENT_TYPE, result.type); } @@ -2437,7 +2523,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos003, TestSize.Level1) // g_tokenIdB add picker used type ASSERT_EQ(RET_SUCCESS, PrivacyKit::AddPermissionUsedRecord(info)); - info.tokenId = g_tokenIdC.tokenIdExStruct.tokenID; + info.tokenId = g_tokenIdC; info.type = PermissionUsedType::SECURITY_COMPONENT_TYPE; // g_tokenIdC add security component used type ASSERT_EQ(RET_SUCCESS, PrivacyKit::AddPermissionUsedRecord(info)); @@ -2456,10 +2542,9 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos003, TestSize.Level1) ASSERT_EQ(PermissionUsedType::PICKER_TYPE, results2[FIRST_INDEX].type); // picker type std::vector results3; - ASSERT_EQ(RET_SUCCESS, PrivacyKit::GetPermissionUsedTypeInfos(g_tokenIdC.tokenIdExStruct.tokenID, - permissionName, results3)); + ASSERT_EQ(RET_SUCCESS, PrivacyKit::GetPermissionUsedTypeInfos(g_tokenIdC, permissionName, results3)); ASSERT_EQ(static_cast(RESULT_NUM_ONE), results3.size()); // only g_tokenIdC - ASSERT_EQ(g_tokenIdC.tokenIdExStruct.tokenID, results3[FIRST_INDEX].tokenId); + ASSERT_EQ(g_tokenIdC, results3[FIRST_INDEX].tokenId); ASSERT_EQ(PermissionUsedType::SECURITY_COMPONENT_TYPE, results3[FIRST_INDEX].type); // security component type } @@ -2495,21 +2580,22 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos004, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos005, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_tokenIdA)); // g_tokenIdA is a normal hap - + std::vector reqPerm; std::string permissionName; std::vector results; - ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::GetPermissionUsedTypeInfos(0, permissionName, results)); - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_infoParmsD, g_policyPramsD); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); // as a system hap without PERMISSION_USED_STATE - ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, PrivacyKit::GetPermissionUsedTypeInfos( - 0, permissionName, results)); + { + // as a normal hap without PERMISSION_USED_STATE + MockHapToken mock("GetPermissionUsedTypeInfos005", reqPerm, false); + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, PrivacyKit::GetPermissionUsedTypeInfos(0, permissionName, results)); + } - PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID); - EXPECT_EQ(0, AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID)); // delete test hap + { + // as a system hap without PERMISSION_USED_STATE + MockHapToken mock("GetPermissionUsedTypeInfos005", reqPerm, true); + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, PrivacyKit::GetPermissionUsedTypeInfos( + 0, permissionName, results)); + } } /* @@ -2522,19 +2608,17 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos006, TestSize.Level1) { uint32_t count = MAX_PERMISSION_USED_TYPE_SIZE + 1; - // set callertoken to system app - ASSERT_EQ(0, SetSelfTokenID(g_tokenIdC.tokenIDEx)); - // add 2001 permission used type record std::vector tokenIdList; - std::string tmpBundleName = g_infoParmsC.bundleName; for (uint32_t i = 0; i < count; i++) { - std::string bundleName = tmpBundleName + std::to_string(i); - g_infoParmsC.bundleName = bundleName; - AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoParmsC, g_policyPramsC); + HapInfoParams infoParms = g_infoParmsC; + HapPolicyParams policyPrams = g_policyPramsC; + infoParms.bundleName = infoParms.bundleName + std::to_string(i); + + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(infoParms, policyPrams); AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(tokenId, INVALID_TOKENID); + EXPECT_NE(INVALID_TOKENID, tokenId); tokenIdList.emplace_back(tokenId); AddPermParamInfo info; @@ -2542,21 +2626,19 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos006, TestSize.Level1) info.permissionName = "ohos.permission.READ_CONTACTS"; info.successCount = 1; info.failCount = 0; - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); + EXPECT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); } AccessTokenID tokenId = 0; std::string permissionName; std::vector results; // record over size - ASSERT_EQ(PrivacyError::ERR_OVERSIZE, PrivacyKit::GetPermissionUsedTypeInfos(tokenId, permissionName, results)); + EXPECT_EQ(PrivacyError::ERR_OVERSIZE, PrivacyKit::GetPermissionUsedTypeInfos(tokenId, permissionName, results)); for (const auto& id : tokenIdList) { - PrivacyKit::RemovePermissionUsedRecords(id); - ASSERT_EQ(0, AccessTokenKit::DeleteToken(id)); + EXPECT_EQ(RET_SUCCESS, PrivacyKit::RemovePermissionUsedRecords(id)); + EXPECT_EQ(RET_SUCCESS, PrivacyTestCommon::DeleteTestHapToken(id)); } - - g_infoParmsC.bundleName = tmpBundleName; } /** @@ -2587,10 +2669,8 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest001, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, SetMutePolicyTest002, TestSize.Level1) { - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_infoParmsD, g_policyPramsD); - ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); // as a system hap without SET_MUTE_POLICY + std::vector reqPerm; + MockHapToken mock("SetMutePolicyTest002", reqPerm, true); // as a system hap without SET_MUTE_POLICY ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID)); } @@ -2603,120 +2683,12 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest002, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, SetMutePolicyTest003, TestSize.Level1) { - uint32_t tokenId = AccessTokenKit::GetNativeTokenId("camera_service"); - ASSERT_NE(0, tokenId); - EXPECT_EQ(0, SetSelfTokenID(tokenId)); // as a system service with SET_MUTE_POLICY + MockNativeToken mock("camera_service"); // as a system service with SET_MUTE_POLICY ASSERT_EQ(PrivacyError::ERR_FIRST_CALLER_NOT_EDM, PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID)); } -/** - * @tc.name: IsAllowedUsingPermission011 - * @tc.desc: IsAllowedUsingPermission with valid tokenId. - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission011, TestSize.Level1) -{ - std::string permissionName = "ohos.permission.MICROPHONE"; - std::vector list; - int32_t ret = AppManagerAccessClient::GetInstance().GetForegroundApplications(list); - ASSERT_EQ(0, ret); - if (list.empty()) { - GTEST_LOG_(INFO) << "GetForegroundApplications empty "; - return; - } - uint32_t tokenIdForeground = list[0].accessTokenId; - ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName)); -} - -/** - * @tc.name: IsAllowedUsingPermission012 - * @tc.desc: IsAllowedUsingPermission with valid pid. - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission012, TestSize.Level1) -{ - std::vector list; - ASSERT_EQ(0, AppManagerAccessClient::GetInstance().GetForegroundApplications(list)); - if (list.empty()) { - GTEST_LOG_(INFO) << "GetForegroundApplications empty "; - return; - } - - uint32_t tokenIdForeground = list[0].accessTokenId; - int32_t pidForground = list[0].pid; - std::string permissionName = "ohos.permission.MICROPHONE"; - ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID)); - ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground)); - - permissionName = "ohos.permission.CAMERA"; - ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID)); - ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground)); -} - -/** - * @tc.name: IsAllowedUsingPermission013 - * @tc.desc: IsAllowedUsingPermission with MICROPHONE_BACKGROUND permission. - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission013, TestSize.Level1) -{ - std::string permissionName = "ohos.permission.MICROPHONE"; - ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName)); - - HapInfoParams info = { - .userID = 1, - .bundleName = "ohos.privacy_test.microphone", - .instIndex = 0, - .appIDDesc = "privacy_test.microphone" - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = {g_infoManagerTestStateD} - }; - - AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(info, policy); - AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(0, tokenId); // hap MICROPHONE_BACKGROUND permission - ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenId, permissionName)); // background hap - info.isSystemApp = true; - info.bundleName = "ohos.privacy_test.microphone.sys_app"; - tokenIdEx = AccessTokenKit::AllocHapToken(info, policy); - AccessTokenID sysApptokenId = tokenIdEx.tokenIdExStruct.tokenID; - - uint32_t selfUid = getuid(); - setuid(ACCESS_TOKEN_UID); - - uint32_t opCode1 = -1; - uint32_t opCode2 = -1; - ASSERT_EQ(true, TransferPermissionToOpcode("ohos.permission.SET_FOREGROUND_HAP_REMINDER", opCode1)); - ASSERT_EQ(true, TransferPermissionToOpcode("ohos.permission.PERMISSION_USED_STATS", opCode2)); - ASSERT_EQ(0, AddPermissionToKernel(sysApptokenId, {opCode1, opCode2}, {1, 1})); - EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); - GTEST_LOG_(INFO) << "permissionSet OK "; - - // callkit set hap to foreground with MICROPHONE_BACKGROUND - EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(tokenId, true)); - EXPECT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenId, permissionName)); - - // callkit set g_tokenIdE to foreground without MICROPHONE_BACKGROUND - EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true)); - EXPECT_EQ(true, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName)); - - EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(tokenId, false)); - EXPECT_EQ(0, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false)); - ASSERT_EQ(0, RemovePermissionFromKernel(sysApptokenId)); - setuid(selfUid); - ASSERT_EQ(0, AccessTokenKit::DeleteToken(sysApptokenId)); -} - /** * @tc.name: SetHapWithFGReminder01 * @tc.desc: SetHapWithFGReminder with valid tokenId. @@ -2728,32 +2700,31 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder01, TestSize.Level1) uint32_t opCode1; uint32_t opCode2; uint32_t selfUid = getuid(); - setuid(0); - g_infoParmsA.isSystemApp = true; - AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoParmsA, g_policyPramsA); + uint64_t selfTokenId = GetSelfTokenID(); + HapInfoParams infoParmsA = g_infoParmsA; + HapPolicyParams policyPramsA = g_policyPramsA; + infoParmsA.isSystemApp = true; + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(infoParmsA, policyPramsA); uint32_t tokenTest = tokenIdEx.tokenIdExStruct.tokenID; setuid(ACCESS_TOKEN_UID); EXPECT_EQ(true, TransferPermissionToOpcode("ohos.permission.SET_FOREGROUND_HAP_REMINDER", opCode1)); EXPECT_EQ(true, TransferPermissionToOpcode("ohos.permission.PERMISSION_USED_STATS", opCode2)); - int32_t res = AddPermissionToKernel(tokenTest, {opCode1, opCode2}, {1, 1}); - ASSERT_EQ(res, 0); - GTEST_LOG_(INFO) << "permissionSet OK "; + ASSERT_EQ(RET_SUCCESS, AddPermissionToKernel(tokenTest, {opCode1, opCode2}, {1, 1})); EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); + std::string permissionName = "ohos.permission.MICROPHONE"; ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName)); - int32_t ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true); - ASSERT_EQ(ret, 0); + ASSERT_EQ(RET_SUCCESS, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true)); ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName)); - ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false); - ASSERT_EQ(ret, 0); + ASSERT_EQ(RET_SUCCESS, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false)); + + ASSERT_EQ(RET_SUCCESS, RemovePermissionFromKernel(tokenIdEx.tokenIDEx)); + ASSERT_EQ(RET_SUCCESS, PrivacyTestCommon::DeleteTestHapToken(tokenTest)); - res = RemovePermissionFromKernel(tokenIdEx.tokenIDEx); - ASSERT_EQ(res, 0); - setuid(0); - ASSERT_EQ(0, AccessTokenKit::DeleteToken(tokenTest)); setuid(selfUid); + EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(selfTokenId)); } /** @@ -2768,6 +2739,7 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder02, TestSize.Level1) uint32_t opCode2; uint32_t tokenTest = 111; /// 111 is a tokenId uint32_t selfUid = getuid(); + uint64_t selfTokenId = GetSelfTokenID(); setuid(ACCESS_TOKEN_UID); EXPECT_EQ(true, TransferPermissionToOpcode("ohos.permission.SET_FOREGROUND_HAP_REMINDER", opCode1)); @@ -2776,17 +2748,16 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder02, TestSize.Level1) ASSERT_EQ(res, 0); EXPECT_EQ(0, SetSelfTokenID(tokenTest)); - int32_t ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true); - ASSERT_EQ(ret, 0); - ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true); - ASSERT_EQ(ret, PrivacyError::ERR_PARAM_INVALID); - ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false); - ASSERT_EQ(ret, 0); - ret = PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false); - ASSERT_EQ(ret, PrivacyError::ERR_PARAM_INVALID); - res = RemovePermissionFromKernel(tokenTest); - ASSERT_EQ(res, 0); + + ASSERT_EQ(RET_SUCCESS, PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true)); + ASSERT_EQ(PrivacyKit::SetHapWithFGReminder(g_tokenIdE, true), PrivacyError::ERR_PARAM_INVALID); + ASSERT_EQ(PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false), 0); + ASSERT_EQ(PrivacyKit::SetHapWithFGReminder(g_tokenIdE, false), PrivacyError::ERR_PARAM_INVALID); + + ASSERT_EQ(RET_SUCCESS, RemovePermissionFromKernel(tokenTest)); + setuid(selfUid); + EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(selfTokenId)); } /** @@ -2801,6 +2772,7 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder03, TestSize.Level1) uint32_t opCode2; uint32_t tokenTest = 111; /// 111 is a tokenId uint32_t selfUid = getuid(); + uint64_t selfTokenId = GetSelfTokenID(); setuid(ACCESS_TOKEN_UID); EXPECT_EQ(true, TransferPermissionToOpcode("ohos.permission.SET_FOREGROUND_HAP_REMINDER", opCode1)); @@ -2809,16 +2781,17 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder03, TestSize.Level1) ASSERT_EQ(res, 0); EXPECT_EQ(0, SetSelfTokenID(tokenTest)); + uint32_t nativeTokenId = 672137215; // 672137215 is a native token - int32_t ret = PrivacyKit::SetHapWithFGReminder(nativeTokenId, true); - ASSERT_EQ(ret, PrivacyError::ERR_PARAM_INVALID); - res = RemovePermissionFromKernel(tokenTest); - ASSERT_EQ(res, 0); - setuid(selfUid); + ASSERT_EQ(PrivacyKit::SetHapWithFGReminder(nativeTokenId, true), PrivacyError::ERR_PARAM_INVALID); uint32_t invalidTokenId = 0; - ret = PrivacyKit::SetHapWithFGReminder(invalidTokenId, true); - ASSERT_EQ(ret, PrivacyError::ERR_PARAM_INVALID); + ASSERT_EQ(PrivacyKit::SetHapWithFGReminder(invalidTokenId, true), PrivacyError::ERR_PARAM_INVALID); + + ASSERT_EQ(RET_SUCCESS, RemovePermissionFromKernel(tokenTest)); + + setuid(selfUid); + EXPECT_EQ(RET_SUCCESS, SetSelfTokenID(selfTokenId)); } /** @@ -2844,11 +2817,16 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1 */ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level1) { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.ERR_PERMISSION_DENIED"); + reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); + MockHapToken mock("SetPermissionUsedRecordToggleStatus002", reqPerm, true); + int32_t permRecordSize = 0; bool status = true; - int32_t resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status); - EXPECT_EQ(resGet, 0); + EXPECT_EQ(RET_SUCCESS, PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true)); + EXPECT_EQ(RET_SUCCESS, PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status)); EXPECT_TRUE(status); AddPermParamInfo info; @@ -2873,8 +2851,7 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level1 ASSERT_EQ(1, static_cast(result.bundleRecords.size())); ASSERT_EQ(permRecordSize, static_cast(result.bundleRecords[0].permissionRecords.size())); - int32_t resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, false); - EXPECT_EQ(resSet, 0); + EXPECT_EQ(RET_NO_ERROR, PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, false)); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); ASSERT_EQ(0, static_cast(result.bundleRecords.size())); @@ -2885,8 +2862,7 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level1 ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); ASSERT_EQ(0, static_cast(result.bundleRecords.size())); - resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true); - EXPECT_EQ(resSet, 0); + EXPECT_EQ(RET_NO_ERROR, PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true)); } /** @@ -2897,13 +2873,16 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level1 */ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus003, TestSize.Level1) { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.ERR_PERMISSION_DENIED"); + reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); + MockHapToken mock("SetPermissionUsedRecordToggleStatus003", reqPerm, true); + int32_t permRecordSize = 0; bool status = true; - int32_t resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, false); - int32_t resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status); - EXPECT_EQ(resSet, 0); - EXPECT_EQ(resGet, 0); + EXPECT_EQ(RET_NO_ERROR, PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, false)); + EXPECT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status)); EXPECT_FALSE(status); AddPermParamInfo info; @@ -2925,10 +2904,8 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus003, TestSize.Level1 ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); ASSERT_EQ(0, static_cast(result.bundleRecords.size())); - resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true); - resGet = PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status); - EXPECT_EQ(resSet, 0); - EXPECT_EQ(resGet, 0); + EXPECT_EQ(RET_NO_ERROR, PrivacyKit::SetPermissionUsedRecordToggleStatus(USER_ID_2, true)); + EXPECT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecordToggleStatus(USER_ID_2, status)); EXPECT_TRUE(status); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.cpp new file mode 100644 index 000000000..1f5e502d9 --- /dev/null +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.cpp @@ -0,0 +1,193 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "privacy_test_common.h" +#include "gtest/gtest.h" +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +std::mutex g_lockSetToken; +uint64_t g_shellTokenId = 0; +} +void PrivacyTestCommon::SetTestEvironment(uint64_t shellTokenId) +{ + std::lock_guard lock(g_lockSetToken); + g_shellTokenId = shellTokenId; +} + +void PrivacyTestCommon::ResetTestEvironment() +{ + std::lock_guard lock(g_lockSetToken); + g_shellTokenId = 0; +} + +uint64_t PrivacyTestCommon::GetShellTokenId() +{ + std::lock_guard lock(g_lockSetToken); + return g_shellTokenId; +} + +AccessTokenIDEx PrivacyTestCommon::AllocTestHapToken(const HapInfoParams& hapInfo, HapPolicyParams& hapPolicy) +{ + AccessTokenIDEx tokenIdEx = {0}; + uint64_t selfTokenId = GetSelfTokenID(); + for (auto& permissionStateFull : hapPolicy.permStateList) { + PermissionDef permDefResult; + if (AccessTokenKit::GetDefPermission(permissionStateFull.permissionName, permDefResult) != RET_SUCCESS) { + continue; + } + if (permDefResult.availableLevel > hapPolicy.apl) { + hapPolicy.aclRequestedList.emplace_back(permissionStateFull.permissionName); + } + } + if (PrivacyTestCommon::GetNativeTokenIdFromProcess("foundation") == selfTokenId) { + AccessTokenKit::InitHapToken(hapInfo, hapPolicy, tokenIdEx); + } else { + // set sh token for self + MockNativeToken mock("foundation"); + AccessTokenKit::InitHapToken(hapInfo, hapPolicy, tokenIdEx); + + // restore + EXPECT_EQ(0, SetSelfTokenID(selfTokenId)); + } + return tokenIdEx; +} + +int32_t PrivacyTestCommon::DeleteTestHapToken(AccessTokenID tokenID) +{ + uint64_t selfTokenId = GetSelfTokenID(); + if (PrivacyTestCommon::GetNativeTokenIdFromProcess("foundation") == selfTokenId) { + return AccessTokenKit::DeleteToken(tokenID); + } + + // set sh token for self + MockNativeToken mock("foundation"); + + int32_t ret = AccessTokenKit::DeleteToken(tokenID); + // restore + EXPECT_EQ(0, SetSelfTokenID(selfTokenId)); + return ret; +} + +AccessTokenID PrivacyTestCommon::GetNativeTokenIdFromProcess(const std::string &process) +{ + uint64_t selfTokenId = GetSelfTokenID(); + EXPECT_EQ(0, SetSelfTokenID(PrivacyTestCommon::GetShellTokenId())); // set shell token + + std::string dumpInfo; + AtmToolsParamInfo info; + info.processName = process; + AccessTokenKit::DumpTokenInfo(info, dumpInfo); + size_t pos = dumpInfo.find("\"tokenID\": "); + if (pos == std::string::npos) { + return 0; + } + pos += std::string("\"tokenID\": ").length(); + std::string numStr; + while (pos < dumpInfo.length() && std::isdigit(dumpInfo[pos])) { + numStr += dumpInfo[pos]; + ++pos; + } + // restore + EXPECT_EQ(0, SetSelfTokenID(selfTokenId)); + + std::istringstream iss(numStr); + AccessTokenID tokenID; + iss >> tokenID; + return tokenID; +} + +// need call by native process +AccessTokenIDEx PrivacyTestCommon::GetHapTokenIdFromBundle( + int32_t userID, const std::string& bundleName, int32_t instIndex) +{ + uint64_t selfTokenId = GetSelfTokenID(); + ATokenTypeEnum type = AccessTokenKit::GetTokenTypeFlag(static_cast(selfTokenId)); + if (type != TOKEN_NATIVE) { + AccessTokenID tokenId1 = GetNativeTokenIdFromProcess("privacy_service"); + EXPECT_EQ(0, SetSelfTokenID(tokenId1)); + } + AccessTokenIDEx tokenIdEx = AccessTokenKit::GetHapTokenIDEx(userID, bundleName, instIndex); + + EXPECT_EQ(0, SetSelfTokenID(selfTokenId)); + return tokenIdEx; +} + +MockNativeToken::MockNativeToken(const std::string& process) +{ + selfToken_ = GetSelfTokenID(); + uint32_t tokenId = PrivacyTestCommon::GetNativeTokenIdFromProcess(process); + SetSelfTokenID(tokenId); +} + +MockNativeToken::~MockNativeToken() +{ + SetSelfTokenID(selfToken_); +} + +MockHapToken::MockHapToken( + const std::string& bundle, const std::vector& reqPerm, bool isSystemApp) +{ + selfToken_ = GetSelfTokenID(); + HapInfoParams infoParams = { + .userID = 0, + .bundleName = bundle, + .instIndex = 0, + .appIDDesc = "AccessTokenTestAppID", + .apiVersion = PrivacyTestCommon::DEFAULT_API_VERSION, + .isSystemApp = isSystemApp, + .appDistributionType = "", + }; + + HapPolicyParams policyParams = { + .apl = APL_NORMAL, + .domain = "accesstoken_test_domain", + }; + for (size_t i = 0; i < reqPerm.size(); ++i) { + PermissionDef permDefResult; + if (AccessTokenKit::GetDefPermission(reqPerm[i], permDefResult) != RET_SUCCESS) { + continue; + } + PermissionStateFull permState = { + .permissionName = reqPerm[i], + .isGeneral = true, + .resDeviceID = {"local3"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG} + }; + policyParams.permStateList.emplace_back(permState); + if (permDefResult.availableLevel > policyParams.apl) { + policyParams.aclRequestedList.emplace_back(reqPerm[i]); + } + } + + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(infoParams, policyParams); + mockToken_= tokenIdEx.tokenIdExStruct.tokenID; + EXPECT_NE(mockToken_, INVALID_TOKENID); + EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); +} + +MockHapToken::~MockHapToken() +{ + if (mockToken_ != INVALID_TOKENID) { + EXPECT_EQ(0, PrivacyTestCommon::DeleteTestHapToken(mockToken_)); + } + EXPECT_EQ(0, SetSelfTokenID(selfToken_)); +} +} // namespace SecurityComponent +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.h b/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.h new file mode 100644 index 000000000..38254950e --- /dev/null +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.h @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PRIVACY_TEST_COMMON_H +#define PRIVACY_TEST_COMMON_H + +#include "access_token.h" +#include "accesstoken_kit.h" +#include "nativetoken_kit.h" +#include "token_setproc.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class MockNativeToken { +public: + explicit MockNativeToken(const std::string& process); + ~MockNativeToken(); +private: + uint64_t selfToken_; +}; + +class MockHapToken { +public: + explicit MockHapToken( + const std::string& bundle, const std::vector& reqPerm, bool isSystemApp = true); + ~MockHapToken(); +private: + uint64_t selfToken_; + uint32_t mockToken_; +}; +class PrivacyTestCommon { +public: + static constexpr int32_t DEFAULT_API_VERSION = 12; + static void SetTestEvironment(uint64_t shellTokenId); + static void ResetTestEvironment(); + static uint64_t GetShellTokenId(); + + static AccessTokenIDEx AllocTestHapToken(const HapInfoParams& hapInfo, HapPolicyParams& hapPolicy); + static int32_t DeleteTestHapToken(AccessTokenID tokenID); + static AccessTokenID GetNativeTokenIdFromProcess(const std::string& process); + static AccessTokenIDEx GetHapTokenIdFromBundle( + int32_t userID, const std::string& bundleName, int32_t instIndex); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_TEST_COMMON_H diff --git a/services/privacymanager/test/coverage/BUILD.gn b/services/privacymanager/test/coverage/BUILD.gn index 36d7efa6b..d3f3bde0d 100644 --- a/services/privacymanager/test/coverage/BUILD.gn +++ b/services/privacymanager/test/coverage/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -28,6 +28,8 @@ if (is_standard_system && ability_base_enable == true) { include_dirs = [ "${access_token_path}/frameworks/common/include", + "${access_token_path}/interfaces/innerkits/nativetoken/include", + "${access_token_path}/interfaces/innerkits/privacy/test/unittest/src", "${access_token_path}/frameworks/privacy/include", "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/interfaces/innerkits/privacy/include", @@ -51,6 +53,7 @@ if (is_standard_system && ability_base_enable == true) { ] sources = [ + "${access_token_path}/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.cpp", "../../src/active/active_status_callback_manager.cpp", "../../src/active/perm_active_status_callback_death_recipient.cpp", "../../src/active/perm_active_status_change_callback_proxy.cpp", @@ -81,6 +84,7 @@ if (is_standard_system && ability_base_enable == true) { "${access_token_path}/frameworks/privacy:privacy_communication_adapter_cxx", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", + "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared", "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc", "${access_token_path}/services/common:accesstoken_service_common", diff --git a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp index 93eb24742..c8429c869 100644 --- a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp +++ b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022-2024 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -31,6 +31,7 @@ #include "privacy_error.h" #include "privacy_field_const.h" #include "privacy_kit.h" +#include "privacy_test_common.h" #include "state_change_callback.h" #include "time_util.h" #include "token_setproc.h" @@ -113,28 +114,32 @@ public: void PermissionRecordManagerTest::SetUpTestCase() { g_selfTokenId = GetSelfTokenID(); - g_nativeToken = AccessTokenKit::GetNativeTokenId("privacy_service"); + PrivacyTestCommon::SetTestEvironment(g_selfTokenId); + + g_nativeToken = PrivacyTestCommon::GetNativeTokenIdFromProcess("privacy_service"); } -void PermissionRecordManagerTest::TearDownTestCase() {} +void PermissionRecordManagerTest::TearDownTestCase() +{ + PrivacyTestCommon::ResetTestEvironment(); +} void PermissionRecordManagerTest::SetUp() { PermissionRecordManager::GetInstance().Register(); - AccessTokenKit::AllocHapToken(g_InfoParms1, g_PolicyPrams1); - AccessTokenKit::AllocHapToken(g_InfoParms2, g_PolicyPrams2); + PrivacyTestCommon::AllocTestHapToken(g_InfoParms1, g_PolicyPrams1); + PrivacyTestCommon::AllocTestHapToken(g_InfoParms2, g_PolicyPrams2); } void PermissionRecordManagerTest::TearDown() { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - AccessTokenKit::DeleteToken(tokenId); - tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName, - g_InfoParms2.instIndex); - AccessTokenKit::DeleteToken(tokenId); - EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId)); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); + tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms2.userID, g_InfoParms2.bundleName, g_InfoParms2.instIndex); + PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); } class PermissionRecordManagerCoverTestCb1 : public StateCustomizedCbk { @@ -198,11 +203,14 @@ HWTEST_F(PermissionRecordManagerTest, OnAppStateChanged001, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, AppStatusListener001, TestSize.Level1) { - AccessTokenID tokenId1 = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); + AccessTokenIDEx tokenIdEx1 = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenId1 = tokenIdEx1.tokenIdExStruct.tokenID; ASSERT_NE(static_cast(0), tokenId1); - AccessTokenID tokenId2 = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName, - g_InfoParms2.instIndex); + + AccessTokenIDEx tokenIdEx2 = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms2.userID, g_InfoParms2.bundleName, g_InfoParms2.instIndex); + AccessTokenID tokenId2 = tokenIdEx2.tokenIdExStruct.tokenID; ASSERT_NE(static_cast(0), tokenId2); ContinusPermissionRecord recordA1 = { @@ -252,11 +260,13 @@ HWTEST_F(PermissionRecordManagerTest, AppStatusListener001, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest001, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(INVALID_TOKENID, tokenId); + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.CAMERA"); + reqPerm.emplace_back("ohos.permission.MANAGE_CAMERA_CONFIG"); + MockHapToken mock("FindRecordsToUpdateAndExecutedTest001", reqPerm, false); - EXPECT_EQ(0, SetSelfTokenID(tokenId)); + AccessTokenID tokenId = GetSelfTokenID();; + ASSERT_NE(INVALID_TOKENID, tokenId); ActiveChangeType status = PERM_ACTIVE_IN_BACKGROUND; std::string permission = "ohos.permission.CAMERA"; @@ -282,8 +292,9 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest001, Tes */ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest002, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); ActiveChangeType status = PERM_ACTIVE_IN_BACKGROUND; std::string permission = "ohos.permission.MICROPHONE"; @@ -307,8 +318,9 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest002, Tes */ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest003, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); ActiveChangeType status = PERM_ACTIVE_IN_FOREGROUND; std::string permission = "ohos.permission.CAMERA"; @@ -331,8 +343,9 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest003, Tes */ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest004, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); ActiveChangeType status = PERM_ACTIVE_IN_BACKGROUND; std::string permission = "ohos.permission.CAMERA"; @@ -355,8 +368,9 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest004, Tes */ HWTEST_F(PermissionRecordManagerTest, ExecuteCameraCallbackAsyncTest001, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); auto callbackPtr = std::make_shared(); @@ -444,8 +458,9 @@ HWTEST_F(PermissionRecordManagerTest, OnRemoteDied001, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, OnApplicationStateChanged001, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); PrivacyAppStateObserver observer; @@ -517,9 +532,10 @@ HWTEST_F(PermissionRecordManagerTest, RemoveCallback001, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, UpdateRecords001, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); PermissionUsageFlag flag = FLAG_PERMISSION_USAGE_SUMMARY; PermissionUsedRecord inBundleRecord; @@ -564,9 +580,10 @@ HWTEST_F(PermissionRecordManagerTest, UpdateRecords001, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartList001, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); std::string permission = "ohos.permission.READ_MEDIA"; ASSERT_EQ(Constant::SUCCESS, @@ -626,9 +643,10 @@ HWTEST_F(PermissionRecordManagerTest, PermissionListFilter001, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, Unregister001, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); ASSERT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( MakeInfo(tokenId, PID, "ohos.permission.READ_MEDIA"), CALLER_PID)); @@ -768,9 +786,11 @@ static void GeneratePermissionRecord(AccessTokenID tokenID) */ HWTEST_F(PermissionRecordManagerTest, GetRecords003, TestSize.Level1) { - AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenID); + MockNativeToken mock("privacy_service"); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); GeneratePermissionRecord(tokenID); PermissionRecordManager::GetInstance().SetDefaultConfigValue(); @@ -820,9 +840,10 @@ HWTEST_F(PermissionRecordManagerTest, GetRecords003, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, GetRecords004, TestSize.Level1) { - AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenID); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); GeneratePermissionRecord(tokenID); PermissionRecordManager::GetInstance().SetDefaultConfigValue(); @@ -1002,11 +1023,12 @@ HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartListTest001, TestSize { std::set startRecordList = PermissionRecordManager::GetInstance().startRecordList_; PermissionRecordManager::GetInstance().startRecordList_.clear(); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(INVALID_TOKENID, tokenId); + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.CAMERA"); + reqPerm.emplace_back("ohos.permission.MANAGE_CAMERA_CONFIG"); + MockHapToken mock("FindRecordsToUpdateAndExecutedTest001", reqPerm, false); - EXPECT_EQ(0, SetSelfTokenID(tokenId)); + AccessTokenID tokenId = GetSelfTokenID();; ActiveChangeType status = PERM_ACTIVE_IN_FOREGROUND; PermissionRecordManager::GetInstance().AddRecordToStartList( diff --git a/services/privacymanager/test/unittest/BUILD.gn b/services/privacymanager/test/unittest/BUILD.gn index 1520b904c..a483f42c3 100644 --- a/services/privacymanager/test/unittest/BUILD.gn +++ b/services/privacymanager/test/unittest/BUILD.gn @@ -31,6 +31,8 @@ if (is_standard_system && ability_base_enable == true) { "${access_token_path}/frameworks/privacy/include", "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/interfaces/innerkits/privacy/include", + "${access_token_path}/interfaces/innerkits/nativetoken/include", + "${access_token_path}/interfaces/innerkits/privacy/test/unittest/src", "${access_token_path}/interfaces/innerkits/privacy/src", "${access_token_path}/services/common/app_manager/include", "${access_token_path}/services/common/json_parse/include", @@ -51,6 +53,7 @@ if (is_standard_system && ability_base_enable == true) { ] sources = [ + "${access_token_path}/interfaces/innerkits/privacy/test/unittest/src/privacy_test_common.cpp", "${access_token_path}/services/common/libraryloader/src/libraryloader.cpp", "../../src/active/active_status_callback_manager.cpp", "../../src/active/perm_active_status_callback_death_recipient.cpp", @@ -86,6 +89,7 @@ if (is_standard_system && ability_base_enable == true) { "${access_token_path}/frameworks/privacy:privacy_communication_adapter_cxx", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", + "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared", "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", "${access_token_path}/services/common:accesstoken_service_common", diff --git a/services/privacymanager/test/unittest/permission_record_manager_test.cpp b/services/privacymanager/test/unittest/permission_record_manager_test.cpp index ad105ad9e..132ae91ae 100644 --- a/services/privacymanager/test/unittest/permission_record_manager_test.cpp +++ b/services/privacymanager/test/unittest/permission_record_manager_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022-2024 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -38,6 +38,7 @@ #include "privacy_error.h" #include "privacy_field_const.h" #include "privacy_kit.h" +#include "privacy_test_common.h" #include "state_change_callback.h" #include "time_util.h" #include "token_setproc.h" @@ -71,6 +72,7 @@ static const int32_t PICKER_TYPE_ADD_VALUE = 2; static const int32_t SEC_COMPONENT_TYPE_ADD_VALUE = 4; static const int32_t VALUE_MAX_LEN = 32; static const char* EDM_MIC_MUTE_KEY = "persist.edm.mic_disable"; +static MockNativeToken* g_mock = nullptr; static PermissionStateFull g_testState1 = { .permissionName = "ohos.permission.CAMERA", .isGeneral = true, @@ -138,11 +140,14 @@ public: void PermissionRecordManagerTest::SetUpTestCase() { + g_selfTokenId = GetSelfTokenID(); + PrivacyTestCommon::SetTestEvironment(g_selfTokenId); + g_mock = new (std::nothrow) MockNativeToken("privacy_service"); + DelayedSingleton::GetInstance()->Initialize(); PermissionRecordManager::GetInstance().Init(); - g_selfTokenId = GetSelfTokenID(); - g_nativeToken = AccessTokenKit::GetNativeTokenId("privacy_service"); + g_nativeToken = PrivacyTestCommon::GetNativeTokenIdFromProcess("privacy_service"); g_isMicEdmMute = PermissionRecordManager::GetInstance().isMicEdmMute_; g_isMicMixMute = PermissionRecordManager::GetInstance().isMicMixMute_; PermissionRecordManager::GetInstance().isMicEdmMute_ = false; @@ -153,6 +158,11 @@ void PermissionRecordManagerTest::TearDownTestCase() { PermissionRecordManager::GetInstance().isMicEdmMute_ = g_isMicEdmMute; PermissionRecordManager::GetInstance().isMicMixMute_ = g_isMicMixMute; + PrivacyTestCommon::ResetTestEvironment(); + if (g_mock != nullptr) { + delete g_mock; + g_mock = nullptr; + } } void PermissionRecordManagerTest::SetUp() @@ -160,8 +170,10 @@ void PermissionRecordManagerTest::SetUp() PermissionRecordManager::GetInstance().Init(); PermissionRecordManager::GetInstance().Register(); - AccessTokenKit::AllocHapToken(g_InfoParms1, g_PolicyPrams1); - AccessTokenKit::AllocHapToken(g_InfoParms2, g_PolicyPrams2); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_InfoParms1, g_PolicyPrams1); + ASSERT_NE(tokenIdEx.tokenIdExStruct.tokenID, INVALID_TOKENID); + tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_InfoParms2, g_PolicyPrams2); + ASSERT_NE(tokenIdEx.tokenIdExStruct.tokenID, INVALID_TOKENID); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, false, RANDOM_TOKENID); if (appStateObserver_ != nullptr) { @@ -172,16 +184,15 @@ void PermissionRecordManagerTest::SetUp() void PermissionRecordManagerTest::TearDown() { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - AccessTokenKit::DeleteToken(tokenId); - PrivacyKit::RemovePermissionUsedRecords(tokenId); - tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName, + PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); + PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID); + tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms2.userID, g_InfoParms2.bundleName, g_InfoParms2.instIndex); - AccessTokenKit::DeleteToken(tokenId); - PrivacyKit::RemovePermissionUsedRecords(tokenId); + PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); + PrivacyKit::RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID); appStateObserver_ = nullptr; - EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId)); } class PermissionRecordManagerTestCb1 : public StateCustomizedCbk { @@ -307,9 +318,6 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Leve auto callbackWrap = new (std::nothrow) StateChangeCallback(callbackPtr); ASSERT_NE(nullptr, callbackPtr); ASSERT_NE(nullptr, callbackWrap); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(INVALID_TOKENID, tokenId); ASSERT_EQ(ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().StartUsingPermission( MakeInfo(0, PID, permissionName), callbackWrap->AsObject(), CALLER_PID)); } @@ -322,14 +330,13 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Leve */ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest002, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - auto callbackPtr = std::make_shared(); auto callbackWrap = new (std::nothrow) StateChangeCallback(callbackPtr); ASSERT_NE(nullptr, callbackPtr); ASSERT_NE(nullptr, callbackWrap); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); ASSERT_EQ(ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().StartUsingPermission( MakeInfo(tokenId, PID, "ohos.permission.LOCATION"), callbackWrap->AsObject(), CALLER_PID)); @@ -356,8 +363,6 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest002, TestSize.Leve */ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest003, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - char value[VALUE_MAX_LEN] = {0}; GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1); GTEST_LOG_(INFO) << "value:" << value; @@ -365,9 +370,10 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest003, TestSize.Leve bool isMute = strncmp(value, "true", VALUE_MAX_LEN) == 0; SetParameter(EDM_MIC_MUTE_KEY, "true"); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); std::string permissionName = "ohos.permission.MICROPHONE"; ASSERT_EQ(PrivacyError::ERR_EDM_POLICY_CHECK_FAILED, PermissionRecordManager::GetInstance().StartUsingPermission( @@ -384,8 +390,6 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest003, TestSize.Leve */ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest004, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - char value[VALUE_MAX_LEN] = {0}; GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1); GTEST_LOG_(INFO) << "value:" << value; @@ -402,9 +406,10 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest004, TestSize.Leve ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback( GetSelfTokenID(), permList, callback->AsObject())); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); std::string permissionName = "ohos.permission.READ_MEDIA"; ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( @@ -426,8 +431,6 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest004, TestSize.Leve */ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest005, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - char value[VALUE_MAX_LEN] = {0}; GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1); GTEST_LOG_(INFO) << "value:" << value; @@ -443,9 +446,10 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest005, TestSize.Leve ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback( GetSelfTokenID(), permList, callback->AsObject())); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); std::string permissionName = "ohos.permission.READ_MEDIA"; ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( @@ -468,8 +472,6 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest005, TestSize.Leve */ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest006, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - char value[VALUE_MAX_LEN] = {0}; GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1); GTEST_LOG_(INFO) << "value:" << value; @@ -485,9 +487,10 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest006, TestSize.Leve ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback( GetSelfTokenID(), permList, callback->AsObject())); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); std::string permissionName = "ohos.permission.LOCATION"; ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( @@ -510,9 +513,10 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest006, TestSize.Leve */ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest007, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); // tokenId invaild ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().StartUsingPermission( @@ -537,17 +541,16 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest007, TestSize.Leve */ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest008, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - std::vector permList = {"ohos.permission.CAMERA"}; sptr callback = new (std::nothrow) PermActiveStatusChangeCallback(); ASSERT_NE(nullptr, callback); ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback( GetSelfTokenID(), permList, callback->AsObject())); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( @@ -581,8 +584,6 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest008, TestSize.Leve */ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest009, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - auto callbackPtr1 = std::make_shared(); auto callbackWrap1 = new (std::nothrow) StateChangeCallback(callbackPtr1); ASSERT_NE(nullptr, callbackPtr1); @@ -593,9 +594,10 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest009, TestSize.Leve ASSERT_NE(nullptr, callbackPtr2); ASSERT_NE(nullptr, callbackWrap2); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( @@ -632,17 +634,16 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest009, TestSize.Leve */ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest010, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - std::vector permList = {"ohos.permission.CAMERA"}; sptr callback = new (std::nothrow) PermActiveStatusChangeCallback(); ASSERT_NE(nullptr, callback); ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback( GetSelfTokenID(), permList, callback->AsObject())); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( @@ -672,16 +673,15 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest010, TestSize.Leve */ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest011, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - std::vector permList = {"ohos.permission.CAMERA"}; sptr callback = new (std::nothrow) PermActiveStatusChangeCallback(); ASSERT_NE(nullptr, callback); ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback( GetSelfTokenID(), permList, callback->AsObject())); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( @@ -710,8 +710,6 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest011, TestSize.Leve */ HWTEST_F(PermissionRecordManagerTest, ShowGlobalDialog001, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - ASSERT_EQ(true, PermissionRecordManager::GetInstance().ShowGlobalDialog("ohos.permission.CAMERA")); sleep(3); // wait for dialog disappear ASSERT_EQ(true, PermissionRecordManager::GetInstance().ShowGlobalDialog("ohos.permission.MICROPHONE")); @@ -728,8 +726,6 @@ HWTEST_F(PermissionRecordManagerTest, ShowGlobalDialog001, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, AppStateChangeListener001, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - char value[VALUE_MAX_LEN] = {0}; GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1); GTEST_LOG_(INFO) << "value:" << value; @@ -739,8 +735,10 @@ HWTEST_F(PermissionRecordManagerTest, AppStateChangeListener001, TestSize.Level1 PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true, RANDOM_TOKENID); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); // status is inactive ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( @@ -775,9 +773,11 @@ HWTEST_F(PermissionRecordManagerTest, TransferOpcodeToPermission001, TestSize.Le */ HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord001, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + MockNativeToken mock("camera_service"); // native process with have add permission + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); AddPermParamInfo info; info.tokenId = tokenId; @@ -805,9 +805,11 @@ HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord001, TestSize.Level */ HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord002, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + MockNativeToken mock("camera_service"); // native process with have permission + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); AddPermParamInfo info; info.tokenId = tokenId; @@ -817,19 +819,6 @@ HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord002, TestSize.Level ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().AddPermissionUsedRecord(info)); } -/* - * @tc.name: RemovePermissionUsedRecords001 - * @tc.desc: PermissionRecordManager::RemovePermissionUsedRecords function test - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(PermissionRecordManagerTest, RemovePermissionUsedRecords001, TestSize.Level1) -{ - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); -} - /* * @tc.name:SetPermissionUsedRecordToggleStatus001 * @tc.desc: PermissionRecordManager::SetPermissionUsedRecordToggleStatus function test @@ -898,9 +887,10 @@ HWTEST_F(PermissionRecordManagerTest, UpdatePermUsedRecToggleStatusMap001, TestS */ HWTEST_F(PermissionRecordManagerTest, StopUsingPermission001, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId); // tokenId invaild ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().StopUsingPermission( @@ -1032,7 +1022,7 @@ HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults003, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest001, TestSize.Level1) { - uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm"); + uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, tokenID); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true, RANDOM_TOKENID); @@ -1054,7 +1044,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest001, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest002, TestSize.Level1) { - uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm"); + uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true, RANDOM_TOKENID); @@ -1076,7 +1066,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest002, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest003, TestSize.Level1) { - uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm"); + uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, false, RANDOM_TOKENID); @@ -1098,7 +1088,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest003, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest004, TestSize.Level1) { - uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm"); + uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, tokenID); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true, RANDOM_TOKENID); @@ -1121,7 +1111,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest004, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest005, TestSize.Level1) { - uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm"); + uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true, RANDOM_TOKENID); @@ -1143,7 +1133,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest005, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest006, TestSize.Level1) { - uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm"); + uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, false, RANDOM_TOKENID); @@ -1165,7 +1155,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest006, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest007, TestSize.Level1) { - uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm"); + uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, tokenID); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true, RANDOM_TOKENID); @@ -1188,8 +1178,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest007, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest008, TestSize.Level1) { - EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm"); + uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, true, RANDOM_TOKENID); @@ -1212,7 +1201,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest008, TestSize.Level1) */ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest009, TestSize.Level1) { - uint32_t tokenID = AccessTokenKit::GetNativeTokenId("edm"); + uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, false, RANDOM_TOKENID); @@ -1267,17 +1256,19 @@ HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest001, TestSize.Level1) init.TestDie(CALLER_PID); ASSERT_EQ(0, PermissionRecordManager::GetInstance().startRecordList_.size()); - AccessTokenID tokenId1 = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId1); + AccessTokenID tokenId1 = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId1); std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( MakeInfo(tokenId1, TEST_PID_1, permissionName), CALLER_PID)); - AccessTokenID tokenId2 = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName, - g_InfoParms2.instIndex); - ASSERT_NE(static_cast(0), tokenId2); + tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, + g_InfoParms1.instIndex); + AccessTokenID tokenId2 = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId2); ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( MakeInfo(tokenId2, TEST_PID_2, permissionName), CALLER_PID)); @@ -1300,17 +1291,19 @@ HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest002, TestSize.Level1) DiedProxyMaker init; init.AddRecipient(CALLER_PID); init.TestDie(CALLER_PID); - AccessTokenID tokenId1 = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId1); + AccessTokenID tokenId1 = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId1); std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( MakeInfo(tokenId1, TEST_PID_1, permissionName), CALLER_PID)); - AccessTokenID tokenId2 = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName, - g_InfoParms2.instIndex); - ASSERT_NE(static_cast(0), tokenId2); + tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, + g_InfoParms1.instIndex); + AccessTokenID tokenId2 = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId2); ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( MakeInfo(tokenId2, TEST_PID_2, permissionName), CALLER_PID2)); @@ -1336,9 +1329,10 @@ HWTEST_F(PermissionRecordManagerTest, HasCallerInStartList001, TestSize.Level1) DiedProxyMaker init; init.AddRecipient(CALLER_PID); init.TestDie(CALLER_PID); - AccessTokenID tokenId1 = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - ASSERT_NE(static_cast(0), tokenId1); + AccessTokenID tokenId1 = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenId1); std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StartUsingPermission( diff --git a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp index 4c656c9eb..0632d4849 100644 --- a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp +++ b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -27,6 +27,7 @@ #include "privacy_error.h" #include "privacy_field_const.h" #include "privacy_manager_service.h" +#include "privacy_test_common.h" #include "proxy_death_callback_stub.h" #include "state_change_callback.h" #include "string_ex.h" @@ -38,11 +39,11 @@ namespace OHOS { namespace Security { namespace AccessToken { namespace { +static AccessTokenID g_selfTokenId = 0; static constexpr int32_t PERMISSION_USAGE_RECORDS_MAX_NUM = 10; constexpr const char* CAMERA_PERMISSION_NAME = "ohos.permission.CAMERA"; constexpr const char* MICROPHONE_PERMISSION_NAME = "ohos.permission.MICROPHONE"; constexpr const char* LOCATION_PERMISSION_NAME = "ohos.permission.LOCATION"; -static AccessTokenIDEx g_tokenID = {0}; static PermissionStateFull g_testState = { .permissionName = "ohos.permission.CAMERA", .isGeneral = true, @@ -65,20 +66,6 @@ static HapInfoParams g_InfoParms1 = { .appIDDesc = "privacy_test.bundleA", .isSystemApp = true }; - -static HapPolicyParams g_PolicyPrams2 = { - .apl = APL_NORMAL, - .domain = "test.domain.B", - .permList = {}, - .permStateList = {g_testState} -}; - -static HapInfoParams g_InfoParms2 = { - .userID = 1, - .bundleName = "ohos.privacy_test.bundleB", - .instIndex = 0, - .appIDDesc = "privacy_test.bundleB" -}; } class PrivacyManagerServiceTest : public testing::Test { @@ -91,15 +78,17 @@ public: void TearDown(); std::shared_ptr privacyManagerService_; - uint64_t selfTokenId_; }; void PrivacyManagerServiceTest::SetUpTestCase() { + g_selfTokenId = GetSelfTokenID(); + PrivacyTestCommon::SetTestEvironment(g_selfTokenId); } void PrivacyManagerServiceTest::TearDownTestCase() { + PrivacyTestCommon::ResetTestEvironment(); } void PrivacyManagerServiceTest::SetUp() @@ -107,23 +96,18 @@ void PrivacyManagerServiceTest::SetUp() privacyManagerService_ = DelayedSingleton::GetInstance(); PermissionRecordManager::GetInstance().Register(); EXPECT_NE(nullptr, privacyManagerService_); - g_tokenID = AccessTokenKit::AllocHapToken(g_InfoParms1, g_PolicyPrams1); - AccessTokenKit::AllocHapToken(g_InfoParms2, g_PolicyPrams2); - selfTokenId_ = GetSelfTokenID(); + + PrivacyTestCommon::AllocTestHapToken(g_InfoParms1, g_PolicyPrams1); } void PrivacyManagerServiceTest::TearDown() { - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - AccessTokenKit::DeleteToken(tokenId); - privacyManagerService_->RemovePermissionUsedRecords(tokenId); - tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms2.userID, g_InfoParms2.bundleName, - g_InfoParms2.instIndex); - AccessTokenKit::DeleteToken(tokenId); - privacyManagerService_->RemovePermissionUsedRecords(tokenId); + PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); + privacyManagerService_->RemovePermissionUsedRecords(tokenIdEx.tokenIdExStruct.tokenID); + privacyManagerService_ = nullptr; - EXPECT_EQ(0, SetSelfTokenID(selfTokenId_)); } /** @@ -182,8 +166,9 @@ HWTEST_F(PrivacyManagerServiceTest, Dump002, TestSize.Level1) { int32_t fd = 1; // 1: std output std::vector args; - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(g_InfoParms1, g_PolicyPrams1); + + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; args.emplace_back(Str8ToStr16("-t")); std::string tokenIdStr = std::to_string(tokenId); args.emplace_back(Str8ToStr16(tokenIdStr)); @@ -214,11 +199,12 @@ HWTEST_F(PrivacyManagerServiceTest, Dump002, TestSize.Level1) */ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission001, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetNativeTokenId("privacy_service"); - ASSERT_NE(INVALID_TOKENID, tokenId); - EXPECT_EQ(0, SetSelfTokenID(tokenId)); - tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); + MockNativeToken mock("privacy_service"); + + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, MICROPHONE_PERMISSION_NAME, -1)); ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, LOCATION_PERMISSION_NAME, -1)); @@ -243,7 +229,7 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission001, TestSize.Level1 */ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission002, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetNativeTokenId("privacy_service"); + AccessTokenID tokenId = PrivacyTestCommon::GetNativeTokenIdFromProcess("privacy_service"); // invalid tokenId ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(0, CAMERA_PERMISSION_NAME, -1)); @@ -251,8 +237,9 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission002, TestSize.Level1 ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1)); // invalid permission - tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, "test", -1)); } @@ -265,10 +252,10 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission002, TestSize.Level1 */ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission003, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetNativeTokenId("privacy_service"); + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); - tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1)); } @@ -432,10 +419,8 @@ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner002, TestSize.Le MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(hapTokenID, static_cast(0)); - SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID + std::vector reqPerm; + MockHapToken mock("AddPermissionUsedRecordInner002", reqPerm, false); // set self tokenID to normal app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); AddPermParamInfoParcel infoParcel; @@ -468,8 +453,8 @@ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner003, TestSize.Le MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - ASSERT_NE(g_tokenID.tokenIDEx, static_cast(0)); - SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app + std::vector reqPerm; + MockHapToken mock("AddPermissionUsedRecordInner003", reqPerm, true); // set self tokenID to system app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); AddPermParamInfoParcel infoParcel; @@ -524,10 +509,8 @@ HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner002, MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(hapTokenID, static_cast(0)); - SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID + std::vector reqPerm; + MockHapToken mock("SetPermissionUsedRecordToggleStatusInner002", reqPerm, false); // set self tokenID to normal app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(true, data.WriteInt32(userID)); @@ -577,10 +560,8 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner002, MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(hapTokenID, static_cast(0)); - SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID + std::vector reqPerm; + MockHapToken mock("SetPermissionUsedRecordToggleStatusInner002", reqPerm, false); // set self tokenID to normal app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(true, data.WriteInt32(userID)); @@ -637,10 +618,8 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner002, TestSize.Level MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(hapTokenID, static_cast(0)); - SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID + std::vector reqPerm; + MockHapToken mock("StartUsingPermissionInner002", reqPerm, false); // set self tokenID to normal app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); PermissionUsedTypeInfoParcel parcel; @@ -670,8 +649,8 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner003, TestSize.Level MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - ASSERT_NE(g_tokenID.tokenIDEx, static_cast(0)); - SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app + std::vector reqPerm; + MockHapToken mock("StartUsingPermissionInner003", reqPerm, true); // set self tokenID to system app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); PermissionUsedTypeInfoParcel parcel; @@ -718,8 +697,8 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner001, TestSi MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - ASSERT_NE(g_tokenID.tokenIDEx, static_cast(0)); - SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app + std::vector reqPerm; + MockHapToken mock("StartUsingPermissionCallbackInner001", reqPerm, true); // set self tokenID to system app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); PermissionUsedTypeInfoParcel parcel; @@ -813,10 +792,8 @@ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner002, TestSize.Level1 MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(hapTokenID, static_cast(0)); - SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID + std::vector reqPerm; + MockHapToken mock("StopUsingPermissionInner002", reqPerm, false); // set self tokenID to normal app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(true, data.WriteUint32(tokenID)); @@ -843,8 +820,8 @@ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner003, TestSize.Level1 MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - ASSERT_NE(g_tokenID.tokenIDEx, static_cast(0)); - SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app + std::vector reqPerm; + MockHapToken mock("StopUsingPermissionInner003", reqPerm, true); // set self tokenID to system app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(true, data.WriteUint32(tokenID)); @@ -893,9 +870,9 @@ HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner002, TestSiz MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - AccessTokenID nativeTokenID = AccessTokenKit::GetNativeTokenId("device_manager"); + MockNativeToken mock("device_manager"); // set self tokenID to native device_manager + AccessTokenID nativeTokenID = GetSelfTokenID(); ASSERT_NE(nativeTokenID, static_cast(0)); - SetSelfTokenID(nativeTokenID); // set self tokenID to native device_manager ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(true, data.WriteUint32(tokenID)); @@ -945,10 +922,8 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner002, TestSize.L MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(hapTokenID, static_cast(0)); - SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID + std::vector reqPerm; + MockHapToken mock("GetPermissionUsedRecordsInner002", reqPerm, false); // set self tokenID to normal app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(true, data.WriteParcelable(&request)); @@ -974,8 +949,8 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner003, TestSize.L MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - ASSERT_NE(g_tokenID.tokenIDEx, static_cast(0)); - SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app + std::vector reqPerm; + MockHapToken mock("GetPermissionUsedRecordsInner003", reqPerm, true); // set self tokenID to system app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(true, data.WriteParcelable(&request)); @@ -1033,10 +1008,8 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner002, Te MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(hapTokenID, static_cast(0)); - SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID + std::vector reqPerm; + MockHapToken mock("RegisterPermActiveStatusCallbackInner002", reqPerm, false); // set self tokenID to normal app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(true, data.WriteUint32(permList.size())); @@ -1059,8 +1032,8 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner003, Te MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - ASSERT_NE(g_tokenID.tokenIDEx, static_cast(0)); - SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app + std::vector reqPerm; + MockHapToken mock("RegisterPermActiveStatusCallbackInner003", reqPerm, true); // set self tokenID to system app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(true, data.WriteUint32(0)); @@ -1102,10 +1075,8 @@ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner002, MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(hapTokenID, static_cast(0)); - SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID + std::vector reqPerm; + MockHapToken mock("UnRegisterPermActiveStatusCallbackInner002", reqPerm, false); // set self tokenID to normal app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( @@ -1127,8 +1098,8 @@ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner003, MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - ASSERT_NE(g_tokenID.tokenIDEx, static_cast(0)); - SetSelfTokenID(g_tokenID.tokenIDEx); // set self tokenID to system app + std::vector reqPerm; + MockHapToken mock("UnRegisterPermActiveStatusCallbackInner003", reqPerm, true); // set self tokenID to system app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( @@ -1178,10 +1149,8 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner002, TestSize.L MessageParcel reply; MessageOption option(MessageOption::TF_SYNC); - AccessTokenID hapTokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - ASSERT_NE(hapTokenID, static_cast(0)); - SetSelfTokenID(hapTokenID); // set self tokenID to hapTokenID + std::vector reqPerm; + MockHapToken mock("IsAllowedUsingPermissionInner002", reqPerm, false); // set self tokenID to normal app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(true, data.WriteUint32(tokenID)); diff --git a/services/privacymanager/test/unittest/sensitive_manager_test.cpp b/services/privacymanager/test/unittest/sensitive_manager_test.cpp index cf5010c42..b388e55c3 100644 --- a/services/privacymanager/test/unittest/sensitive_manager_test.cpp +++ b/services/privacymanager/test/unittest/sensitive_manager_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022-2024 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -27,6 +27,7 @@ #endif #include "camera_manager_adapter.h" #include "permission_record_manager.h" +#include "privacy_test_common.h" #include "token_setproc.h" using namespace testing::ext; @@ -41,6 +42,7 @@ public: void SetUp(); void TearDown(); }; +static MockHapToken* g_mock = nullptr; static AccessTokenID g_selfTokenId = 0; static PermissionStateFull g_testState1 = { .permissionName = "ohos.permission.RUNNING_STATE_OBSERVER", @@ -106,28 +108,32 @@ static HapInfoParams g_infoManagerTestSystemInfoParms = { void SensitiveManagerServiceTest::SetUpTestCase() { g_selfTokenId = GetSelfTokenID(); + PrivacyTestCommon::SetTestEvironment(g_selfTokenId); + + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.RUNNING_STATE_OBSERVER"); + reqPerm.emplace_back("ohos.permission.MANAGE_CAMERA_CONFIG"); + reqPerm.emplace_back("ohos.permission.GET_RUNNING_INFO"); + reqPerm.emplace_back("ohos.permission.MANAGE_AUDIO_CONFIG"); + reqPerm.emplace_back("ohos.permission.MICROPHONE_CONTROL"); + g_mock = new (std::nothrow) MockHapToken("SensitiveManagerServiceTest", reqPerm); } void SensitiveManagerServiceTest::TearDownTestCase() { + if (g_mock != nullptr) { + delete g_mock; + g_mock = nullptr; + } + PrivacyTestCommon::ResetTestEvironment(); } void SensitiveManagerServiceTest::SetUp() { - AccessTokenKit::AllocHapToken(g_InfoParms1, g_PolicyPrams1); - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, - g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - EXPECT_EQ(0, SetSelfTokenID(tokenId)); } void SensitiveManagerServiceTest::TearDown() { - AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, - g_InfoParms1.bundleName, - g_InfoParms1.instIndex); - AccessTokenKit::DeleteToken(tokenID); - EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId)); } /* @@ -150,8 +156,8 @@ HWTEST_F(SensitiveManagerServiceTest, RegisterAppObserverTest001, TestSize.Level */ HWTEST_F(SensitiveManagerServiceTest, RegisterAppObserverTest002, TestSize.Level1) { - AccessTokenID tokenId = AccessTokenKit::GetNativeTokenId("privacy_service"); - EXPECT_EQ(0, SetSelfTokenID(tokenId)); + MockNativeToken("privacy_service"); + AccessTokenID tokenId = GetSelfTokenID(); sptr listener = new(std::nothrow) ApplicationStateObserverStub(); ASSERT_NE(listener, nullptr); diff --git a/services/tokensyncmanager/test/coverage/BUILD.gn b/services/tokensyncmanager/test/coverage/BUILD.gn index 5ddfb2d6f..363745110 100644 --- a/services/tokensyncmanager/test/coverage/BUILD.gn +++ b/services/tokensyncmanager/test/coverage/BUILD.gn @@ -26,6 +26,7 @@ ohos_unittest("libtoken_sync_service_coverage_test") { branch_protector_ret = "pac_ret" sources = [ + "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp", "../../src/command/base_remote_command.cpp", "../../src/command/delete_remote_token_command.cpp", "../../src/command/sync_remote_hap_token_command.cpp", @@ -63,6 +64,7 @@ ohos_unittest("libtoken_sync_service_coverage_test") { "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", "${access_token_path}/services/common/json_parse/include", "${access_token_path}/services/common/handler/include", + "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/", ] deps = [ diff --git a/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp b/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp index 057c63a00..c464d8a7e 100644 --- a/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp +++ b/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp @@ -45,6 +45,7 @@ #include "socket.h" #include "soft_bus_device_connection_listener.h" #include "soft_bus_socket_listener.h" +#include "test_common.h" #include "token_setproc.h" #include "token_sync_manager_stub.h" @@ -93,7 +94,7 @@ TokenSyncServiceTest::~TokenSyncServiceTest() void NativeTokenGet() { uint64_t tokenId = 0; - tokenId = AccessTokenKit::GetNativeTokenId("token_sync_service"); + tokenId = TestCommon::GetNativeTokenIdFromProcess("token_sync_service"); ASSERT_NE(tokenId, static_cast(0)); EXPECT_EQ(0, SetSelfTokenID(tokenId)); } @@ -102,10 +103,14 @@ void TokenSyncServiceTest::SetUpTestCase() { g_selfUid = getuid(); g_selfTokenId = GetSelfTokenID(); + TestCommon::SetTestEvironment(g_selfTokenId); NativeTokenGet(); } void TokenSyncServiceTest::TearDownTestCase() -{} +{ + SetSelfTokenID(g_selfTokenId); + TestCommon::ResetTestEvironment(); +} void TokenSyncServiceTest::SetUp() { tokenSyncManagerService_ = DelayedSingleton::GetInstance(); diff --git a/services/tokensyncmanager/test/unittest/BUILD.gn b/services/tokensyncmanager/test/unittest/BUILD.gn index 7c2245020..7cd426c7b 100644 --- a/services/tokensyncmanager/test/unittest/BUILD.gn +++ b/services/tokensyncmanager/test/unittest/BUILD.gn @@ -26,6 +26,7 @@ ohos_unittest("libtoken_sync_service_standard_test") { branch_protector_ret = "pac_ret" sources = [ + "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/test_common.cpp", "../../src/command/base_remote_command.cpp", "../../src/command/delete_remote_token_command.cpp", "../../src/command/sync_remote_hap_token_command.cpp", @@ -63,6 +64,7 @@ ohos_unittest("libtoken_sync_service_standard_test") { "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", "${access_token_path}/services/common/json_parse/include", "${access_token_path}/services/common/handler/include", + "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/", ] deps = [ diff --git a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp index be54f3734..eeeab26dd 100644 --- a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp +++ b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp @@ -46,6 +46,7 @@ #include "socket.h" #include "soft_bus_device_connection_listener.h" #include "soft_bus_socket_listener.h" +#include "test_common.h" #include "token_setproc.h" #include "token_sync_manager_stub.h" @@ -98,7 +99,7 @@ TokenSyncServiceTest::~TokenSyncServiceTest() void NativeTokenGet() { uint64_t tokenId = 0; - tokenId = AccessTokenKit::GetNativeTokenId("token_sync_service"); + tokenId = TestCommon::GetNativeTokenIdFromProcess("token_sync_service"); ASSERT_NE(tokenId, static_cast(0)); EXPECT_EQ(0, SetSelfTokenID(tokenId)); } @@ -107,10 +108,15 @@ void TokenSyncServiceTest::SetUpTestCase() { g_selfUid = getuid(); g_selfTokenId = GetSelfTokenID(); + TestCommon::SetTestEvironment(g_selfTokenId); + NativeTokenGet(); } void TokenSyncServiceTest::TearDownTestCase() -{} +{ + SetSelfTokenID(g_selfTokenId); + TestCommon::ResetTestEvironment(); +} void TokenSyncServiceTest::SetUp() { tokenSyncManagerService_ = DelayedSingleton::GetInstance(); @@ -253,15 +259,13 @@ public: static void DeleteAndAllocToken(AccessTokenID& tokenId) { // create local token - AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID, + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(g_infoManagerTestInfoParms.userID, g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex); - AccessTokenKit::DeleteToken(tokenID); - - AccessTokenIDEx tokenIdEx = {0}; - tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); - ASSERT_NE(static_cast(0), tokenIdEx.tokenIdExStruct.tokenID); + TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); - tokenId = tokenIdEx.tokenIdExStruct.tokenID; + AccessTokenIDEx tokenIdEx1 = {0}; + TestCommon::AllocTestHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx1); + ASSERT_NE(static_cast(0), tokenIdEx1.tokenIdExStruct.tokenID); } /** @@ -802,10 +806,10 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo008, TestSize.Level1) { LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo008 start."); // create local token - AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID, - g_infoManagerTestInfoParms.bundleName, - g_infoManagerTestInfoParms.instIndex); - AccessTokenKit::DeleteToken(tokenID); + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + TestCommon::DeleteTestHapToken(tokenID); // tokenID is not exist std::string jsonBefore = -- Gitee From 87b2996ff1dc7f068d6a5158e725a05e5ca52f75 Mon Sep 17 00:00:00 2001 From: roshanliu Date: Wed, 19 Mar 2025 17:17:21 +0800 Subject: [PATCH 006/103] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: roshanliu --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index dbd831abe..3a5002c8a 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6321,6 +6321,16 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.ACCESS_CALENDARDATA_FOR_BROKER", + "grantMode": "system_grant", + "availableLevel": "system_core", + "availableType": "SERVICE", + "since": 17, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false } ] } \ No newline at end of file -- Gitee From d33fb520cada1f95c35d5158124c889a6373cfc9 Mon Sep 17 00:00:00 2001 From: nj1868 Date: Tue, 18 Mar 2025 14:12:46 +0800 Subject: [PATCH 007/103] =?UTF-8?q?=E8=AE=A2=E9=98=85=E9=BB=98=E8=AE=A4?= =?UTF-8?q?=E5=BA=94=E7=94=A8=E5=8F=98=E6=9B=B4=E4=BA=8B=E4=BB=B6=E7=9A=84?= =?UTF-8?q?=E6=9D=83=E9=99=90ohos.permission.CHANGE=5FDEFAULT=5FAPPLICATIO?= =?UTF-8?q?N?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: nj1868 --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index f6c5c1db2..a638cea3d 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -4511,6 +4511,16 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.CHANGE_DEFAULT_APPLICATION", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 17, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false } ], "userGrantPermissions": [ -- Gitee From d126e528518ece610b242f2d08c5607dae9dbafa Mon Sep 17 00:00:00 2001 From: zhouyingchao <1210271326@qq.com> Date: Mon, 24 Mar 2025 12:03:21 +0800 Subject: [PATCH 008/103] =?UTF-8?q?=E2=80=98=E6=96=B0=E5=A2=9E=E6=95=B0?= =?UTF-8?q?=E6=8D=AE=E5=BA=93=E8=AF=BB=E5=86=99=E6=9D=83=E9=99=90=E5=90=88?= =?UTF-8?q?=E5=85=A5=E5=95=86=E7=94=A8=E2=80=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: zhouyingchao <1210271326@qq.com> --- services/accesstokenmanager/permission_definitions.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 770b03143..73ed67e9b 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -3647,7 +3647,7 @@ "grantMode": "system_grant", "availableLevel": "system_basic", "availableType": "SYSTEM", - "since": 18, + "since": 17, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false @@ -3657,7 +3657,7 @@ "grantMode": "system_grant", "availableLevel": "system_basic", "availableType": "SYSTEM", - "since": 18, + "since": 17, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false -- Gitee From 1687d83d420cf67280ca9469571f0b5b5b12bdfb Mon Sep 17 00:00:00 2001 From: bigtea Date: Mon, 24 Mar 2025 10:11:00 +0800 Subject: [PATCH 009/103] Fix RequestPermissionOnSetting TDD Signed-off-by: bigtea --- .../permission_request_toggle_status_test.cpp | 2 +- .../request_permission_on_setting_test.cpp | 8 ++++---- .../PermisionDialogTest/set_perm_dialog_cap_test.cpp | 2 +- .../test/unittest/PermissionsTest/get_permission_test.cpp | 8 ++++---- .../register_perm_state_change_callback_test.cpp | 2 +- .../test/coverage/permission_manager_coverage_test.cpp | 1 - .../coverage/permission_record_manager_coverage_test.cpp | 2 +- .../test/unittest/privacy_manager_service_test.cpp | 2 +- 8 files changed, 13 insertions(+), 14 deletions(-) diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp index 6f5452f5e..8e70c9307 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp @@ -283,7 +283,7 @@ HWTEST_F(PermissionRequestToggleStatusTest, GetPermissionRequestToggleStatusSpec std::vector reqPerm; reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG"); reqPerm.emplace_back("ohos.permission.GET_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GetPermissionRequestToggleStatusSpecTest002", reqPerm, true); + MockHapToken mock("GetPermissionRequestToggleStatusSpecTest003", reqPerm, true); // Set a closed status value. uint32_t status = PermissionRequestToggleStatus::CLOSED; diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp index 0653481af..66a33771f 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp @@ -57,7 +57,7 @@ void RequestPermissionOnSettingTest::TearDown() HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest001, TestSize.Level1) { std::vector reqPerm; - MockHapToken mock("RequestPermissionOnSettingTest", reqPerm, true); + MockHapToken mock("RequestAppPermOnSettingTest001", reqPerm, true); // invalid tokenID in client uint64_t tokenID = 0; @@ -77,7 +77,7 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest001, TestSiz HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest002, TestSize.Level0) { std::vector reqPerm; - MockHapToken("RequestPermissionOnSettingTest", reqPerm, false); + MockHapToken("RequestAppPermOnSettingTest002", reqPerm, false); AccessTokenID tokenID = 123; ASSERT_EQ(ERR_NOT_SYSTEM_APP, AccessTokenKit::RequestAppPermOnSetting(tokenID)); @@ -92,7 +92,7 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest002, TestSiz HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest003, TestSize.Level0) { std::vector reqPerm; - MockHapToken("RequestPermissionOnSettingTest", reqPerm, true); + MockHapToken("RequestAppPermOnSettingTest003", reqPerm, true); HapInfoParams infoManager = { .userID = 1, @@ -133,7 +133,7 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest003, TestSiz HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest004, TestSize.Level0) { std::vector reqPerm; - MockHapToken("RequestPermissionOnSettingTest", reqPerm, true); + MockHapToken("RequestAppPermOnSettingTest004", reqPerm, true); AccessTokenKit::RequestAppPermOnSetting(GetSelfTokenID()); } diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp index 1f99e9ec1..de1cf2d96 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp @@ -111,7 +111,7 @@ HWTEST_F(SetPermDialogCapTest, SetPermDialogCapFuncTest001, TestSize.Level1) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG"); - MockHapToken mock("SetPermDialogCapAbnormalTest001", reqPerm, true); + MockHapToken mock("SetPermDialogCapFuncTest001", reqPerm, true); uint64_t selfToken = GetSelfTokenID(); LOGI(ATM_DOMAIN, ATM_TAG, "SetPermDialogCapFuncTest001"); diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp index c26dc6733..a7c19f175 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp @@ -125,12 +125,12 @@ HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest001, TestSize.Level */ HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest002, TestSize.Level1) { - LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionUsedTypeAbnormalTest001"); + LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionUsedTypeAbnormalTest002"); std::string accessBluetooth = "ohos.permission.ACCESS_BLUETOOTH"; std::vector reqPerm; reqPerm.emplace_back(accessBluetooth); - MockHapToken mockHap("GetPermissionUsedTypeAbnormalTest001", reqPerm, true); + MockHapToken mockHap("GetPermissionUsedTypeAbnormalTest002", reqPerm, true); AccessTokenID tokenID = GetSelfTokenID(); // get hap tokenId ASSERT_NE(INVALID_TOKENID, tokenID); @@ -373,7 +373,7 @@ HWTEST_F(GetPermissionTest, GetReqPermissionsAbnormalTest001, TestSize.Level1) LOGI(ATM_DOMAIN, ATM_TAG, "GetReqPermissionsAbnormalTest001"); std::vector reqPerm; reqPerm.emplace_back("ohos.permission.GET_SENSITIVE_PERMISSIONS"); - MockHapToken mockHap("GetReqPermissionsFuncTest002", reqPerm, true); + MockHapToken mockHap("GetReqPermissionsAbnormalTest001", reqPerm, true); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -401,7 +401,7 @@ HWTEST_F(GetPermissionTest, GetReqPermissionsSpecTest001, TestSize.Level0) LOGI(ATM_DOMAIN, ATM_TAG, "GetReqPermissionsSpecTest001"); std::vector reqPerm; reqPerm.emplace_back("ohos.permission.GET_SENSITIVE_PERMISSIONS"); - MockHapToken mockHap("GetReqPermissionsFuncTest002", reqPerm, true); + MockHapToken mockHap("GetReqPermissionsSpecTest001", reqPerm, true); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; diff --git a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp index 1f13e450f..c58a3429a 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp @@ -650,7 +650,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); - MockHapToken mock("RegisterPermStateChangeCallbackSpecTest004", reqPerm); + MockHapToken mock("RegisterPermStateChangeCallbackSpecTest005", reqPerm); EXPECT_EQ(RET_SUCCESS, AccessTokenKit::ClearUserGrantedPermissionState(tokenIdEx.tokenIdExStruct.tokenID)); } usleep(500000); // 500000us = 0.5s diff --git a/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp b/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp index 783f919fa..e3beda2e4 100644 --- a/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp +++ b/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp @@ -20,7 +20,6 @@ #include "accesstoken_kit.h" #include "access_token_error.h" #define private public -#include "accesstoken_id_manager.h" #include "accesstoken_info_manager.h" #include "form_manager_access_client.h" #undef private diff --git a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp index c8429c869..883515ea2 100644 --- a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp +++ b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp @@ -1026,7 +1026,7 @@ HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartListTest001, TestSize std::vector reqPerm; reqPerm.emplace_back("ohos.permission.CAMERA"); reqPerm.emplace_back("ohos.permission.MANAGE_CAMERA_CONFIG"); - MockHapToken mock("FindRecordsToUpdateAndExecutedTest001", reqPerm, false); + MockHapToken mock("RemoveRecordFromStartListTest001", reqPerm, false); AccessTokenID tokenId = GetSelfTokenID();; diff --git a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp index 0632d4849..fa3f3f1d4 100644 --- a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp +++ b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp @@ -561,7 +561,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner002, MessageOption option(MessageOption::TF_SYNC); std::vector reqPerm; - MockHapToken mock("SetPermissionUsedRecordToggleStatusInner002", reqPerm, false); // set self tokenID to normal app + MockHapToken mock("GetPermissionUsedRecordToggleStatusInner002", reqPerm, false); // set self tokenID to normal app ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); ASSERT_EQ(true, data.WriteInt32(userID)); -- Gitee From c4606dd65cf5099252c454e8d36e23414cc2e842 Mon Sep 17 00:00:00 2001 From: lyn1996 Date: Mon, 24 Mar 2025 20:48:52 +0800 Subject: [PATCH 010/103] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E5=8A=A8=E6=80=81?= =?UTF-8?q?=E6=B2=99=E7=AE=B1=E6=8E=88=E6=9D=83=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: lyn1996 --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 9fd74c25e..7140d960c 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6341,6 +6341,16 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.CUSTOM_SANDBOX", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "NORMAL", + "since": 16, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false } ] } \ No newline at end of file -- Gitee From 8f13e377bc51432ab9d900a325e2b7483dacc218 Mon Sep 17 00:00:00 2001 From: chennian Date: Mon, 24 Mar 2025 23:40:53 +0800 Subject: [PATCH 011/103] Modify testcase of tokensync Signed-off-by: chennian Change-Id: I9d8f2a55b435d6fc6d25f300362c621b445144a5 --- .../unittest/src/permission_deny_test.cpp | 2 - interfaces/innerkits/tokensync/test/BUILD.gn | 10 ++- .../test/unittest/src/token_sync_kit_test.cpp | 66 ++++++++++++++++++- 3 files changed, 72 insertions(+), 6 deletions(-) diff --git a/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp index 82ac32a39..b207358c8 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp @@ -28,7 +28,6 @@ namespace { static uint32_t g_selfTokenId = 0; static uint64_t g_FullTokenId = 0; static uint32_t g_testTokenId = 0; - static HapPolicyParams g_PolicyPrams = { .apl = APL_NORMAL, .domain = "test.domain", @@ -41,7 +40,6 @@ static HapInfoParams g_InfoParms = { .appIDDesc = "privacy_test.bundle", .isSystemApp = true }; - } using namespace testing::ext; diff --git a/interfaces/innerkits/tokensync/test/BUILD.gn b/interfaces/innerkits/tokensync/test/BUILD.gn index a2bddbd3a..1e8f9fdb6 100644 --- a/interfaces/innerkits/tokensync/test/BUILD.gn +++ b/interfaces/innerkits/tokensync/test/BUILD.gn @@ -30,6 +30,9 @@ ohos_unittest("libtokensync_sdk_test") { "${access_token_path}/frameworks/tokensync/include", "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/interfaces/innerkits/tokensync/include", + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/interfaces/innerkits/nativetoken/include", + "${access_token_path}/interfaces/innerkits/token_setproc/include", "../src", ] @@ -39,7 +42,12 @@ ohos_unittest("libtokensync_sdk_test") { configs = [ "${access_token_path}/config:coverage_flags" ] - deps = [ "../:libtokensync_sdk" ] + deps = [ + "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared", + "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", + "${access_token_path}/interfaces/innerkits/tokensync:libtokensync_sdk", + ] external_deps = [ "c_utils:utils" ] } diff --git a/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp b/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp index 1e7dc47ff..e26d00dc3 100644 --- a/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp +++ b/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -15,7 +15,12 @@ #include "token_sync_kit_test.h" +#include "access_token.h" +#include "access_token_error.h" +#include "accesstoken_kit.h" #include "i_token_sync_manager.h" +#include "nativetoken_kit.h" +#include "token_setproc.h" #include "token_sync_manager_client.h" using namespace testing::ext; @@ -23,12 +28,35 @@ using namespace testing::ext; namespace OHOS { namespace Security { namespace AccessToken { +static void SetNativeTokenId(const std::string &process) +{ + std::string dumpInfo; + AtmToolsParamInfo info; + info.processName = process; + AccessTokenKit::DumpTokenInfo(info, dumpInfo); + size_t pos = dumpInfo.find("\"tokenID\": "); + if (pos == std::string::npos) { + return; + } + pos += std::string("\"tokenID\": ").length(); + std::string numStr; + while (pos < dumpInfo.length() && std::isdigit(dumpInfo[pos])) { + numStr += dumpInfo[pos]; + ++pos; + } + + std::istringstream iss(numStr); + AccessTokenID tokenID; + iss >> tokenID; + + SetSelfTokenID(tokenID); +} + void TokenSyncKitTest::SetUpTestCase() {} void TokenSyncKitTest::TearDownTestCase() -{ -} +{} void TokenSyncKitTest::SetUp() { @@ -66,13 +94,23 @@ static void StartOrStopTokenSyncService(bool start) HWTEST_F(TokenSyncKitTest, UpdateRemoteHapTokenInfo001, TestSize.Level1) { HapTokenInfoForSync tokenInfo; + uint64_t selfTokenId = GetSelfTokenID(); + // proxy is nullptr ASSERT_EQ(TokenSyncError::TOKEN_SYNC_IPC_ERROR, TokenSyncManagerClient::GetInstance().UpdateRemoteHapTokenInfo(tokenInfo)); StartOrStopTokenSyncService(true); + + // service is starting, but no permission(shell process) + ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, TokenSyncManagerClient::GetInstance().UpdateRemoteHapTokenInfo(tokenInfo)); + + // service is starting, and has permission(native process) + SetNativeTokenId("accesstoken_service"); ASSERT_EQ(0, TokenSyncManagerClient::GetInstance().UpdateRemoteHapTokenInfo(tokenInfo)); + StartOrStopTokenSyncService(false); + SetSelfTokenID(selfTokenId); } /** @@ -83,13 +121,24 @@ HWTEST_F(TokenSyncKitTest, UpdateRemoteHapTokenInfo001, TestSize.Level1) */ HWTEST_F(TokenSyncKitTest, GetRemoteHapTokenInfo001, TestSize.Level1) { + uint64_t selfTokenId = GetSelfTokenID(); + + // proxy is nullptr ASSERT_EQ(TokenSyncError::TOKEN_SYNC_IPC_ERROR, TokenSyncManagerClient::GetInstance().GetRemoteHapTokenInfo("", 0)); StartOrStopTokenSyncService(true); + + // service is starting, but no permission(shell process) + ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, TokenSyncManagerClient::GetInstance().GetRemoteHapTokenInfo("", 0)); + + // service is starting, and has permission(native process) + SetNativeTokenId("accesstoken_service"); ASSERT_EQ(TokenSyncError::TOKEN_SYNC_PARAMS_INVALID, TokenSyncManagerClient::GetInstance().GetRemoteHapTokenInfo("", 0)); + StartOrStopTokenSyncService(false); + SetSelfTokenID(selfTokenId); } /** @@ -100,13 +149,24 @@ HWTEST_F(TokenSyncKitTest, GetRemoteHapTokenInfo001, TestSize.Level1) */ HWTEST_F(TokenSyncKitTest, DeleteRemoteHapTokenInfo001, TestSize.Level1) { + uint64_t selfTokenId = GetSelfTokenID(); + + // proxy is nullptr ASSERT_EQ(TokenSyncError::TOKEN_SYNC_IPC_ERROR, TokenSyncManagerClient::GetInstance().DeleteRemoteHapTokenInfo(0)); StartOrStopTokenSyncService(true); + + // service is starting, but no permission(shell process) + ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, TokenSyncManagerClient::GetInstance().DeleteRemoteHapTokenInfo(0)); + + // service is starting, and has permission(native process) + SetNativeTokenId("accesstoken_service"); ASSERT_EQ(TokenSyncError::TOKEN_SYNC_PARAMS_INVALID, TokenSyncManagerClient::GetInstance().DeleteRemoteHapTokenInfo(0)); + StartOrStopTokenSyncService(false); + SetSelfTokenID(selfTokenId); } } // namespace AccessToken } // namespace Security -- Gitee From df3513e3e13c5001bfcc45db894d3bbc8a2d44b1 Mon Sep 17 00:00:00 2001 From: lihehe Date: Sat, 22 Mar 2025 11:19:24 +0800 Subject: [PATCH 012/103] add hisysevent when error occurred Signed-off-by: lihehe Change-Id: I219e94ad36000fa5582d6ef14f17d8b99947cd19 --- frameworks/common/BUILD.gn | 36 ++++- .../common/include/accesstoken_common_log.h | 24 +++- .../common/src/accesstoken_common_log.cpp | 132 ++++++++++++++++++ frameworks/common/src/data_validator.cpp | 29 +++- .../main/cpp/include/dfx/hisysevent_adapter.h | 2 + .../main/cpp/src/dfx/hisysevent_adapter.cpp | 13 ++ .../cpp/src/permission/permission_manager.cpp | 8 +- .../src/service/accesstoken_manager_stub.cpp | 4 +- .../src/token/accesstoken_info_manager.cpp | 12 +- 9 files changed, 241 insertions(+), 19 deletions(-) create mode 100644 frameworks/common/src/accesstoken_common_log.cpp diff --git a/frameworks/common/BUILD.gn b/frameworks/common/BUILD.gn index d8c90e817..a970dab5e 100644 --- a/frameworks/common/BUILD.gn +++ b/frameworks/common/BUILD.gn @@ -21,6 +21,8 @@ config("accesstoken_common_cxx_public_config") { action("permission_definition_parse") { script = "permission_definition_parser.py" + inputs = [ rebase_path("${access_token_path}") + + "/services/accesstokenmanager/permission_definitions.json" ] args = [ "--input-json", rebase_path("${access_token_path}") + @@ -31,6 +33,35 @@ action("permission_definition_parse") { outputs = [ "$target_out_dir" ] } +ohos_static_library("accesstoken_static_log") { + subsystem_name = "security" + part_name = "access_token" + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + branch_protector_ret = "pac_ret" + + public_configs = [ ":accesstoken_common_cxx_public_config" ] + + include_dirs = [ "include" ] + + sources = [ "src/accesstoken_common_log.cpp" ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + ] + + configs = [ + "${access_token_path}/config:access_token_compile_flags", + "${access_token_path}/config:coverage_flags", + ] + + cflags_cc = [ "-DHILOG_ENABLE" ] +} + ohos_shared_library("accesstoken_common_cxx") { subsystem_name = "security" innerapi_tags = [ @@ -61,7 +92,10 @@ ohos_shared_library("accesstoken_common_cxx") { "src/time_util.cpp", ] - deps = [ ":permission_definition_parse" ] + deps = [ + ":accesstoken_static_log", + ":permission_definition_parse", + ] external_deps = [ "c_utils:utils", "hilog:libhilog", diff --git a/frameworks/common/include/accesstoken_common_log.h b/frameworks/common/include/accesstoken_common_log.h index 634f533a0..3286f0bc3 100644 --- a/frameworks/common/include/accesstoken_common_log.h +++ b/frameworks/common/include/accesstoken_common_log.h @@ -16,6 +16,7 @@ #ifndef ACCESSTOKEN_COMMON_LOG_H #define ACCESSTOKEN_COMMON_LOG_H +#include #include "hilog/log.h" #define ATM_DOMAIN 0xD005A01 @@ -24,9 +25,11 @@ #define PRI_DOMAIN 0xD005A02 #define PRI_TAG "PRIVACY" +#define LOG_PUBLIC "{public}" + #define LOGF(domain, tag, fmt, ...) \ ((void)HILOG_IMPL(LOG_CORE, LOG_FATAL, domain, tag, \ - "[%{upblic}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__)) + "[%{public}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__)) #define LOGE(domain, tag, fmt, ...) \ ((void)HILOG_IMPL(LOG_CORE, LOG_ERROR, domain, tag, \ "[%{public}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__)) @@ -40,6 +43,25 @@ ((void)HILOG_IMPL(LOG_CORE, LOG_DEBUG, domain, tag, \ "[%{public}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__)) +namespace OHOS { +namespace Security { +namespace AccessToken { +uint32_t GetThreadErrorMsgLen(void); +const char *GetThreadErrorMsg(void); +void ClearThreadErrorMsg(void); +void AddEventMessage(unsigned int domain, const char *tag, const char *format, ...); +} +} +} + +#define LOGC(domain, tag, fmt, ...) \ +do { \ + ((void)HILOG_IMPL(LOG_CORE, LOG_ERROR, domain, tag, \ + "[%{public}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__)); \ + OHOS::Security::AccessToken::AddEventMessage(domain, tag, \ + "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt, __func__, __LINE__, ##__VA_ARGS__); \ +} while (0) + #define IF_FALSE_PRINT_LOG(domain, tag, cond, fmt, ...) \ do { \ if (!(cond)) { \ diff --git a/frameworks/common/src/accesstoken_common_log.cpp b/frameworks/common/src/accesstoken_common_log.cpp new file mode 100644 index 000000000..47f6fa8e8 --- /dev/null +++ b/frameworks/common/src/accesstoken_common_log.cpp @@ -0,0 +1,132 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "accesstoken_common_log.h" + +#include +#include +#include +#include +#include +#include +#include "securec.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { + +constexpr uint32_t MAX_ERROR_MESSAGE_LEN = 4096; +static __thread uint32_t g_msgLen = 0; +static __thread char g_errMsg[MAX_ERROR_MESSAGE_LEN + 1]; + +uint32_t GetThreadErrorMsgLen(void) +{ + return g_msgLen; +} + +const char *GetThreadErrorMsg(void) +{ + return g_errMsg; +} + +void ClearThreadErrorMsg(void) +{ + (void)memset_s(g_errMsg, MAX_ERROR_MESSAGE_LEN + 1, 0, MAX_ERROR_MESSAGE_LEN + 1); + g_msgLen = 0; +} + +void AppendThreadErrMsg(unsigned int domain, const char *tag, + const uint8_t *buff, uint32_t buffLen) +{ + if (g_msgLen + buffLen >= MAX_ERROR_MESSAGE_LEN) { + LOGE(domain, tag, "buff will overflow!" + "g_msgLen = %{public}u, buffLen = %{public}u", g_msgLen, buffLen); + return; + } + if (memcpy_s(g_errMsg + g_msgLen, MAX_ERROR_MESSAGE_LEN - g_msgLen, buff, buffLen) != EOK) { + LOGE(domain, tag, "memcpy_s fail!" + "g_msgLen = %{public}u, buffLen = %{public}u", g_msgLen, buffLen); + return; + } + g_msgLen += buffLen; +} + +static bool ReplaceSubstring(unsigned int domain, const char *tag, + const char *format, char result[MAX_ERROR_MESSAGE_LEN]) +{ + std::string formatString(format); + std::string::size_type pos; + while ((pos = formatString.find(LOG_PUBLIC)) != std::string::npos) { + formatString.replace(pos, strlen(LOG_PUBLIC), ""); + } + if (memcpy_s(result, MAX_ERROR_MESSAGE_LEN, formatString.c_str(), formatString.size()) != EOK) { + return false; + } + return true; +} + +void AddEventMessage(unsigned int domain, const char *tag, + const char *format, ...) +{ + va_list ap; + + if (g_msgLen == 0) { + char newFormat[MAX_ERROR_MESSAGE_LEN] = {0}; + if (!ReplaceSubstring(domain, tag, format, newFormat)) { + LOGE(domain, tag, "skip to add errMsg"); + return; + } + va_start(ap, format); + char buff[MAX_ERROR_MESSAGE_LEN] = {0}; + int32_t buffLen = vsnprintf_s(buff, MAX_ERROR_MESSAGE_LEN, MAX_ERROR_MESSAGE_LEN - 1, newFormat, ap); + va_end(ap); + if (buffLen < 0) { + LOGE(domain, tag, "vsnprintf_s fail! ret: %{public}d, newFormat:[%{public}s]", buffLen, + newFormat); + return; + } + if (g_msgLen + static_cast(buffLen) >= MAX_ERROR_MESSAGE_LEN) { + LOGE(domain, tag, "errMsg is almost full!"); + return; + } + + if (memcpy_s(g_errMsg + g_msgLen, MAX_ERROR_MESSAGE_LEN, buff, buffLen) != EOK) { + LOGE(domain, tag, "copy errMsg buff fail!"); + return; + } + g_msgLen += static_cast(buffLen); + } else { + va_start(ap, format); + char *funName = va_arg(ap, char *); + uint32_t lineNo = va_arg(ap, uint32_t); + va_end(ap); + + if (funName == nullptr) { + LOGE(domain, tag, "Get funName fail!"); + return; + } + int32_t offset = sprintf_s(g_errMsg + g_msgLen, MAX_ERROR_MESSAGE_LEN - g_msgLen, " <%s[%u]", + funName, lineNo); + if (offset <= 0) { + LOGE(domain, tag, "append call chain fail! offset: [%{public}d]", offset); + return; + } + g_msgLen += static_cast(offset); + } +} + +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/frameworks/common/src/data_validator.cpp b/frameworks/common/src/data_validator.cpp index 88b217f2a..329636c47 100644 --- a/frameworks/common/src/data_validator.cpp +++ b/frameworks/common/src/data_validator.cpp @@ -27,23 +27,35 @@ namespace AccessToken { bool DataValidator::IsBundleNameValid(const std::string& bundleName) { - return !bundleName.empty() && (bundleName.length() <= MAX_LENGTH); + bool ret = (!bundleName.empty() && (bundleName.length() <= MAX_LENGTH)); + if (!ret) { + LOGC(ATM_DOMAIN, ATM_TAG, "bunldename %{public}s is invalid.", bundleName.c_str()); + } + return ret; } bool DataValidator::IsLabelValid(const std::string& label) { - return label.length() <= MAX_LENGTH; + bool ret = (label.length() <= MAX_LENGTH); + if (!ret) { + LOGC(ATM_DOMAIN, ATM_TAG, "label %{public}s is invalid.", label.c_str()); + } + return ret; } bool DataValidator::IsDescValid(const std::string& desc) { - return desc.length() <= MAX_LENGTH; + bool ret = desc.length() <= MAX_LENGTH; + if (!ret) { + LOGC(ATM_DOMAIN, ATM_TAG, "desc %{public}s is invalid.", desc.c_str()); + } + return ret; } bool DataValidator::IsPermissionNameValid(const std::string& permissionName) { if (permissionName.empty() || (permissionName.length() > MAX_LENGTH)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Invalid perm length(%{public}d).", static_cast(permissionName.length())); + LOGC(ATM_DOMAIN, ATM_TAG, "Invalid perm length(%{public}d).", static_cast(permissionName.length())); return false; } return true; @@ -51,12 +63,17 @@ bool DataValidator::IsPermissionNameValid(const std::string& permissionName) bool DataValidator::IsUserIdValid(const int userId) { - return userId >= 0; + bool ret = (userId >= 0); + if (!ret) { + LOGC(ATM_DOMAIN, ATM_TAG, "userId %{public}d is invalid.", userId); + } + return ret; } bool DataValidator::IsAclExtendedMapSizeValid(const std::map& aclExtendedMap) { if (aclExtendedMap.size() > MAX_EXTENDED_MAP_SIZE) { + LOGC(ATM_DOMAIN, ATM_TAG, "aclExtendedMap is oversize %{public}zu.", aclExtendedMap.size()); return false; } return true; @@ -69,7 +86,7 @@ bool DataValidator::IsAclExtendedMapContentValid(const std::string& permissionNa } if (value.empty() || (value.length() > MAX_VALUE_LENGTH)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Invalid value length(%{public}d).", static_cast(value.length())); + LOGC(ATM_DOMAIN, ATM_TAG, "Invalid value length(%{public}d).", static_cast(value.length())); return false; } return true; diff --git a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h b/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h index ea480d440..be526063a 100644 --- a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h +++ b/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h @@ -37,6 +37,8 @@ enum UpdatePermStatusErrorCode { void ReportSysEventPerformance(); void ReportSysEventServiceStart(int32_t pid, uint32_t hapSize, uint32_t nativeSize, uint32_t permDefSize); void ReportSysEventServiceStartError(SceneCode scene, const std::string& errMsg, int32_t errCode); +void ReportSysCommonEventError(int32_t ipcCode, int32_t errCode); + } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp b/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp index 18558ee01..19ce1ffbb 100644 --- a/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp +++ b/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp @@ -57,6 +57,19 @@ void ReportSysEventServiceStartError(SceneCode scene, const std::string& errMsg, LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write hisysevent write, ret %{public}d.", ret); } } + +void ReportSysCommonEventError(int32_t ipcCode, int32_t errCode) +{ + if (GetThreadErrorMsgLen() == 0) { + return; + } + int32_t ret = HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "ACCESSTOKEN_SERVICE_START_ERROR", + HiviewDFX::HiSysEvent::EventType::FAULT, "SCENE_CODE", ipcCode, "ERROR_CODE", errCode, + "ERROR_MSG", GetThreadErrorMsg()); + if (ret != 0) { + LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write hisysevent write, ret %{public}d.", ret); + } +} } // namespace AccessToken } // namespace Security } // namespace OHOS \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index 74d793401..30d1882b3 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -803,7 +803,7 @@ bool IsAclSatisfied(const PermissionBriefDef& briefDef, const HapPolicy& policy) if (policy.apl < briefDef.availableLevel) { if (!briefDef.provisionEnable) { - LOGE(ATM_DOMAIN, ATM_TAG, "%{public}s provisionEnable is false.", briefDef.permissionName); + LOGC(ATM_DOMAIN, ATM_TAG, "%{public}s provisionEnable is false.", briefDef.permissionName); return false; } bool isAclExist = false; @@ -820,7 +820,7 @@ bool IsAclSatisfied(const PermissionBriefDef& briefDef, const HapPolicy& policy) } if (!isAclExist) { - LOGE(ATM_DOMAIN, ATM_TAG, "%{public}s need acl.", briefDef.permissionName); + LOGC(ATM_DOMAIN, ATM_TAG, "%{public}s need acl.", briefDef.permissionName); return false; } } @@ -892,7 +892,7 @@ bool PermissionManager::InitPermissionList(const std::string& appDistributionTyp if (!IsAclSatisfied(briefDef, policy)) { result.permCheckResult.permissionName = state.permissionName; result.permCheckResult.rule = PERMISSION_ACL_RULE; - LOGE(ATM_DOMAIN, ATM_TAG, "Acl of %{public}s is invalid.", briefDef.permissionName); + LOGC(ATM_DOMAIN, ATM_TAG, "Acl of %{public}s is invalid.", briefDef.permissionName); return false; } @@ -900,7 +900,7 @@ bool PermissionManager::InitPermissionList(const std::string& appDistributionTyp if (!IsPermAvailableRangeSatisfied(briefDef, appDistributionType)) { result.permCheckResult.permissionName = state.permissionName; result.permCheckResult.rule = PERMISSION_EDM_RULE; - LOGE(ATM_DOMAIN, ATM_TAG, "Available range of %{public}s is invalid.", briefDef.permissionName); + LOGC(ATM_DOMAIN, ATM_TAG, "Available range of %{public}s is invalid.", briefDef.permissionName); return false; } state.grantFlag = PERMISSION_DEFAULT_FLAG; diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index c1341cd00..9271dc038 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -23,6 +23,7 @@ #include "memory_guard.h" #include "string_ex.h" #include "tokenid_kit.h" +#include "hisysevent_adapter.h" #ifdef HICOLLIE_ENABLE #include "xcollie/xcollie.h" #endif // HICOLLIE_ENABLE @@ -51,6 +52,7 @@ int32_t AccessTokenManagerStub::OnRemoteRequest( { MemoryGuard guard; + ClearThreadErrorMsg(); uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); LOGD(ATM_DOMAIN, ATM_TAG, "Code %{public}u token %{public}u", code, callingTokenID); std::u16string descriptor = data.ReadInterfaceToken(); @@ -74,7 +76,7 @@ int32_t AccessTokenManagerStub::OnRemoteRequest( #ifdef HICOLLIE_ENABLE HiviewDFX::XCollie::GetInstance().CancelTimer(timerId); #endif // HICOLLIE_ENABLE - + ReportSysCommonEventError(code, 0); return NO_ERROR; } } diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 49d0e91b8..af4c381ce 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -227,7 +227,7 @@ int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr infoGuard(this->hapTokenInfoLock_); if (hapTokenInfoMap_.count(id) > 0) { - LOGE(ATM_DOMAIN, ATM_TAG, "Token %{public}u info has exist.", id); + LOGC(ATM_DOMAIN, ATM_TAG, "Token %{public}u info has exist.", id); return AccessTokenError::ERR_TOKENID_HAS_EXISTED; } @@ -475,7 +475,7 @@ int32_t AccessTokenInfoManager::CheckHapInfoParam(const HapInfoParams& info, con (!DataValidator::IsAppIDDescValid(info.appIDDesc)) || (!DataValidator::IsDomainValid(policy.domain)) || (!DataValidator::IsDlpTypeValid(info.dlpType)) || (info.isRestore && info.tokenID == INVALID_TOKENID) || !DataValidator::IsAclExtendedMapSizeValid(policy.aclExtendedMap)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Hap token param failed"); + LOGC(ATM_DOMAIN, ATM_TAG, "Hap token param failed"); return AccessTokenError::ERR_PARAM_INVALID; } @@ -484,7 +484,7 @@ int32_t AccessTokenInfoManager::CheckHapInfoParam(const HapInfoParams& info, con continue; } if (!DataValidator::IsAclExtendedMapContentValid(extendValue.first, extendValue.second)) { - LOGE(ATM_DOMAIN, ATM_TAG, "acl extended content is unvalid."); + LOGC(ATM_DOMAIN, ATM_TAG, "acl extended content is unvalid."); return AccessTokenError::ERR_PARAM_INVALID; } } @@ -502,7 +502,7 @@ int AccessTokenInfoManager::CreateHapTokenInfo( LOGI(ATM_DOMAIN, ATM_TAG, "isRestore is true, tokenId is %{public}u", tokenId); int32_t res = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP); if (res != RET_SUCCESS) { - LOGE(ATM_DOMAIN, ATM_TAG, "Token Id register failed, res is %{public}d", res); + LOGC(ATM_DOMAIN, ATM_TAG, "Token Id register failed, res is %{public}d", res); return res; } } else { @@ -510,7 +510,7 @@ int AccessTokenInfoManager::CreateHapTokenInfo( int32_t cloneFlag = ((dlpFlag == 0) && (info.instIndex) > 0) ? 1 : 0; tokenId = AccessTokenIDManager::GetInstance().CreateAndRegisterTokenId(TOKEN_HAP, dlpFlag, cloneFlag); if (tokenId == 0) { - LOGE(ATM_DOMAIN, ATM_TAG, "Token Id create failed"); + LOGC(ATM_DOMAIN, ATM_TAG, "Token Id create failed"); return ERR_TOKENID_CREATE_FAILED; } } @@ -528,7 +528,7 @@ int AccessTokenInfoManager::CreateHapTokenInfo( AddHapTokenInfoToDb(tokenInfo, info.appIDDesc, policy, false); int ret = AddHapTokenInfo(tokenInfo); if (ret != RET_SUCCESS) { - LOGE(ATM_DOMAIN, ATM_TAG, "%{public}s add token info failed", info.bundleName.c_str()); + LOGC(ATM_DOMAIN, ATM_TAG, "%{public}s add token info failed", info.bundleName.c_str()); AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); RemoveHapTokenInfoFromDb(tokenInfo); return ret; -- Gitee From e04c0b0a63a3c42b2acd354b4c6c28ad08426da6 Mon Sep 17 00:00:00 2001 From: markYao Date: Tue, 25 Mar 2025 16:11:02 +0800 Subject: [PATCH 013/103] =?UTF-8?q?=E6=9D=83=E9=99=90ohos.permission.SEND?= =?UTF-8?q?=5FNOTIFICATION=5FCROSS=5FUSER=E6=94=B9=E4=B8=BAAPI18?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: markYao --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 1e62bf136..a3490b642 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6357,7 +6357,7 @@ "grantMode": "system_grant", "availableLevel": "system_core", "availableType": "SYSTEM", - "since": 16, + "since": 18, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false -- Gitee From c36e1754d285076eef653aa80ede76f304759f72 Mon Sep 17 00:00:00 2001 From: lyn1996 Date: Tue, 25 Mar 2025 17:52:27 +0800 Subject: [PATCH 014/103] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E5=8A=A8=E6=80=81?= =?UTF-8?q?=E6=B2=99=E7=AE=B1=E6=8E=88=E6=9D=83=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: lyn1996 --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 7140d960c..afdeecb12 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6347,7 +6347,7 @@ "grantMode": "system_grant", "availableLevel": "system_basic", "availableType": "NORMAL", - "since": 16, + "since": 18, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false -- Gitee From 2f13d5e9770353c94324df55f82b3b2c288adfc0 Mon Sep 17 00:00:00 2001 From: bigtea Date: Thu, 20 Mar 2025 20:37:31 +0800 Subject: [PATCH 015/103] Add fdsan tag Signed-off-by: bigtea --- .../innerkits/nativetoken/src/nativetoken.c | 15 ++++++++---- .../nativetoken/src/nativetoken_klog.c | 10 +++++--- .../token_setproc/src/perm_setproc.cpp | 14 +++++++---- .../token_setproc/src/token_setproc.c | 23 ++++++++++++------- .../src/token/accesstoken_info_manager.cpp | 5 +++- .../json_parse/src/json_parse_loader.cpp | 11 +++++---- 6 files changed, 53 insertions(+), 25 deletions(-) diff --git a/interfaces/innerkits/nativetoken/src/nativetoken.c b/interfaces/innerkits/nativetoken/src/nativetoken.c index f1935c816..b1db39183 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken.c @@ -33,6 +33,7 @@ NativeTokenList *g_tokenListHead; int32_t g_isNativeTokenInited = 0; +const uint64_t g_nativeFdTag = 0xD005A01; int32_t GetFileBuff(const char *cfg, char **retBuff) { @@ -247,12 +248,13 @@ static int32_t ClearOrCreateCfgFile(void) NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:open failed.", __func__); return ATRET_FAILED; } + fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag); #ifdef WITH_SELINUX Restorecon(TOKEN_ID_CFG_FILE_PATH); #endif // WITH_SELINUX - close(fd); + fdsan_close_with_tag(fd, g_nativeFdTag); fd = -1; struct stat buf; @@ -312,8 +314,9 @@ static int32_t GetRandomTokenId(uint32_t *randNum) if (fd < 0) { return ATRET_FAILED; } + fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag); len = read(fd, &random, sizeof(random)); - (void)close(fd); + fdsan_close_with_tag(fd, g_nativeFdTag); if (len != sizeof(random)) { NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:read failed.", __func__); @@ -404,12 +407,13 @@ static void WriteToFile(const cJSON *root) NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:open failed.", __func__); break; } + fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag); size_t strLen = strlen(jsonStr); ssize_t writtenLen = write(fd, (void *)jsonStr, (size_t)strLen); if (fsync(fd) != 0) { NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:fsync failed, errno is %d.", __func__, errno); } - close(fd); + fdsan_close_with_tag(fd, g_nativeFdTag); if (writtenLen < 0 || (size_t)writtenLen != strLen) { NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:write failed, writtenLen is %zu.", __func__, writtenLen); break; @@ -703,6 +707,7 @@ static uint32_t LockNativeTokenFile(int32_t *lockFileFd) "[%s]: Failed to open native token file, errno is %d.", __func__, errno); return ATRET_FAILED; } + fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag); #ifdef WITH_SELINUX Restorecon(TOKEN_ID_CFG_FILE_LOCK_PATH); #endif // WITH_SELINUX @@ -723,7 +728,7 @@ static uint32_t LockNativeTokenFile(int32_t *lockFileFd) } } if (ret == -1) { - close(fd); + fdsan_close_with_tag(fd, g_nativeFdTag); return ATRET_FAILED; } *lockFileFd = fd; @@ -742,7 +747,7 @@ static void UnlockNativeTokenFile(int32_t lockFileFd) NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]: Failed to unlock file, errno is %d.", __func__, errno); } - close(lockFileFd); + fdsan_close_with_tag(lockFileFd, g_nativeFdTag); } static uint32_t AddOrUpdateTokenInfo(NativeTokenInfoParams *tokenInfo, NativeTokenList *tokenNode, diff --git a/interfaces/innerkits/nativetoken/src/nativetoken_klog.c b/interfaces/innerkits/nativetoken/src/nativetoken_klog.c index 0cc6d81e6..f4962b7a7 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken_klog.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken_klog.c @@ -15,6 +15,7 @@ #include "nativetoken_klog.h" #include +#include #include #include "securec.h" @@ -28,12 +29,15 @@ static const char *LOG_LEVEL_STR[] = {"ERROR", "WARNING", "INFO"}; #endif static int g_fd = -1; +const uint64_t g_nativeKmsgFdTag = 0xD005A01; + static void NativeTokenOpenLogDevice(void) { int fd = open("/dev/kmsg", O_WRONLY | O_CLOEXEC); if (fd >= 0) { g_fd = fd; } + fdsan_exchange_owner_tag(g_fd, 0, g_nativeKmsgFdTag); return; } @@ -52,7 +56,7 @@ int NativeTokenKmsg(int logLevel, const char *fmt, ...) va_start(vargs, fmt); char tmpFmt[MAX_LOG_SIZE]; if (vsnprintf_s(tmpFmt, MAX_LOG_SIZE, MAX_LOG_SIZE - 1, fmt, vargs) == -1) { - close(g_fd); + fdsan_close_with_tag(g_fd, g_nativeKmsgFdTag); g_fd = -1; va_end(vargs); return -1; @@ -62,7 +66,7 @@ int NativeTokenKmsg(int logLevel, const char *fmt, ...) int res = snprintf_s(logInfo, MAX_LOG_SIZE, MAX_LOG_SIZE - 1, "[pid=%d][%s][%s] %s", getpid(), "access_token", LOG_LEVEL_STR[logLevel], tmpFmt); if (res == -1) { - close(g_fd); + fdsan_close_with_tag(g_fd, g_nativeKmsgFdTag); g_fd = -1; va_end(vargs); return -1; @@ -70,7 +74,7 @@ int NativeTokenKmsg(int logLevel, const char *fmt, ...) va_end(vargs); if (write(g_fd, logInfo, strlen(logInfo)) < 0) { - close(g_fd); + fdsan_close_with_tag(g_fd, g_nativeKmsgFdTag); g_fd = -1; } return 0; diff --git a/interfaces/innerkits/token_setproc/src/perm_setproc.cpp b/interfaces/innerkits/token_setproc/src/perm_setproc.cpp index 4338fb202..0aeea7f00 100644 --- a/interfaces/innerkits/token_setproc/src/perm_setproc.cpp +++ b/interfaces/innerkits/token_setproc/src/perm_setproc.cpp @@ -17,6 +17,7 @@ #include #include +#include #include #include #include @@ -25,6 +26,7 @@ namespace Security { namespace AccessToken { const uint32_t UINT32_T_BITS = 32; const uint32_t MAX_PERM_SIZE = 64; +constexpr uint64_t FD_TAG = 0xD005A01; struct IoctlAddPermData { uint32_t token; uint32_t perm[MAX_PERM_SIZE] = { 0 }; @@ -73,8 +75,9 @@ int32_t AddPermissionToKernel( if (fd < 0) { return ACCESS_TOKEN_OPEN_ERROR; } + fdsan_exchange_owner_tag(fd, 0, FD_TAG); int32_t ret = ioctl(fd, ACCESS_TOKENID_ADD_PERMISSIONS, &data); - close(fd); + fdsan_close_with_tag(fd, FD_TAG); if (ret != ACCESS_TOKEN_OK) { return errno; } @@ -88,8 +91,9 @@ int32_t RemovePermissionFromKernel(uint32_t tokenID) if (fd < 0) { return ACCESS_TOKEN_OPEN_ERROR; } + fdsan_exchange_owner_tag(fd, 0, FD_TAG); int32_t ret = ioctl(fd, ACCESS_TOKENID_REMOVE_PERMISSIONS, &tokenID); - close(fd); + fdsan_close_with_tag(fd, FD_TAG); if (ret) { return errno; } @@ -109,8 +113,9 @@ int32_t SetPermissionToKernel(uint32_t tokenID, int32_t opCode, bool status) if (fd < 0) { return ACCESS_TOKEN_OPEN_ERROR; } + fdsan_exchange_owner_tag(fd, 0, FD_TAG); int32_t ret = ioctl(fd, ACCESS_TOKENID_SET_PERMISSION, &data); - close(fd); + fdsan_close_with_tag(fd, FD_TAG); if (ret != ACCESS_TOKEN_OK) { return errno; } @@ -131,8 +136,9 @@ int32_t GetPermissionFromKernel(uint32_t tokenID, int32_t opCode, bool& isGrante if (fd < 0) { return ACCESS_TOKEN_OPEN_ERROR; } + fdsan_exchange_owner_tag(fd, 0, FD_TAG); int32_t ret = ioctl(fd, ACCESS_TOKENID_GET_PERMISSION, &data); - close(fd); + fdsan_close_with_tag(fd, FD_TAG); if (ret < 0) { return errno; } diff --git a/interfaces/innerkits/token_setproc/src/token_setproc.c b/interfaces/innerkits/token_setproc/src/token_setproc.c index 438d7e3b0..a5620d1de 100644 --- a/interfaces/innerkits/token_setproc/src/token_setproc.c +++ b/interfaces/innerkits/token_setproc/src/token_setproc.c @@ -17,6 +17,7 @@ #include #include +#include #include #include #include @@ -33,6 +34,8 @@ #define INVAL_TOKEN_ID 0x0 #define TOKEN_ID_LOWMASK 0xffffffff +const uint64_t SET_PROC_FD_TAG = 0xD005A01; + uint64_t GetSelfTokenID(void) { uint64_t token = INVAL_TOKEN_ID; @@ -40,13 +43,14 @@ uint64_t GetSelfTokenID(void) if (fd < 0) { return INVAL_TOKEN_ID; } + fdsan_exchange_owner_tag(fd, 0, SET_PROC_FD_TAG); int ret = ioctl(fd, ACCESS_TOKENID_GET_TOKENID, &token); if (ret) { - close(fd); + fdsan_close_with_tag(fd, SET_PROC_FD_TAG); return INVAL_TOKEN_ID; } - close(fd); + fdsan_close_with_tag(fd, SET_PROC_FD_TAG); return token; } @@ -56,13 +60,14 @@ int SetSelfTokenID(uint64_t tokenID) if (fd < 0) { return ACCESS_TOKEN_OPEN_ERROR; } + fdsan_exchange_owner_tag(fd, 0, SET_PROC_FD_TAG); int ret = ioctl(fd, ACCESS_TOKENID_SET_TOKENID, &tokenID); if (ret) { - close(fd); + fdsan_close_with_tag(fd, SET_PROC_FD_TAG); return ret; } - close(fd); + fdsan_close_with_tag(fd, SET_PROC_FD_TAG); return ACCESS_TOKEN_OK; } @@ -73,13 +78,14 @@ uint64_t GetFirstCallerTokenID(void) if (fd < 0) { return INVAL_TOKEN_ID; } + fdsan_exchange_owner_tag(fd, 0, SET_PROC_FD_TAG); int ret = ioctl(fd, ACCESS_TOKENID_GET_FTOKENID, &token); if (ret) { - close(fd); + fdsan_close_with_tag(fd, SET_PROC_FD_TAG); return INVAL_TOKEN_ID; } - close(fd); + fdsan_close_with_tag(fd, SET_PROC_FD_TAG); return token; } @@ -89,12 +95,13 @@ int SetFirstCallerTokenID(uint64_t tokenID) if (fd < 0) { return ACCESS_TOKEN_OPEN_ERROR; } + fdsan_exchange_owner_tag(fd, 0, SET_PROC_FD_TAG); int ret = ioctl(fd, ACCESS_TOKENID_SET_FTOKENID, &tokenID); if (ret) { - close(fd); + fdsan_close_with_tag(fd, SET_PROC_FD_TAG); return ret; } - close(fd); + fdsan_close_with_tag(fd, SET_PROC_FD_TAG); return ACCESS_TOKEN_OK; } diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 49d0e91b8..9deed8665 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -17,6 +17,7 @@ #include #include +#include #include #include #include @@ -63,6 +64,7 @@ static const char* ACCESS_TOKEN_PACKAGE_NAME = "ohos.security.distributed_token_ #endif static const char* DUMP_JSON_PATH = "/data/service/el1/public/access_token/nativetoken.log"; static const char* SYSTEM_RESOURCE_BUNDLE_NAME = "ohos.global.systemres"; +constexpr uint64_t FD_TAG = 0xD005A01; } AccessTokenInfoManager::AccessTokenInfoManager() : hasInited_(false) {} @@ -1188,11 +1190,12 @@ void AccessTokenInfoManager::DumpToken() LOGE(ATM_DOMAIN, ATM_TAG, "Open failed errno %{public}d.", errno); return; } + fdsan_exchange_owner_tag(fd, 0, FD_TAG); std::string dumpStr; AtmToolsParamInfoParcel infoParcel; DumpTokenInfo(infoParcel.info, dumpStr); dprintf(fd, "%s\n", dumpStr.c_str()); - close(fd); + fdsan_close_with_tag(fd, FD_TAG); } void AccessTokenInfoManager::DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo) diff --git a/services/common/json_parse/src/json_parse_loader.cpp b/services/common/json_parse/src/json_parse_loader.cpp index 5819e1527..9fac17896 100644 --- a/services/common/json_parse/src/json_parse_loader.cpp +++ b/services/common/json_parse/src/json_parse_loader.cpp @@ -14,6 +14,7 @@ */ #include "json_parse_loader.h" +#include #include #include #include @@ -35,6 +36,7 @@ namespace AccessToken { namespace { constexpr int32_t MAX_NATIVE_CONFIG_FILE_SIZE = 5 * 1024 * 1024; // 5M constexpr size_t BUFFER_SIZE = 1024; +constexpr uint64_t FD_TAG = 0xD005A01; #ifdef CUSTOMIZATION_CONFIG_POLICY_ENABLE static constexpr const char* ACCESSTOKEN_CONFIG_FILE = "/etc/access_token/accesstoken_config.json"; @@ -82,22 +84,23 @@ int32_t ConfigPolicLoader::ReadCfgFile(const std::string& file, std::string& raw LOGE(ATM_DOMAIN, ATM_TAG, "Open failed errno %{public}d.", errno); return ERR_FILE_OPERATE_FAILED; } + fdsan_exchange_owner_tag(fd, 0, FD_TAG); struct stat statBuffer; if (fstat(fd, &statBuffer) != 0) { LOGE(ATM_DOMAIN, ATM_TAG, "Fstat failed."); - close(fd); + fdsan_close_with_tag(fd, FD_TAG); return ERR_FILE_OPERATE_FAILED; } if (statBuffer.st_size == 0) { LOGE(ATM_DOMAIN, ATM_TAG, "Config file size is invalid."); - close(fd); + fdsan_close_with_tag(fd, FD_TAG); return ERR_PARAM_INVALID; } if (statBuffer.st_size > MAX_NATIVE_CONFIG_FILE_SIZE) { LOGE(ATM_DOMAIN, ATM_TAG, "Config file size is too large."); - close(fd); + fdsan_close_with_tag(fd, FD_TAG); return ERR_OVERSIZE; } rawData.reserve(statBuffer.st_size); @@ -107,7 +110,7 @@ int32_t ConfigPolicLoader::ReadCfgFile(const std::string& file, std::string& raw while ((readLen = read(fd, buff, BUFFER_SIZE)) > 0) { rawData.append(buff, readLen); } - close(fd); + fdsan_close_with_tag(fd, FD_TAG); if (readLen == 0) { return RET_SUCCESS; } -- Gitee From bfc40e416ed2482b312221c8b2df51df3ccbb6ce Mon Sep 17 00:00:00 2001 From: lyn1996 Date: Tue, 25 Mar 2025 18:05:00 +0800 Subject: [PATCH 016/103] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E5=8A=A8=E6=80=81?= =?UTF-8?q?=E6=B2=99=E7=AE=B1=E6=8E=88=E6=9D=83=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: lyn1996 --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index afdeecb12..909aeb92e 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6342,6 +6342,16 @@ "provisionEnable": true, "distributedSceneEnable": false }, + { + "name": "ohos.permission.SEND_NOTIFICATION_CROSS_USER", + "grantMode": "system_grant", + "availableLevel": "system_core", + "availableType": "SYSTEM", + "since": 16, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false + }, { "name": "ohos.permission.CUSTOM_SANDBOX", "grantMode": "system_grant", -- Gitee From 5e1adcecc8ddaf75695d17a55df8102a937f5a2d Mon Sep 17 00:00:00 2001 From: litao Date: Wed, 26 Mar 2025 10:50:14 +0800 Subject: [PATCH 017/103] =?UTF-8?q?Revert=20"svc=E6=9D=83=E9=99=90?= =?UTF-8?q?=E7=9A=84=20API:=2018->17"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 0449faf527db5fa2742520b4255b6889e02d9374. Signed-off-by: litao --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index ebcd20c28..1637f749c 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -4437,7 +4437,7 @@ "grantMode": "system_grant", "availableLevel": "system_core", "availableType": "SERVICE", - "since": 17, + "since": 18, "deprecated": "", "provisionEnable": false, "distributedSceneEnable": false -- Gitee From 24390dbcf596b2963d678f7723d93a832a82ce59 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=9B=A2=E8=BE=89?= Date: Wed, 26 Mar 2025 18:40:57 +0800 Subject: [PATCH 018/103] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E8=AE=BE=E5=A4=87?= =?UTF-8?q?=E5=81=A5=E5=BA=B7=E8=AF=81=E6=98=8E=E6=8E=A5=E5=8F=A3=E6=9D=83?= =?UTF-8?q?=E9=99=90=E7=BC=93=E5=AD=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 团辉 --- .../permission_definitions.json | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 787eb6a5b..406647748 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6362,6 +6362,36 @@ "provisionEnable": true, "distributedSceneEnable": false }, + { + "name": "ohos.permission.READ_DHA", + "grantMode": "system_grant", + "availableLevel": "system_core", + "availableType": "SYSTEM", + "since": 18, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.WRITE_DHA", + "grantMode": "system_grant", + "availableLevel": "system_core", + "availableType": "SYSTEM", + "since": 18, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.NOTIFY_DHA", + "grantMode": "system_grant", + "availableLevel": "system_core", + "availableType": "SYSTEM", + "since": 18, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false + }, { "name": "ohos.permission.SEND_NOTIFICATION_CROSS_USER", "grantMode": "system_grant", -- Gitee From cad3bdf9c8c87f949d8b6ec860096c767302335a Mon Sep 17 00:00:00 2001 From: yangxuan Date: Wed, 26 Mar 2025 17:36:20 +0800 Subject: [PATCH 019/103] add ohos.permission.RECEIVE_BMS_BROKER_MESSAGES Signed-off-by: yangxuan --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index ebcd20c28..12f9b20a2 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -4142,6 +4142,16 @@ "provisionEnable": true, "distributedSceneEnable": false }, + { + "name": "ohos.permission.RECEIVE_BMS_BROKER_MESSAGES", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 18, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false + }, { "name": "ohos.permission.RECEIVE_FUSION_MESSAGES", "grantMode": "system_grant", -- Gitee From 308803c682417a6d38f0261d5f842ae5c30f422b Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Thu, 27 Mar 2025 16:34:40 +0800 Subject: [PATCH 020/103] =?UTF-8?q?privacy=E5=8F=96=E6=B6=88=20PERMISSION?= =?UTF-8?q?=5FCHECK=5FEVENT=20=E6=89=93=E7=82=B9=E4=BA=8B=E4=BB=B6250327?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: I7f86c3f274054a32af369b661bc35bc9ef9888e9 --- .../napi/accesstoken/src/napi_atmanager.cpp | 19 +++++++++++-------- .../active/active_status_callback_manager.cpp | 6 ------ 2 files changed, 11 insertions(+), 14 deletions(-) diff --git a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp index 3f98af789..3eda63f2c 100644 --- a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp +++ b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp @@ -399,13 +399,14 @@ void NapiAtManager::VerifyAccessTokenExecute(napi_env env, void *data) if (asyncContext == nullptr) { return; } - AccessTokenID selfTokenId = static_cast(GetSelfTokenID()); - if (asyncContext->tokenId != selfTokenId) { + AccessTokenIDEx selfTokenIdEx = {GetSelfTokenID()}; + if (!AccessTokenKit::IsSystemAppByFullTokenID(static_cast(selfTokenIdEx.tokenIDEx)) && + asyncContext->tokenId != selfTokenIdEx.tokenIdExStruct.tokenID) { int32_t cnt = g_cnt.fetch_add(1); if (cnt % REPORT_CNT == 0) { HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "VERIFY_ACCESS_TOKEN_EVENT", HiviewDFX::HiSysEvent::EventType::STATISTIC, "EVENT_CODE", VERIFY_TOKENID_INCONSISTENCY, - "SELF_TOKENID", selfTokenId, "CONTEXT_TOKENID", asyncContext->tokenId); + "SELF_TOKENID", selfTokenIdEx.tokenIdExStruct.tokenID, "CONTEXT_TOKENID", asyncContext->tokenId); } } asyncContext->result = AccessTokenKit::VerifyAccessToken(asyncContext->tokenId, asyncContext->permissionName); @@ -474,13 +475,14 @@ void NapiAtManager::CheckAccessTokenExecute(napi_env env, void *data) asyncContext->errorCode = JS_ERROR_PARAM_INVALID; return; } - AccessTokenID selfTokenId = static_cast(GetSelfTokenID()); - if (asyncContext->tokenId != selfTokenId) { + AccessTokenIDEx selfTokenIdEx = {GetSelfTokenID()}; + if (!AccessTokenKit::IsSystemAppByFullTokenID(static_cast(selfTokenIdEx.tokenIDEx)) && + asyncContext->tokenId != selfTokenIdEx.tokenIdExStruct.tokenID) { int32_t cnt = g_cnt.fetch_add(1); if (cnt % REPORT_CNT == 0) { HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "VERIFY_ACCESS_TOKEN_EVENT", HiviewDFX::HiSysEvent::EventType::STATISTIC, "EVENT_CODE", VERIFY_TOKENID_INCONSISTENCY, - "SELF_TOKENID", selfTokenId, "CONTEXT_TOKENID", asyncContext->tokenId); + "SELF_TOKENID", selfTokenIdEx.tokenIdExStruct.tokenID, "CONTEXT_TOKENID", asyncContext->tokenId); } } @@ -612,8 +614,9 @@ napi_value NapiAtManager::VerifyAccessTokenSync(napi_env env, napi_callback_info return nullptr; } if (syncContext->tokenId != static_cast(selfTokenId)) { - int32_t cnt = g_cnt.fetch_add(1); - if (cnt % REPORT_CNT == 0) { + int32_t cnt = g_cnt; + if (!AccessTokenKit::IsSystemAppByFullTokenID(selfTokenId) && cnt % REPORT_CNT == 0) { + g_cnt.fetch_add(1); AccessTokenID selfToken = static_cast(selfTokenId); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "VERIFY_ACCESS_TOKEN_EVENT", HiviewDFX::HiSysEvent::EventType::STATISTIC, "EVENT_CODE", VERIFY_TOKENID_INCONSISTENCY, diff --git a/services/privacymanager/src/active/active_status_callback_manager.cpp b/services/privacymanager/src/active/active_status_callback_manager.cpp index d5e926725..3c1a8ac98 100644 --- a/services/privacymanager/src/active/active_status_callback_manager.cpp +++ b/services/privacymanager/src/active/active_status_callback_manager.cpp @@ -154,12 +154,6 @@ void ActiveStatusCallbackManager::ActiveStatusChange(ActiveChangeResponse& info) void ActiveStatusCallbackManager::ExecuteCallbackAsync(ActiveChangeResponse& info) { - if (info.type == PERM_ACTIVE_IN_BACKGROUND) { - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK_EVENT", - HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "CODE", BACKGROUND_CALL_EVENT, - "CALLER_TOKENID", info.tokenID, "PERMISSION_NAME", info.permissionName, "REASON", "background call"); - } - #ifdef EVENTHANDLER_ENABLE if (eventHandler_ == nullptr) { LOGE(PRI_DOMAIN, PRI_TAG, "Fail to get EventHandler"); -- Gitee From 98469445e8482014a150703bf61059becc73449a Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Thu, 27 Mar 2025 19:50:16 +0800 Subject: [PATCH 021/103] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=A4=B1=E8=B4=A5?= =?UTF-8?q?=E7=94=A8=E4=BE=8B250327?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: I35c6c1aa6cdf9d025309b1ad73f2629b0b7a8293 --- .../test/unittest/src/token_sync_kit_test.cpp | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp b/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp index e26d00dc3..95e26e71d 100644 --- a/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp +++ b/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp @@ -103,7 +103,11 @@ HWTEST_F(TokenSyncKitTest, UpdateRemoteHapTokenInfo001, TestSize.Level1) StartOrStopTokenSyncService(true); // service is starting, but no permission(shell process) + SetNativeTokenId("hdcd"); + int32_t selfUid = getuid(); + setuid(10001); // 10001: UID ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, TokenSyncManagerClient::GetInstance().UpdateRemoteHapTokenInfo(tokenInfo)); + setuid(selfUid); // service is starting, and has permission(native process) SetNativeTokenId("accesstoken_service"); @@ -130,7 +134,11 @@ HWTEST_F(TokenSyncKitTest, GetRemoteHapTokenInfo001, TestSize.Level1) StartOrStopTokenSyncService(true); // service is starting, but no permission(shell process) + SetNativeTokenId("hdcd"); + int32_t selfUid = getuid(); + setuid(10001); // 10001: UID ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, TokenSyncManagerClient::GetInstance().GetRemoteHapTokenInfo("", 0)); + setuid(selfUid); // service is starting, and has permission(native process) SetNativeTokenId("accesstoken_service"); @@ -158,7 +166,11 @@ HWTEST_F(TokenSyncKitTest, DeleteRemoteHapTokenInfo001, TestSize.Level1) StartOrStopTokenSyncService(true); // service is starting, but no permission(shell process) + SetNativeTokenId("hdcd"); + int32_t selfUid = getuid(); + setuid(10001); // 10001: UID ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, TokenSyncManagerClient::GetInstance().DeleteRemoteHapTokenInfo(0)); + setuid(selfUid); // service is starting, and has permission(native process) SetNativeTokenId("accesstoken_service"); -- Gitee From 50961ef636c941e457dd62f7f667e19edf0e0286 Mon Sep 17 00:00:00 2001 From: liuleimin_hw Date: Thu, 27 Mar 2025 14:52:54 +0000 Subject: [PATCH 022/103] update services/accesstokenmanager/permission_definitions.json. Signed-off-by: liuleimin_hw --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 770b03143..173dbeaf4 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -5904,7 +5904,7 @@ "name": "ohos.permission.MANAGE_APN_SETTING", "grantMode": "system_grant", "availableLevel": "system_basic", - "availableType": "ENTERPRISE_NORMAL", + "availableType": "NORMAL", "since": 16, "deprecated": "", "provisionEnable": true, -- Gitee From 1aa4ebb2f4f84f704618c7b9a3608e6fc93d8611 Mon Sep 17 00:00:00 2001 From: zhaobenhong Date: Fri, 28 Mar 2025 01:45:23 +0000 Subject: [PATCH 023/103] update services/accesstokenmanager/permission_definitions.json. Signed-off-by: zhaobenhong --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index a40c08a02..0df61bbe8 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6381,6 +6381,16 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_SCREEN_TIME_GUARD", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "NORMAL", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false } ] } \ No newline at end of file -- Gitee From 6b648ad7e4eed9d53d1dd417ed57dad5511c9c65 Mon Sep 17 00:00:00 2001 From: keshengren <854706195@qq.com> Date: Fri, 28 Mar 2025 10:14:01 +0800 Subject: [PATCH 024/103] =?UTF-8?q?ohos.permission.GET=5FFILE=5FICON?= =?UTF-8?q?=E6=9D=83=E9=99=90=E5=9B=9E=E5=90=88API17?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: keshengren <854706195@qq.com> --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 785d80b01..15acd811b 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6285,7 +6285,7 @@ "grantMode": "system_grant", "availableLevel": "normal", "availableType": "NORMAL", - "since": 18, + "since": 17, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false -- Gitee From c2497a1d7165c85183576cbc98c9d2249153d414 Mon Sep 17 00:00:00 2001 From: bigtea Date: Tue, 4 Mar 2025 17:17:12 +0800 Subject: [PATCH 025/103] Privacy manager idlization with macro Signed-off-by: bigtea --- .../privacy/include/i_privacy_manager.h | 79 -- interfaces/innerkits/privacy/BUILD.gn | 9 +- .../privacy/src/privacy_manager_client.cpp | 85 +- .../privacy/src/privacy_manager_client.h | 4 +- .../privacy/src/privacy_manager_proxy.cpp | 609 ------------ .../privacy/src/privacy_manager_proxy.h | 67 -- interfaces/innerkits/privacy/test/BUILD.gn | 9 +- services/privacymanager/BUILD.gn | 102 +- .../privacymanager/idl/IPrivacyManager.idl | 46 + .../include/service/privacy_manager_service.h | 27 +- .../include/service/privacy_manager_stub.h | 77 -- .../src/record/permission_record_manager.cpp | 3 + .../src/service/privacy_manager_service.cpp | 226 ++++- .../src/service/privacy_manager_stub.cpp | 605 ------------ .../privacymanager/test/coverage/BUILD.gn | 7 +- .../privacymanager/test/unittest/BUILD.gn | 9 +- .../unittest/privacy_manager_service_test.cpp | 920 +++++++++--------- test/fuzztest/innerkits/privacy/BUILD.gn | 1 + .../BUILD.gn | 42 + .../addpermissionusedrecordasync_fuzzer.cpp | 56 ++ .../addpermissionusedrecordasync_fuzzer.h | 39 +- .../corpus/init | 14 + .../project.xml | 25 + test/fuzztest/services/privacy/BUILD.gn | 3 +- .../BUILD.gn | 48 + ...ddpermissionusedrecordasyncstub_fuzzer.cpp | 67 ++ .../addpermissionusedrecordasyncstub_fuzzer.h | 21 + .../corpus/init | 14 + .../project.xml | 25 + .../BUILD.gn | 7 +- .../addpermissionusedrecordstub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- ...tpermissionusedrecordsasyncstub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- .../getpermissionusedrecordsstub_fuzzer.cpp | 6 +- .../BUILD.gn | 5 +- ...ssionusedrecordtogglestatusstub_fuzzer.cpp | 4 +- .../BUILD.gn | 7 +- .../getpermissionusedtypeinfosstub_fuzzer.cpp | 6 +- .../getseccompenhancestub_fuzzer/BUILD.gn | 7 +- .../getseccompenhancestub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- .../getspecialseccompenhancestub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- .../isallowedusingpermissionstub_fuzzer.cpp | 6 +- .../services/privacy/privacy_service_fuzz.gni | 4 +- .../BUILD.gn | 7 +- ...terpermactivestatuscallbackstub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- .../registerseccompenhancestub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- ...removepermissionusedrecordsstub_fuzzer.cpp | 6 +- .../sethapwithfgreminderstub_fuzzer/BUILD.gn | 7 +- .../sethapwithfgreminderstub_fuzzer.cpp | 6 +- .../privacy/setmutepolicystub_fuzzer/BUILD.gn | 7 +- .../setmutepolicystub_fuzzer.cpp | 6 +- .../BUILD.gn | 5 +- ...ssionusedrecordtogglestatusstub_fuzzer.cpp | 4 +- .../BUILD.gn | 7 +- ...tartusingpermissioncallbackstub_fuzzer.cpp | 6 +- .../startusingpermissionstub_fuzzer/BUILD.gn | 7 +- .../startusingpermissionstub_fuzzer.cpp | 6 +- .../stopusingpermissionstub_fuzzer/BUILD.gn | 7 +- .../stopusingpermissionstub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- ...terpermactivestatuscallbackstub_fuzzer.cpp | 6 +- .../updateseccompenhancestub_fuzzer/BUILD.gn | 7 +- .../updateseccompenhancestub_fuzzer.cpp | 6 +- 68 files changed, 1381 insertions(+), 2101 deletions(-) delete mode 100644 frameworks/privacy/include/i_privacy_manager.h delete mode 100644 interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp delete mode 100644 interfaces/innerkits/privacy/src/privacy_manager_proxy.h create mode 100644 services/privacymanager/idl/IPrivacyManager.idl delete mode 100644 services/privacymanager/include/service/privacy_manager_stub.h delete mode 100644 services/privacymanager/src/service/privacy_manager_stub.cpp create mode 100644 test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/BUILD.gn create mode 100644 test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.cpp rename frameworks/privacy/include/privacy_service_ipc_interface_code.h => test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.h (33%) create mode 100644 test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/corpus/init create mode 100644 test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/project.xml create mode 100644 test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/BUILD.gn create mode 100644 test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.cpp create mode 100644 test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.h create mode 100644 test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/corpus/init create mode 100644 test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/project.xml diff --git a/frameworks/privacy/include/i_privacy_manager.h b/frameworks/privacy/include/i_privacy_manager.h deleted file mode 100644 index 6c8cf6a2a..000000000 --- a/frameworks/privacy/include/i_privacy_manager.h +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (c) 2022-2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef I_PRIVACY_MANAGER_H -#define I_PRIVACY_MANAGER_H - -#include - -#include "access_token.h" -#include "add_perm_param_info_parcel.h" -#include "errors.h" -#include "iremote_broker.h" - -#include "on_permission_used_record_callback.h" -#include "privacy_service_ipc_interface_code.h" -#include "permission_used_request_parcel.h" -#include "permission_used_result_parcel.h" -#include "permission_used_type_info_parcel.h" -#include "privacy_param.h" -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -#include "sec_comp_enhance_data_parcel.h" -#endif - -/* SAID:3505 */ -namespace OHOS { -namespace Security { -namespace AccessToken { -class IPrivacyManager : public IRemoteBroker { -public: - static const int32_t SA_ID_PRIVACY_MANAGER_SERVICE = 3505; - - DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IPrivacyManager"); - - virtual int32_t AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel, bool asyncMode = false) = 0; - virtual int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) = 0; - virtual int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) = 0; - virtual int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel, - const sptr& anonyStub) = 0; - virtual int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel, - const sptr& callback, const sptr& anonyStub) = 0; - virtual int32_t StopUsingPermission(AccessTokenID tokenID, int32_t pid, const std::string& permissionName) = 0; - virtual int32_t RemovePermissionUsedRecords(AccessTokenID tokenID) = 0; - virtual int32_t GetPermissionUsedRecords( - const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) = 0; - virtual int32_t GetPermissionUsedRecords( - const PermissionUsedRequestParcel& request, const sptr& callback) = 0; - virtual int32_t RegisterPermActiveStatusCallback( - std::vector& permList, const sptr& callback) = 0; - virtual int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) = 0; - virtual bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid) = 0; - virtual int32_t SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, AccessTokenID tokenID) = 0; - virtual int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed) = 0; -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE - virtual int32_t RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel) = 0; - virtual int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) = 0; - virtual int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) = 0; - virtual int32_t GetSpecialSecCompEnhance(const std::string& bundleName, - std::vector& enhanceParcelList) = 0; -#endif - virtual int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, - std::vector& resultsParcel) = 0; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS - -#endif // I_PRIVACY_MANAGER_H diff --git a/interfaces/innerkits/privacy/BUILD.gn b/interfaces/innerkits/privacy/BUILD.gn index 1b1c41ad0..014dfce75 100644 --- a/interfaces/innerkits/privacy/BUILD.gn +++ b/interfaces/innerkits/privacy/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2022-2023 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -36,7 +36,10 @@ if (is_standard_system) { output_name = "libprivacy_sdk" - public_configs = [ ":pricacy" ] + public_configs = [ + ":pricacy", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = [ "${access_token_path}/frameworks/privacy/include", @@ -54,7 +57,6 @@ if (is_standard_system) { "src/privacy_death_recipient.cpp", "src/privacy_kit.cpp", "src/privacy_manager_client.cpp", - "src/privacy_manager_proxy.cpp", "src/state_change_callback.cpp", "src/state_change_callback_stub.cpp", "src/state_customized_cbk.cpp", @@ -64,6 +66,7 @@ if (is_standard_system) { "${access_token_path}/frameworks/common:accesstoken_common_cxx", "${access_token_path}/frameworks/privacy:privacy_communication_adapter_cxx", "${access_token_path}/services/common/proxy_death:proxy_death_stub", + "${access_token_path}/services/privacymanager:privacy_manager_proxy", ] configs = [ diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp index b3ecd9fa4..f65f1bae4 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022-2023 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -30,6 +30,7 @@ namespace { const static int32_t MAX_CALLBACK_SIZE = 200; const static int32_t MAX_PERM_LIST_SIZE = 1024; constexpr const char* CAMERA_PERMISSION_NAME = "ohos.permission.CAMERA"; +static const int32_t SA_ID_PRIVACY_MANAGER_SERVICE = 3505; std::recursive_mutex g_instanceMutex; } // namespace @@ -56,6 +57,21 @@ PrivacyManagerClient::~PrivacyManagerClient() ReleaseProxy(); } +static int32_t ConvertResult(int32_t ret) +{ + switch (ret) { + case ERR_INVALID_DATA: + ret = ERR_WRITE_PARCEL_FAILED; + break; + case ERR_TRANSACTION_FAILED: + ret = ERR_SERVICE_ABNORMAL; + break; + default: + return ret; + } + return ret; +} + int32_t PrivacyManagerClient::AddPermissionUsedRecord(const AddPermParamInfo& info, bool asyncMode) { auto proxy = GetProxy(); @@ -65,7 +81,13 @@ int32_t PrivacyManagerClient::AddPermissionUsedRecord(const AddPermParamInfo& in } AddPermParamInfoParcel infoParcel; infoParcel.info = info; - return proxy->AddPermissionUsedRecord(infoParcel, asyncMode); + int32_t ret; + if (asyncMode) { + ret = proxy->AddPermissionUsedRecordAsync(infoParcel); + } else { + ret = proxy->AddPermissionUsedRecord(infoParcel); + } + return ConvertResult(ret); } int32_t PrivacyManagerClient::SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) @@ -76,7 +98,8 @@ int32_t PrivacyManagerClient::SetPermissionUsedRecordToggleStatus(int32_t userID return PrivacyError::ERR_SERVICE_ABNORMAL; } - return proxy->SetPermissionUsedRecordToggleStatus(userID, status); + int32_t ret = proxy->SetPermissionUsedRecordToggleStatus(userID, status); + return ConvertResult(ret); } int32_t PrivacyManagerClient::GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) @@ -87,7 +110,8 @@ int32_t PrivacyManagerClient::GetPermissionUsedRecordToggleStatus(int32_t userID return PrivacyError::ERR_SERVICE_ABNORMAL; } - return proxy->GetPermissionUsedRecordToggleStatus(userID, status); + int32_t ret = proxy->GetPermissionUsedRecordToggleStatus(userID, status); + return ConvertResult(ret); } int32_t PrivacyManagerClient::StartUsingPermission( @@ -110,7 +134,8 @@ int32_t PrivacyManagerClient::StartUsingPermission( LOGE(PRI_DOMAIN, PRI_TAG, "Proxy death recipent is null."); return PrivacyError::ERR_MALLOC_FAILED; } - return proxy->StartUsingPermission(parcel, anonyStub); + int32_t ret = proxy->StartUsingPermission(parcel, anonyStub); + return ConvertResult(ret); } int32_t PrivacyManagerClient::CreateStateChangeCbk(uint64_t id, @@ -161,13 +186,13 @@ int32_t PrivacyManagerClient::StartUsingPermission(AccessTokenID tokenId, int32_ LOGE(PRI_DOMAIN, PRI_TAG, "Proxy death recipent is null."); return PrivacyError::ERR_MALLOC_FAILED; } - result = proxy->StartUsingPermission(parcel, callbackWrap->AsObject(), anonyStub); + result = proxy->StartUsingPermissionCallback(parcel, callbackWrap->AsObject(), anonyStub); if (result == RET_SUCCESS) { std::lock_guard lock(stateCbkMutex_); stateChangeCallbackMap_[id] = callbackWrap; LOGI(PRI_DOMAIN, PRI_TAG, "CallbackObject added."); } - return result; + return ConvertResult(result); } int32_t PrivacyManagerClient::StopUsingPermission( @@ -187,7 +212,8 @@ int32_t PrivacyManagerClient::StopUsingPermission( } } - return proxy->StopUsingPermission(tokenID, pid, permissionName); + int32_t ret = proxy->StopUsingPermission(tokenID, pid, permissionName); + return ConvertResult(ret); } int32_t PrivacyManagerClient::RemovePermissionUsedRecords(AccessTokenID tokenID) @@ -197,7 +223,8 @@ int32_t PrivacyManagerClient::RemovePermissionUsedRecords(AccessTokenID tokenID) LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null."); return PrivacyError::ERR_SERVICE_ABNORMAL; } - return proxy->RemovePermissionUsedRecords(tokenID); + int32_t ret = proxy->RemovePermissionUsedRecords(tokenID); + return ConvertResult(ret); } int32_t PrivacyManagerClient::GetPermissionUsedRecords( @@ -214,7 +241,7 @@ int32_t PrivacyManagerClient::GetPermissionUsedRecords( requestParcel.request = request; int32_t ret = proxy->GetPermissionUsedRecords(requestParcel, resultParcel); result = resultParcel.result; - return ret; + return ConvertResult(ret); } int32_t PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedRequest& request, @@ -228,7 +255,8 @@ int32_t PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedReque PermissionUsedRequestParcel requestParcel; requestParcel.request = request; - return proxy->GetPermissionUsedRecords(requestParcel, callback); + int32_t ret = proxy->GetPermissionUsedRecordsAsync(requestParcel, callback); + return ConvertResult(ret); } int32_t PrivacyManagerClient::CreateActiveStatusChangeCbk( @@ -285,7 +313,7 @@ int32_t PrivacyManagerClient::RegisterPermActiveStatusCallback( activeCbkMap_[callback] = callbackWrap; LOGI(PRI_DOMAIN, PRI_TAG, "CallbackObject added."); } - return result; + return ConvertResult(result); } int32_t PrivacyManagerClient::UnRegisterPermActiveStatusCallback( @@ -308,7 +336,7 @@ int32_t PrivacyManagerClient::UnRegisterPermActiveStatusCallback( if (result == RET_SUCCESS) { activeCbkMap_.erase(goalCallback); } - return result; + return ConvertResult(result); } bool PrivacyManagerClient::IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, @@ -319,7 +347,9 @@ bool PrivacyManagerClient::IsAllowedUsingPermission(AccessTokenID tokenID, const LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null."); return false; } - return proxy->IsAllowedUsingPermission(tokenID, permissionName, pid); + bool isAllowed = false; + proxy->IsAllowedUsingPermission(tokenID, permissionName, pid, isAllowed); + return isAllowed; } #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE @@ -332,7 +362,8 @@ int32_t PrivacyManagerClient::RegisterSecCompEnhance(const SecCompEnhanceData& e } SecCompEnhanceDataParcel registerParcel; registerParcel.enhanceData = enhance; - return proxy->RegisterSecCompEnhance(registerParcel); + int32_t ret = proxy->RegisterSecCompEnhance(registerParcel); + return ConvertResult(ret); } int32_t PrivacyManagerClient::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) @@ -342,7 +373,8 @@ int32_t PrivacyManagerClient::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null."); return PrivacyError::ERR_PARAM_INVALID; } - return proxy->UpdateSecCompEnhance(pid, seqNum); + int32_t ret = proxy->UpdateSecCompEnhance(pid, seqNum); + return ConvertResult(ret); } int32_t PrivacyManagerClient::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance) @@ -355,7 +387,7 @@ int32_t PrivacyManagerClient::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& SecCompEnhanceDataParcel parcel; int32_t res = proxy->GetSecCompEnhance(pid, parcel); if (res != RET_SUCCESS) { - return res; + return ConvertResult(res); } enhance = parcel.enhanceData; return RET_SUCCESS; @@ -372,7 +404,7 @@ int32_t PrivacyManagerClient::GetSpecialSecCompEnhance(const std::string& bundle std::vector parcelList; int32_t res = proxy->GetSpecialSecCompEnhance(bundleName, parcelList); if (res != RET_SUCCESS) { - return res; + return ConvertResult(res); } std::transform(parcelList.begin(), parcelList.end(), std::back_inserter(enhanceList), @@ -393,7 +425,7 @@ int32_t PrivacyManagerClient::GetPermissionUsedTypeInfos(const AccessTokenID tok std::vector resultsParcel; int32_t res = proxy->GetPermissionUsedTypeInfos(tokenId, permissionName, resultsParcel); if (res != RET_SUCCESS) { - return res; + return ConvertResult(res); } std::transform(resultsParcel.begin(), resultsParcel.end(), std::back_inserter(results), @@ -409,7 +441,8 @@ int32_t PrivacyManagerClient::SetMutePolicy(uint32_t policyType, uint32_t caller LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null."); return PrivacyError::ERR_SERVICE_ABNORMAL; } - return proxy->SetMutePolicy(policyType, callerType, isMute, tokenID); + int32_t ret = proxy->SetMutePolicy(policyType, callerType, isMute, tokenID); + return ConvertResult(ret); } int32_t PrivacyManagerClient::SetHapWithFGReminder(uint32_t tokenId, bool isAllowed) @@ -419,7 +452,8 @@ int32_t PrivacyManagerClient::SetHapWithFGReminder(uint32_t tokenId, bool isAllo LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null."); return PrivacyError::ERR_SERVICE_ABNORMAL; } - return proxy->SetHapWithFGReminder(tokenId, isAllowed); + int32_t ret = proxy->SetHapWithFGReminder(tokenId, isAllowed); + return ConvertResult(ret); } uint64_t PrivacyManagerClient::GetUniqueId(uint32_t tokenId, int32_t pid) const @@ -433,13 +467,12 @@ void PrivacyManagerClient::InitProxy() if (proxy_ == nullptr || proxy_->AsObject() == nullptr || proxy_->AsObject()->IsObjectDead()) { auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); if (sam == nullptr) { - LOGD(PRI_DOMAIN, PRI_TAG, "GetSystemAbilityManager is null"); + LOGE(PRI_DOMAIN, PRI_TAG, "GetSystemAbilityManager is null"); return; } - auto privacySa = sam->CheckSystemAbility(IPrivacyManager::SA_ID_PRIVACY_MANAGER_SERVICE); + auto privacySa = sam->CheckSystemAbility(SA_ID_PRIVACY_MANAGER_SERVICE); if (privacySa == nullptr) { - LOGD(PRI_DOMAIN, PRI_TAG, "CheckSystemAbility %{public}d is null", - IPrivacyManager::SA_ID_PRIVACY_MANAGER_SERVICE); + LOGE(PRI_DOMAIN, PRI_TAG, "CheckSystemAbility %{public}d is null", SA_ID_PRIVACY_MANAGER_SERVICE); return; } @@ -449,7 +482,7 @@ void PrivacyManagerClient::InitProxy() } proxy_ = new PrivacyManagerProxy(privacySa); if (proxy_ == nullptr || proxy_->AsObject() == nullptr || proxy_->AsObject()->IsObjectDead()) { - LOGD(PRI_DOMAIN, PRI_TAG, "Iface_cast get null"); + LOGE(PRI_DOMAIN, PRI_TAG, "Iface_cast get null"); } } } diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.h b/interfaces/innerkits/privacy/src/privacy_manager_client.h index 9003ec57c..8dcca2149 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.h +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022-2023 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include #include -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "perm_active_status_change_callback.h" #include "perm_active_status_customized_cbk.h" #include "privacy_death_recipient.h" diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp deleted file mode 100644 index 77f50a836..000000000 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp +++ /dev/null @@ -1,609 +0,0 @@ -/* - * Copyright (c) 2022-2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "privacy_manager_proxy.h" - -#include "accesstoken_common_log.h" -#include "privacy_error.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { - -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -static const int MAX_SEC_COMP_ENHANCE_SIZE = 1000; -#endif -// if change this, copy value in privacy_kit_test.cpp should change together -static const uint32_t MAX_PERMISSION_USED_TYPE_SIZE = 2000; -} - -PrivacyManagerProxy::PrivacyManagerProxy(const sptr& impl) - : IRemoteProxy(impl) { -} - -PrivacyManagerProxy::~PrivacyManagerProxy() -{} - -int32_t PrivacyManagerProxy::AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel, bool asyncMode) -{ - MessageParcel addData; - addData.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!addData.WriteParcelable(&infoParcel)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteParcelable(infoParcel)"); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD, addData, reply, asyncMode)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t PrivacyManagerProxy::SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteInt32(userID)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write userID"); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteBool(status)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write status"); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(PrivacyInterfaceCode::SET_PERMISSION_USED_RECORD_TOGGLE_STATUS, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = 0; - if (!reply.ReadInt32(result)) { - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server (error=%{public}d)", result); - return ERR_READ_PARCEL_FAILED; - } - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t PrivacyManagerProxy::GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteInt32(userID)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write userID"); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORD_TOGGLE_STATUS, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = 0; - if (!reply.ReadInt32(result)) { - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server (error=%{public}d)", result); - return ERR_READ_PARCEL_FAILED; - } - if (result != RET_SUCCESS) { - LOGE(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; - } - - if (!reply.ReadBool(status)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read status"); - return ERR_READ_PARCEL_FAILED; - } - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t PrivacyManagerProxy::StartUsingPermission( - const PermissionUsedTypeInfoParcel &infoParcel, const sptr& anonyStub) -{ - MessageParcel startData; - startData.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!startData.WriteParcelable(&infoParcel)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write permission used info parcel."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!startData.WriteRemoteObject(anonyStub)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write remote object."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(PrivacyInterfaceCode::START_USING_PERMISSION, startData, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t PrivacyManagerProxy::StartUsingPermission( - const PermissionUsedTypeInfoParcel &infoParcel, - const sptr& callback, const sptr& anonyStub) -{ - MessageParcel data; - data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!data.WriteParcelable(&infoParcel)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write permission used info parcel."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteRemoteObject(callback)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write remote object."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteRemoteObject(anonyStub)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write remote object."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(PrivacyInterfaceCode::START_USING_PERMISSION_CALLBACK, data, reply)) { - LOGE(PRI_DOMAIN, PRI_TAG, "SendRequest fail"); - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t PrivacyManagerProxy::StopUsingPermission( - AccessTokenID tokenID, int32_t pid, const std::string& permissionName) -{ - MessageParcel stopData; - stopData.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!stopData.WriteUint32(tokenID)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write tokenID"); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!stopData.WriteInt32(pid)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write pid"); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!stopData.WriteString(permissionName)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write permissionName"); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(PrivacyInterfaceCode::STOP_USING_PERMISSION, stopData, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t PrivacyManagerProxy::RemovePermissionUsedRecords(AccessTokenID tokenID) -{ - MessageParcel data; - data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!data.WriteUint32(tokenID)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", tokenID); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(PrivacyInterfaceCode::DELETE_PERMISSION_USED_RECORDS, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, - PermissionUsedResultParcel& result) -{ - MessageParcel data; - data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!data.WriteParcelable(&request)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteParcelable(request)"); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t ret = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", ret); - if (ret != RET_SUCCESS) { - return ret; - } - sptr resultSptr = reply.ReadParcelable(); - if (resultSptr == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "ReadParcelable fail"); - return PrivacyError::ERR_READ_PARCEL_FAILED; - } - result = *resultSptr; - return ret; -} - -int32_t PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, - const sptr& callback) -{ - MessageParcel data; - data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!data.WriteParcelable(&request)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteParcelable(request)"); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteRemoteObject(callback->AsObject())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteRemoteObject(callback)"); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS_ASYNC, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t PrivacyManagerProxy::RegisterPermActiveStatusCallback( - std::vector& permList, const sptr& callback) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - uint32_t listSize = permList.size(); - if (!data.WriteUint32(listSize)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write listSize"); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - for (uint32_t i = 0; i < listSize; i++) { - if (!data.WriteString(permList[i])) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write permList[%{public}d], %{public}s", i, permList[i].c_str()); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - } - - if (!data.WriteRemoteObject(callback)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write remote object."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - MessageParcel reply; - if (!SendRequest(PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t PrivacyManagerProxy::UnRegisterPermActiveStatusCallback(const sptr& callback) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteRemoteObject(callback)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write remote object."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - MessageParcel reply; - if (!SendRequest( - PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -bool PrivacyManagerProxy::IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, - int32_t pid) -{ - MessageParcel data; - MessageParcel reply; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken."); - return false; - } - if (!data.WriteUint32(tokenID)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", tokenID); - return false; - } - if (!data.WriteString(permissionName)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteString(%{public}s)", permissionName.c_str()); - return false; - } - if (!data.WriteInt32(pid)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteInt32(%{public}d)", pid); - return false; - } - if (!SendRequest(PrivacyInterfaceCode::IS_ALLOWED_USING_PERMISSION, data, reply)) { - return false; - } - - bool result = reply.ReadBool(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -int32_t PrivacyManagerProxy::RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhance) -{ - MessageParcel data; - MessageParcel reply; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteParcelable(&enhance)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write parcel."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - if (!SendRequest(PrivacyInterfaceCode::REGISTER_SEC_COMP_ENHANCE, data, reply, true)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t PrivacyManagerProxy::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) -{ - MessageParcel data; - MessageParcel reply; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write GetDescriptor."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteInt32(pid)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write pid=%{public}d.", pid); - return false; - } - if (!data.WriteUint32(seqNum)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write seqNum=%{public}u.", seqNum); - return false; - } - if (!SendRequest(PrivacyInterfaceCode::UPDATE_SEC_COMP_ENHANCE, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result=%{public}d", result); - return result; -} - -int32_t PrivacyManagerProxy::GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) -{ - MessageParcel data; - MessageParcel reply; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteInt32(pid)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteInt32(%{public}d)", pid); - return false; - } - if (!SendRequest(PrivacyInterfaceCode::GET_SEC_COMP_ENHANCE, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - if (result != RET_SUCCESS) { - return result; - } - - sptr parcel = reply.ReadParcelable(); - if (parcel != nullptr) { - enhanceParcel = *parcel; - } - return result; -} - -int32_t PrivacyManagerProxy::GetSpecialSecCompEnhance(const std::string& bundleName, - std::vector& enhanceParcelList) -{ - MessageParcel data; - MessageParcel reply; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteString(bundleName)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write string."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - if (!SendRequest(PrivacyInterfaceCode::GET_SPECIAL_SEC_COMP_ENHANCE, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server data = %{public}d", result); - if (result != RET_SUCCESS) { - return result; - } - - uint32_t size = reply.ReadUint32(); - if (size > MAX_SEC_COMP_ENHANCE_SIZE) { - LOGE(PRI_DOMAIN, PRI_TAG, "Size = %{public}d get from request is invalid", size); - return PrivacyError::ERR_OVERSIZE; - } - for (uint32_t i = 0; i < size; i++) { - sptr parcel = reply.ReadParcelable(); - if (parcel != nullptr) { - enhanceParcelList.emplace_back(*parcel); - } - } - return result; -} -#endif - -int32_t PrivacyManagerProxy::GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, - std::vector& resultsParcel) -{ - MessageParcel data; - MessageParcel reply; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenId)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", tokenId); - return false; - } - if (!data.WriteString(permissionName)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteString(%{public}s)", permissionName.c_str()); - return false; - } - - if (!SendRequest(PrivacyInterfaceCode::GET_PERMISSION_USED_TYPE_INFOS, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server is %{public}d.", result); - if (result != RET_SUCCESS) { - return result; - } - - uint32_t size = reply.ReadUint32(); - if (size > MAX_PERMISSION_USED_TYPE_SIZE) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed, results oversize %{public}d, please add query params!", size); - return PrivacyError::ERR_OVERSIZE; - } - for (uint32_t i = 0; i < size; i++) { - sptr parcel = reply.ReadParcelable(); - if (parcel != nullptr) { - resultsParcel.emplace_back(*parcel); - } - } - return result; -} - -int32_t PrivacyManagerProxy::SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, AccessTokenID tokenID) -{ - MessageParcel data; - MessageParcel reply; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteUint32(policyType)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", policyType); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(callerType)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", callerType); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteBool(isMute)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteBool(%{public}d)", isMute); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", tokenID); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!SendRequest(PrivacyInterfaceCode::SET_MUTE_POLICY, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "result from server is %{public}d.", result); - return result; -} - -int32_t PrivacyManagerProxy::SetHapWithFGReminder(uint32_t tokenId, bool isAllowed) -{ - MessageParcel data; - MessageParcel reply; - if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to write WriteInterfaceToken."); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteUint32(tokenId)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteUint32(%{public}d)", tokenId); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteBool(isAllowed)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteBool(%{public}d)", isAllowed); - return PrivacyError::ERR_WRITE_PARCEL_FAILED; - } - if (!SendRequest(PrivacyInterfaceCode::SET_HAP_WITH_FOREGROUND_REMINDER, data, reply)) { - return PrivacyError::ERR_SERVICE_ABNORMAL; - } - int32_t result = reply.ReadInt32(); - LOGI(PRI_DOMAIN, PRI_TAG, "Result from server is %{public}d.", result); - return result; -} - -bool PrivacyManagerProxy::SendRequest( - PrivacyInterfaceCode code, MessageParcel& data, MessageParcel& reply, bool asyncMode) -{ - int flag = 0; - if (asyncMode) { - flag = static_cast(MessageOption::TF_ASYNC); - } else { - flag = static_cast(MessageOption::TF_SYNC); - } - MessageOption option(flag); - sptr remote = Remote(); - if (remote == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Remote service null."); - return false; - } - - int32_t result = remote->SendRequest(static_cast(code), data, reply, option); - if (result != NO_ERROR) { - LOGE(PRI_DOMAIN, PRI_TAG, "SendRequest(code=%{public}d) fail, result: %{public}d", code, result); - return false; - } - return true; -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h deleted file mode 100644 index c9da62420..000000000 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 2022-2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PRIVACY_MANAGER_PROXY_H -#define PRIVACY_MANAGER_PROXY_H - -#include - -#include "i_privacy_manager.h" -#include "iremote_proxy.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class PrivacyManagerProxy : public IRemoteProxy { -public: - explicit PrivacyManagerProxy(const sptr& impl); - ~PrivacyManagerProxy() override; - - int32_t AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel, bool asyncMode = false) override; - int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) override; - int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) override; - int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel, - const sptr& anonyStub) override; - int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel, - const sptr& callback, const sptr& anonyStub) override; - int32_t StopUsingPermission(AccessTokenID tokenID, int32_t pid, const std::string& permissionName) override; - int32_t RemovePermissionUsedRecords(AccessTokenID tokenID) override; - int32_t GetPermissionUsedRecords( - const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; - int32_t GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, - const sptr& callback) override; - int32_t RegisterPermActiveStatusCallback( - std::vector& permList, const sptr& callback) override; - int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) override; - bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid) override; -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE - int32_t RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhance) override; - int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) override; - int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) override; - int32_t GetSpecialSecCompEnhance(const std::string& bundleName, - std::vector& enhanceParcelList) override; -#endif - int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, - std::vector& resultsParcel) override; - int32_t SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, AccessTokenID tokenID) override; - int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed) override; -private: - bool SendRequest(PrivacyInterfaceCode code, MessageParcel& data, MessageParcel& reply, bool asyncMode = false); - static inline BrokerDelegator delegator_; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // PRIVACY_MANAGER_PROXY_H diff --git a/interfaces/innerkits/privacy/test/BUILD.gn b/interfaces/innerkits/privacy/test/BUILD.gn index 5619b3333..d8f958779 100644 --- a/interfaces/innerkits/privacy/test/BUILD.gn +++ b/interfaces/innerkits/privacy/test/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2022-2024 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -108,7 +108,6 @@ ohos_unittest("libprivacy_mock_test") { "../src/privacy_death_recipient.cpp", "../src/privacy_kit.cpp", "../src/privacy_manager_client.cpp", - "../src/privacy_manager_proxy.cpp", "../src/state_change_callback.cpp", "../src/state_change_callback_stub.cpp", "../src/state_customized_cbk.cpp", @@ -116,7 +115,10 @@ ohos_unittest("libprivacy_mock_test") { "unittest/privacy_mock_test/privacy_kit_test.cpp", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx", @@ -125,6 +127,7 @@ ohos_unittest("libprivacy_mock_test") { "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared", "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", "${access_token_path}/services/common/proxy_death:proxy_death_stub", + "${access_token_path}/services/privacymanager:privacy_manager_proxy", ] external_deps = [ diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn index 24f932dbd..f77373b51 100644 --- a/services/privacymanager/BUILD.gn +++ b/services/privacymanager/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2022-2024 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,9 +11,106 @@ # See the License for the specific language governing permissions and # limitations under the License. +import("//build/config/components/idl_tool/idl.gni") import("//build/ohos.gni") import("../../access_token.gni") +idl_gen_interface("privacy_manager_interface") { + sources = [ "./idl/IPrivacyManager.idl" ] + log_domainid = "0xD005A02" + log_tag = "PRIVACY" + subsystem_name = "security" + part_name = "access_token" +} + +config("privacy_manager_gen_config") { + include_dirs = [ "${target_gen_dir}" ] +} + +ohos_source_set("privacy_manager_proxy") { + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + + output_values = get_target_outputs(":privacy_manager_interface") + + include_dirs = [ + "${access_token_path}/frameworks/privacy/include", + "${access_token_path}/frameworks/common/include", + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/interfaces/innerkits/privacy/include", + "${access_token_path}/interfaces/innerkits/privacy/src", + "include", + "src", + ] + + sources = filter_include(output_values, [ "*_proxy.cpp" ]) + + deps = [ + ":privacy_manager_interface", + "${access_token_path}/frameworks/privacy:privacy_communication_adapter_cxx", + ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + "ipc:ipc_single", + "samgr:samgr_proxy", + ] + + cflags_cc = [] + if (security_component_enhance_enable) { + cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] + } + + subsystem_name = "security" + part_name = "access_token" +} + +ohos_source_set("privacy_manager_stub") { + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + + output_values = get_target_outputs(":privacy_manager_interface") + + include_dirs = [ + "${access_token_path}/frameworks/privacy/include", + "${access_token_path}/frameworks/common/include", + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/interfaces/innerkits/privacy/include", + "${access_token_path}/interfaces/innerkits/privacy/src", + "include", + "src", + ] + + sources = filter_include(output_values, [ "*_stub.cpp" ]) + + deps = [ + ":privacy_manager_interface", + "${access_token_path}/frameworks/privacy:privacy_communication_adapter_cxx", + ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + "ipc:ipc_single", + "samgr:samgr_proxy", + ] + + cflags_cc = [] + if (security_component_enhance_enable) { + cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] + } + + subsystem_name = "security" + part_name = "access_token" +} + ohos_prebuilt_etc("privacy.rc") { source = "privacy.cfg" relative_install_dir = "init" @@ -88,7 +185,6 @@ if (is_standard_system && ability_base_enable == true) { "src/sensitive/audio_manager/audio_manager_adapter.cpp", "src/sensitive/camera_manager/camera_manager_adapter.cpp", "src/service/privacy_manager_service.cpp", - "src/service/privacy_manager_stub.cpp", ] cflags_cc = [ @@ -98,6 +194,7 @@ if (is_standard_system && ability_base_enable == true) { configs = [ "${access_token_path}/config:access_token_compile_flags", "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", ] defines = [ "FEATURE_DTMF_TONE" ] @@ -109,6 +206,7 @@ if (is_standard_system && ability_base_enable == true) { "${access_token_path}/services/common:accesstoken_service_common", "${access_token_path}/services/common/proxy_death:proxy_death_handler", "${access_token_path}/services/privacymanager:privacy.rc", + "${access_token_path}/services/privacymanager:privacy_manager_stub", ] external_deps = [ diff --git a/services/privacymanager/idl/IPrivacyManager.idl b/services/privacymanager/idl/IPrivacyManager.idl new file mode 100644 index 000000000..19884439f --- /dev/null +++ b/services/privacymanager/idl/IPrivacyManager.idl @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package OHOS.Security.AccessToken; +interface OHOS.Security.AccessToken.OnPermissionUsedRecordCallback; +sequenceable OHOS.IRemoteObject; +sequenceable OHOS.Security.AccessToken.AddPermParamInfoParcel; +sequenceable OHOS.Security.AccessToken.PermissionUsedTypeInfoParcel; +sequenceable OHOS.Security.AccessToken.PermissionUsedRequestParcel; +sequenceable OHOS.Security.AccessToken.PermissionUsedResultParcel; +sequenceable OHOS.Security.AccessToken.SecCompEnhanceDataParcel; + +interface OHOS.Security.AccessToken.IPrivacyManager { + [ipccode 1] void AddPermissionUsedRecord([in] AddPermParamInfoParcel infoParcel); + [ipccode 2, oneway] void AddPermissionUsedRecordAsync([in] AddPermParamInfoParcel infoParcel); + [ipccode 3] void StartUsingPermission([in] PermissionUsedTypeInfoParcel infoParcel, [in] IRemoteObject anonyStub); + [ipccode 4] void StartUsingPermissionCallback([in] PermissionUsedTypeInfoParcel infoParcel, [in] IRemoteObject cb, [in] IRemoteObject anonyStub); + [ipccode 5] void StopUsingPermission([in] unsigned int tokenID, [in] int pid, [in] String permissionName); + [ipccode 6] void RemovePermissionUsedRecords([in] unsigned int tokenID); + [ipccode 7] void GetPermissionUsedRecords([in] PermissionUsedRequestParcel request, [out] PermissionUsedResultParcel resultParcel); + [ipccode 8] void GetPermissionUsedRecordsAsync([in] PermissionUsedRequestParcel request, [in] OnPermissionUsedRecordCallback cb); + [ipccode 9] void RegisterPermActiveStatusCallback([in] List permList, [in] IRemoteObject cb); + [ipccode 10] void UnRegisterPermActiveStatusCallback([in] IRemoteObject cb); + [ipccode 11] boolean IsAllowedUsingPermission([in] unsigned int tokenID, [in] String permissionName, [in] int pid); + [ipccode 12] void GetPermissionUsedTypeInfos([in] unsigned int tokenId, [in] String permissionName, [out] List resultsParcel); + [ipccode 13] void SetMutePolicy([in] unsigned int policyType, [in] unsigned int callerType, [in] boolean isMute, [in] unsigned int tokenID); + [ipccode 14] void SetHapWithFGReminder([in] unsigned int tokenId, [in] boolean isAllowed); + [ipccode 15] void SetPermissionUsedRecordToggleStatus([in] int userID, [in] boolean status); + [ipccode 16] void GetPermissionUsedRecordToggleStatus([in] int userID, [out] boolean status); + [ipccode 101, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE, oneway] void RegisterSecCompEnhance([in] SecCompEnhanceDataParcel enhanceParcel); + [ipccode 102, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void UpdateSecCompEnhance([in] int pid, [in] unsigned int seqNum); + [ipccode 103, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void GetSecCompEnhance([in] int pid, [out] SecCompEnhanceDataParcel enhanceParcel); + [ipccode 104, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void GetSpecialSecCompEnhance([in] String bundleName, [out] List enhanceParcelList); +} diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h index 08a785cf7..ed4a70e44 100644 --- a/services/privacymanager/include/service/privacy_manager_service.h +++ b/services/privacymanager/include/service/privacy_manager_service.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022-2023 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -40,21 +40,22 @@ public: void OnStart() override; void OnStop() override; - int32_t AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel, bool asyncMode = false) override; + int32_t AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel) override; + int32_t AddPermissionUsedRecordAsync(const AddPermParamInfoParcel& infoParcel) override; int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) override; int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) override; int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel, const sptr& anonyStub) override; - int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel, + int32_t StartUsingPermissionCallback(const PermissionUsedTypeInfoParcel &infoParcel, const sptr& callback, const sptr& anonyStub) override; int32_t StopUsingPermission(AccessTokenID tokenId, int32_t pid, const std::string& permissionName) override; int32_t RemovePermissionUsedRecords(AccessTokenID tokenId) override; int32_t GetPermissionUsedRecords( - const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; - int32_t GetPermissionUsedRecords( + const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& resultParcel) override; + int32_t GetPermissionUsedRecordsAsync( const PermissionUsedRequestParcel& request, const sptr& callback) override; int32_t RegisterPermActiveStatusCallback( - std::vector& permList, const sptr& callback) override; + const std::vector& permList, const sptr& callback) override; int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) override; #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE int32_t RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel) override; @@ -63,7 +64,8 @@ public: int32_t GetSpecialSecCompEnhance(const std::string& bundleName, std::vector& enhanceParcelList) override; #endif - bool IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName, int32_t pid) override; + int32_t IsAllowedUsingPermission( + AccessTokenID tokenId, const std::string& permissionName, int32_t pid, bool& isAllowed) override; int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, std::vector& resultsParcel) override; int32_t Dump(int32_t fd, const std::vector& args) override; @@ -77,6 +79,17 @@ private: void ProcessProxyDeathStub(const sptr& anonyStub, int32_t callerPid); void ReleaseDeathStub(int32_t callerPid); +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE + bool IsSecCompServiceCalling(); +#endif + bool IsPrivilegedCalling() const; + bool IsAccessTokenCalling() const; + bool IsSystemAppCalling() const; + bool VerifyPermission(const std::string& permission) const; + static const int32_t ACCESSTOKEN_UID = 3020; + AccessTokenID secCompTokenId_ = 0; + static const int32_t ROOT_UID = 0; + ServiceRunningState state_; #ifdef EVENTHANDLER_ENABLE diff --git a/services/privacymanager/include/service/privacy_manager_stub.h b/services/privacymanager/include/service/privacy_manager_stub.h deleted file mode 100644 index a79b423c7..000000000 --- a/services/privacymanager/include/service/privacy_manager_stub.h +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright (c) 2022-2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PRIVACY_MANAGER_STUB_H -#define PRIVACY_MANAGER_STUB_H - -#include - -#include "i_privacy_manager.h" -#include "iremote_stub.h" -#include "nocopyable.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class PrivacyManagerStub : public IRemoteStub { -public: - PrivacyManagerStub(); - virtual ~PrivacyManagerStub() = default; - - int32_t OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) override; - -private: - void AddPermissionUsedRecordInner(MessageParcel& data, MessageParcel& reply); - void SetPermissionUsedRecordToggleStatusInner(MessageParcel& data, MessageParcel& reply); - void GetPermissionUsedRecordToggleStatusInner(MessageParcel& data, MessageParcel& reply); - void StartUsingPermissionInner(MessageParcel& data, MessageParcel& reply); - void StartUsingPermissionCallbackInner(MessageParcel& data, MessageParcel& reply); - void StopUsingPermissionInner(MessageParcel& data, MessageParcel& reply); - void RemovePermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply); - void GetPermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply); - void GetPermissionUsedRecordsAsyncInner(MessageParcel& data, MessageParcel& reply); - void RegisterPermActiveStatusCallbackInner(MessageParcel& data, MessageParcel& reply); - void UnRegisterPermActiveStatusCallbackInner(MessageParcel& data, MessageParcel& reply); - void IsAllowedUsingPermissionInner(MessageParcel& data, MessageParcel& reply); -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE - void RegisterSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply); - void UpdateSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply); - void GetSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply); - void GetSpecialSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply); - bool IsSecCompServiceCalling(); -#endif - void GetPermissionUsedTypeInfosInner(MessageParcel& data, MessageParcel& reply); - void SetMutePolicyInner(MessageParcel& data, MessageParcel& reply); - void SetHapWithFGReminderInner(MessageParcel& data, MessageParcel& reply); - bool IsPrivilegedCalling() const; - bool IsAccessTokenCalling() const; - bool IsSystemAppCalling() const; - bool VerifyPermission(const std::string& permission) const; - static const int32_t ACCESSTOKEN_UID = 3020; -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE - AccessTokenID secCompTokenId_ = 0; -#endif - void SetPrivacyFuncInMap(); -#ifndef ATM_BUILD_VARIANT_USER_ENABLE - static const int32_t ROOT_UID = 0; -#endif - - using RequestType = void (PrivacyManagerStub::*)(MessageParcel &data, MessageParcel &reply); - std::map requestMap_; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // PRIVACY_MANAGER_STUB_H diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index c4ab4f485..9dfd852a0 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -649,6 +649,9 @@ int32_t PermissionRecordManager::GetPermissionUsedRecords( int32_t PermissionRecordManager::GetPermissionUsedRecordsAsync( const PermissionUsedRequest& request, const sptr& callback) { + if (callback == nullptr) { + return PrivacyError::ERR_PARAM_INVALID; + } auto task = [request, callback]() { LOGI(PRI_DOMAIN, PRI_TAG, "GetPermissionUsedRecordsAsync task called"); PermissionUsedResult result; diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index 1eb81c9e7..b953cb250 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022-2024 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -19,6 +19,7 @@ #include #include "access_token.h" +#include "accesstoken_kit.h" #include "accesstoken_common_log.h" #include "active_status_callback_manager.h" #include "ipc_skeleton.h" @@ -29,16 +30,27 @@ #include "constant.h" #include "ipc_skeleton.h" #include "permission_record_manager.h" +#include "privacy_error.h" #include "privacy_manager_proxy_death_param.h" #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE #include "privacy_sec_comp_enhance_agent.h" #endif #include "system_ability_definition.h" #include "string_ex.h" +#include "tokenid_kit.h" namespace OHOS { namespace Security { namespace AccessToken { +namespace { +constexpr const char* PERMISSION_USED_STATS = "ohos.permission.PERMISSION_USED_STATS"; +constexpr const char* PERMISSION_RECORD_TOGGLE = "ohos.permission.PERMISSION_RECORD_TOGGLE"; +constexpr const char* SET_FOREGROUND_HAP_REMINDER = "ohos.permission.SET_FOREGROUND_HAP_REMINDER"; +constexpr const char* SET_MUTE_POLICY = "ohos.permission.SET_MUTE_POLICY"; +static const int32_t SA_ID_PRIVACY_MANAGER_SERVICE = 3505; +static const uint32_t MAX_PERMISSION_USED_TYPE_SIZE = 2000; +static const uint32_t PERM_LIST_SIZE_MAX = 1024; +} const bool REGISTER_RESULT = SystemAbility::MakeAndRegisterAbility(DelayedSingleton::GetInstance().get()); @@ -87,9 +99,16 @@ void PrivacyManagerService::OnStop() state_ = ServiceRunningState::STATE_NOT_START; } -int32_t PrivacyManagerService::AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel, - bool asyncMode) +int32_t PrivacyManagerService::AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + LOGD(PRI_DOMAIN, PRI_TAG, "id: %{public}d, perm: %{public}s, succCnt: %{public}d," " failCnt: %{public}d, type: %{public}d", infoParcel.info.tokenId, infoParcel.info.permissionName.c_str(), infoParcel.info.successCount, infoParcel.info.failCount, infoParcel.info.type); @@ -97,14 +116,43 @@ int32_t PrivacyManagerService::AddPermissionUsedRecord(const AddPermParamInfoPar return PermissionRecordManager::GetInstance().AddPermissionUsedRecord(info); } +int32_t PrivacyManagerService::AddPermissionUsedRecordAsync(const AddPermParamInfoParcel& infoParcel) +{ + return AddPermissionUsedRecord(infoParcel); +} + int32_t PrivacyManagerService::SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!IsPrivilegedCalling() && !VerifyPermission(PERMISSION_RECORD_TOGGLE)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + if (userID != 0 && !IsPrivilegedCalling()) { + LOGE(PRI_DOMAIN, PRI_TAG, "User version only get calling userID."); + return PrivacyError::ERR_PERMISSION_DENIED; + } + LOGI(PRI_DOMAIN, PRI_TAG, "userID: %{public}d, status: %{public}d", userID, status ? 1 : 0); return PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(userID, status); } int32_t PrivacyManagerService::GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!IsPrivilegedCalling() && !VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + if (userID != 0 && !IsPrivilegedCalling()) { + LOGE(PRI_DOMAIN, PRI_TAG, "User version only get calling userID."); + return PrivacyError::ERR_PERMISSION_DENIED; + } + LOGD(PRI_DOMAIN, PRI_TAG, "userID: %{public}d, status: %{public}d", userID, status ? 1 : 0); return PermissionRecordManager::GetInstance().GetPermissionUsedRecordToggleStatus(userID, status); } @@ -155,15 +203,31 @@ void PrivacyManagerService::ReleaseDeathStub(int32_t callerPid) int32_t PrivacyManagerService::StartUsingPermission( const PermissionUsedTypeInfoParcel &infoParcel, const sptr& anonyStub) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + int32_t callerPid = IPCSkeleton::GetCallingPid(); LOGI(PRI_DOMAIN, PRI_TAG, "Caller pid = %{public}d.", callerPid); ProcessProxyDeathStub(anonyStub, callerPid); return PermissionRecordManager::GetInstance().StartUsingPermission(infoParcel.info, callerPid); } -int32_t PrivacyManagerService::StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel, +int32_t PrivacyManagerService::StartUsingPermissionCallback(const PermissionUsedTypeInfoParcel &infoParcel, const sptr& callback, const sptr& anonyStub) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + int32_t callerPid = IPCSkeleton::GetCallingPid(); LOGI(PRI_DOMAIN, PRI_TAG, "Caller pid = %{public}d.", callerPid); ProcessProxyDeathStub(anonyStub, callerPid); @@ -173,6 +237,14 @@ int32_t PrivacyManagerService::StartUsingPermission(const PermissionUsedTypeInfo int32_t PrivacyManagerService::StopUsingPermission( AccessTokenID tokenId, int32_t pid, const std::string& permissionName) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + LOGI(PRI_DOMAIN, PRI_TAG, "id: %{public}u, pid: %{public}d, perm: %{public}s", tokenId, pid, permissionName.c_str()); int32_t callerPid = IPCSkeleton::GetCallingPid(); @@ -189,14 +261,30 @@ int32_t PrivacyManagerService::StopUsingPermission( int32_t PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenId) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!IsAccessTokenCalling() && !VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + LOGI(PRI_DOMAIN, PRI_TAG, "id: %{public}u", tokenId); PermissionRecordManager::GetInstance().RemovePermissionUsedRecords(tokenId); return Constant::SUCCESS; } int32_t PrivacyManagerService::GetPermissionUsedRecords( - const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) + const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& resultParcel) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + std::string permissionList; for (const auto& perm : request.request.permissionList) { permissionList.append(perm); @@ -208,20 +296,41 @@ int32_t PrivacyManagerService::GetPermissionUsedRecords( PermissionUsedResult permissionRecord; int32_t ret = PermissionRecordManager::GetInstance().GetPermissionUsedRecords(request.request, permissionRecord); - result.result = permissionRecord; + resultParcel.result = permissionRecord; return ret; } -int32_t PrivacyManagerService::GetPermissionUsedRecords( +int32_t PrivacyManagerService::GetPermissionUsedRecordsAsync( const PermissionUsedRequestParcel& request, const sptr& callback) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + LOGD(PRI_DOMAIN, PRI_TAG, "id: %{public}d", request.request.tokenId); return PermissionRecordManager::GetInstance().GetPermissionUsedRecordsAsync(request.request, callback); } int32_t PrivacyManagerService::RegisterPermActiveStatusCallback( - std::vector& permList, const sptr& callback) + const std::vector& permList, const sptr& callback) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + + if (permList.size() > PERM_LIST_SIZE_MAX) { + LOGE(PRI_DOMAIN, PRI_TAG, "permList oversize"); + return PrivacyError::ERR_OVERSIZE; + } + return PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback( IPCSkeleton::GetCallingTokenID(), permList, callback); } @@ -235,11 +344,19 @@ int32_t PrivacyManagerService::RegisterSecCompEnhance(const SecCompEnhanceDataPa int32_t PrivacyManagerService::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) { + if (!IsSecCompServiceCalling()) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + return PrivacySecCompEnhanceAgent::GetInstance().UpdateSecCompEnhance(pid, seqNum); } int32_t PrivacyManagerService::GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) { + if (!IsSecCompServiceCalling()) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + SecCompEnhanceData enhanceData; int32_t res = PrivacySecCompEnhanceAgent::GetInstance().GetSecCompEnhance(pid, enhanceData); if (res != RET_SUCCESS) { @@ -254,6 +371,10 @@ int32_t PrivacyManagerService::GetSecCompEnhance(int32_t pid, SecCompEnhanceData int32_t PrivacyManagerService::GetSpecialSecCompEnhance(const std::string& bundleName, std::vector& enhanceParcelList) { + if (!IsSecCompServiceCalling()) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + std::vector enhanceList; PrivacySecCompEnhanceAgent::GetInstance().GetSpecialSecCompEnhance(bundleName, enhanceList); for (const auto& enhance : enhanceList) { @@ -334,20 +455,42 @@ int32_t PrivacyManagerService::Dump(int32_t fd, const std::vector& callback) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + return PermissionRecordManager::GetInstance().UnRegisterPermActiveStatusCallback(callback); } -bool PrivacyManagerService::IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName, - int32_t pid) +int32_t PrivacyManagerService::IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName, + int32_t pid, bool& isAllowed) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + LOGE(PRI_DOMAIN, PRI_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + LOGI(PRI_DOMAIN, PRI_TAG, "Id: %{public}d, perm: %{public}s, pid: %{public}d.", tokenId, permissionName.c_str(), pid); - return PermissionRecordManager::GetInstance().IsAllowedUsingPermission(tokenId, permissionName, pid); + isAllowed = PermissionRecordManager::GetInstance().IsAllowedUsingPermission(tokenId, permissionName, pid); + return ERR_OK; } int32_t PrivacyManagerService::SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, AccessTokenID tokenID) { + if (!VerifyPermission(SET_MUTE_POLICY)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + LOGI(PRI_DOMAIN, PRI_TAG, "PolicyType %{public}d, callerType %{public}d, isMute %{public}d, tokenId %{public}u", policyType, callerType, isMute, tokenID); return PermissionRecordManager::GetInstance().SetMutePolicy( @@ -356,6 +499,10 @@ int32_t PrivacyManagerService::SetMutePolicy(uint32_t policyType, uint32_t calle int32_t PrivacyManagerService::SetHapWithFGReminder(uint32_t tokenId, bool isAllowed) { + if (!VerifyPermission(SET_FOREGROUND_HAP_REMINDER)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + LOGI(PRI_DOMAIN, PRI_TAG, "id: %{public}d, isAllowed: %{public}d", tokenId, isAllowed); return PermissionRecordManager::GetInstance().SetHapWithFGReminder(tokenId, isAllowed); } @@ -363,14 +510,25 @@ int32_t PrivacyManagerService::SetHapWithFGReminder(uint32_t tokenId, bool isAll int32_t PrivacyManagerService::GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, std::vector& resultsParcel) { - LOGD(PRI_DOMAIN, PRI_TAG, "id: %{public}d, perm: %{public}s", tokenId, permissionName.c_str()); + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return PrivacyError::ERR_NOT_SYSTEM_APP; + } + if (!VerifyPermission(PERMISSION_USED_STATS)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + LOGD(PRI_DOMAIN, PRI_TAG, "id: %{public}d, perm: %{public}s", tokenId, permissionName.c_str()); std::vector results; int32_t res = PermissionRecordManager::GetInstance().GetPermissionUsedTypeInfos(tokenId, permissionName, results); if (res != RET_SUCCESS) { return res; } + if (results.size() > MAX_PERMISSION_USED_TYPE_SIZE) { + return PrivacyError::ERR_OVERSIZE; + } + for (const auto& result : results) { PermissionUsedTypeInfoParcel parcel; parcel.info = result; @@ -411,6 +569,50 @@ bool PrivacyManagerService::Initialize() #endif return true; } + +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE +bool PrivacyManagerService::IsSecCompServiceCalling() +{ + uint32_t tokenCaller = IPCSkeleton::GetCallingTokenID(); + if (secCompTokenId_ == 0) { + secCompTokenId_ = AccessTokenKit::GetNativeTokenId("security_component_service"); + } + return tokenCaller == secCompTokenId_; +} +#endif + +bool PrivacyManagerService::IsPrivilegedCalling() const +{ + // shell process is root in debug mode. +#ifndef ATM_BUILD_VARIANT_USER_ENABLE + int32_t callingUid = IPCSkeleton::GetCallingUid(); + return callingUid == ROOT_UID; +#else + return false; +#endif +} + +bool PrivacyManagerService::IsAccessTokenCalling() const +{ + int32_t callingUid = IPCSkeleton::GetCallingUid(); + return callingUid == ACCESSTOKEN_UID; +} + +bool PrivacyManagerService::IsSystemAppCalling() const +{ + uint64_t fullTokenId = IPCSkeleton::GetCallingFullTokenID(); + return TokenIdKit::IsSystemAppByFullTokenID(fullTokenId); +} + +bool PrivacyManagerService::VerifyPermission(const std::string& permission) const +{ + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if (AccessTokenKit::VerifyAccessToken(callingTokenID, permission) == PERMISSION_DENIED) { + LOGE(PRI_DOMAIN, PRI_TAG, "Permission denied(callingTokenID=%{public}d)", callingTokenID); + return false; + } + return true; +} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/privacymanager/src/service/privacy_manager_stub.cpp b/services/privacymanager/src/service/privacy_manager_stub.cpp deleted file mode 100644 index 2f16edfa5..000000000 --- a/services/privacymanager/src/service/privacy_manager_stub.cpp +++ /dev/null @@ -1,605 +0,0 @@ -/* - * Copyright (c) 2022-2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "privacy_manager_stub.h" - -#include "accesstoken_kit.h" -#include "accesstoken_common_log.h" -#include "ipc_skeleton.h" -#include "memory_guard.h" -#include "on_permission_used_record_callback_proxy.h" -#include "privacy_error.h" -#include "privacy_manager_proxy_death_param.h" -#include "string_ex.h" -#include "tokenid_kit.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static const uint32_t PERM_LIST_SIZE_MAX = 1024; -constexpr const char* PERMISSION_USED_STATS = "ohos.permission.PERMISSION_USED_STATS"; -constexpr const char* PERMISSION_RECORD_TOGGLE = "ohos.permission.PERMISSION_RECORD_TOGGLE"; -constexpr const char* SET_FOREGROUND_HAP_REMINDER = "ohos.permission.SET_FOREGROUND_HAP_REMINDER"; -constexpr const char* SET_MUTE_POLICY = "ohos.permission.SET_MUTE_POLICY"; -} - -PrivacyManagerStub::PrivacyManagerStub() -{ - SetPrivacyFuncInMap(); -} - -void PrivacyManagerStub::SetPrivacyFuncInMap() -{ - requestMap_[static_cast(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD)] = - &PrivacyManagerStub::AddPermissionUsedRecordInner; - requestMap_[static_cast(PrivacyInterfaceCode::START_USING_PERMISSION)] = - &PrivacyManagerStub::StartUsingPermissionInner; - requestMap_[static_cast(PrivacyInterfaceCode::START_USING_PERMISSION_CALLBACK)] = - &PrivacyManagerStub::StartUsingPermissionCallbackInner; - requestMap_[static_cast(PrivacyInterfaceCode::STOP_USING_PERMISSION)] = - &PrivacyManagerStub::StopUsingPermissionInner; - requestMap_[static_cast(PrivacyInterfaceCode::DELETE_PERMISSION_USED_RECORDS)] = - &PrivacyManagerStub::RemovePermissionUsedRecordsInner; - requestMap_[static_cast(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS)] = - &PrivacyManagerStub::GetPermissionUsedRecordsInner; - requestMap_[static_cast(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS_ASYNC)] = - &PrivacyManagerStub::GetPermissionUsedRecordsAsyncInner; - requestMap_[static_cast(PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK)] = - &PrivacyManagerStub::RegisterPermActiveStatusCallbackInner; - requestMap_[static_cast(PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK)] = - &PrivacyManagerStub::UnRegisterPermActiveStatusCallbackInner; - requestMap_[static_cast(PrivacyInterfaceCode::IS_ALLOWED_USING_PERMISSION)] = - &PrivacyManagerStub::IsAllowedUsingPermissionInner; -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE - requestMap_[static_cast(PrivacyInterfaceCode::REGISTER_SEC_COMP_ENHANCE)] = - &PrivacyManagerStub::RegisterSecCompEnhanceInner; - requestMap_[static_cast(PrivacyInterfaceCode::UPDATE_SEC_COMP_ENHANCE)] = - &PrivacyManagerStub::UpdateSecCompEnhanceInner; - requestMap_[static_cast(PrivacyInterfaceCode::GET_SEC_COMP_ENHANCE)] = - &PrivacyManagerStub::GetSecCompEnhanceInner; - requestMap_[static_cast(PrivacyInterfaceCode::GET_SPECIAL_SEC_COMP_ENHANCE)] = - &PrivacyManagerStub::GetSpecialSecCompEnhanceInner; -#endif - requestMap_[static_cast(PrivacyInterfaceCode::GET_PERMISSION_USED_TYPE_INFOS)] = - &PrivacyManagerStub::GetPermissionUsedTypeInfosInner; - requestMap_[static_cast(PrivacyInterfaceCode::SET_MUTE_POLICY)] = - &PrivacyManagerStub::SetMutePolicyInner; - requestMap_[static_cast(PrivacyInterfaceCode::SET_HAP_WITH_FOREGROUND_REMINDER)] = - &PrivacyManagerStub::SetHapWithFGReminderInner; - requestMap_[static_cast(PrivacyInterfaceCode::SET_PERMISSION_USED_RECORD_TOGGLE_STATUS)] = - &PrivacyManagerStub::SetPermissionUsedRecordToggleStatusInner; - requestMap_[static_cast(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORD_TOGGLE_STATUS)] = - &PrivacyManagerStub::GetPermissionUsedRecordToggleStatusInner; -} -int32_t PrivacyManagerStub::OnRemoteRequest( - uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) -{ - MemoryGuard cacheGuard; - std::u16string descriptor = data.ReadInterfaceToken(); - if (descriptor != IPrivacyManager::GetDescriptor()) { - LOGE(PRI_DOMAIN, PRI_TAG, "Get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str()); - return ERROR_IPC_REQUEST_FAIL; - } - - auto itFunc = requestMap_.find(code); - if (itFunc != requestMap_.end()) { - auto requestFunc = itFunc->second; - if (requestFunc != nullptr) { - (this->*requestFunc)(data, reply); - return NO_ERROR; - } - } - - return IPCObjectStub::OnRemoteRequest(code, data, reply, option); -} - -void PrivacyManagerStub::AddPermissionUsedRecordInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - if (!VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - sptr infoParcel = data.ReadParcelable(); - if (infoParcel == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "ReadParcelable faild"); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - reply.WriteInt32(this->AddPermissionUsedRecord(*infoParcel)); -} - -void PrivacyManagerStub::SetPermissionUsedRecordToggleStatusInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - if (!IsPrivilegedCalling() && !VerifyPermission(PERMISSION_RECORD_TOGGLE)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - int32_t userID = 0; - if (!data.ReadInt32(userID)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read userId."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - if (userID != 0 && !IsPrivilegedCalling()) { - LOGE(PRI_DOMAIN, PRI_TAG, "User version only get calling userID."); - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - bool status = true; - if (!data.ReadBool(status)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read status."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - reply.WriteInt32(this->SetPermissionUsedRecordToggleStatus(userID, status)); -} - -void PrivacyManagerStub::GetPermissionUsedRecordToggleStatusInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - if (!IsPrivilegedCalling() && !VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - int32_t userID = 0; - if (!data.ReadInt32(userID)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read userId."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - if (userID != 0 && !IsPrivilegedCalling()) { - LOGE(PRI_DOMAIN, PRI_TAG, "User version only get calling userID."); - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - bool status = true; - reply.WriteInt32(this->GetPermissionUsedRecordToggleStatus(userID, status)); - reply.WriteBool(status); -} - -void PrivacyManagerStub::StartUsingPermissionInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - if (!VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - sptr info = data.ReadParcelable(); - if (info == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Read parcel fail."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - sptr anonyStub = data.ReadRemoteObject(); - if (anonyStub == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Read ReadRemoteObject fail."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - reply.WriteInt32(this->StartUsingPermission(*info, anonyStub)); -} - -void PrivacyManagerStub::StartUsingPermissionCallbackInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - - if (!VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - sptr info = data.ReadParcelable(); - if (info == nullptr) { - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - sptr callback = data.ReadRemoteObject(); - if (callback == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Read ReadRemoteObject fail"); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - sptr anonyStub = data.ReadRemoteObject(); - if (anonyStub == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Read ReadRemoteObject fail."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - reply.WriteInt32(this->StartUsingPermission(*info, callback, anonyStub)); -} - -void PrivacyManagerStub::StopUsingPermissionInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - if (!VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - AccessTokenID tokenId = data.ReadUint32(); - int32_t pid = data.ReadInt32(); - std::string permissionName = data.ReadString(); - reply.WriteInt32(this->StopUsingPermission(tokenId, pid, permissionName)); -} - -void PrivacyManagerStub::RemovePermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - - if (!IsAccessTokenCalling() && !VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - - AccessTokenID tokenId = data.ReadUint32(); - reply.WriteInt32(this->RemovePermissionUsedRecords(tokenId)); -} - -void PrivacyManagerStub::GetPermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - PermissionUsedResultParcel responseParcel; - if (!VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - sptr requestParcel = data.ReadParcelable(); - if (requestParcel == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "ReadParcelable faild"); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - int32_t result = this->GetPermissionUsedRecords(*requestParcel, responseParcel); - reply.WriteInt32(result); - if (result != RET_SUCCESS) { - LOGE(PRI_DOMAIN, PRI_TAG, "WriteInt32 faild"); - return; - } - reply.WriteParcelable(&responseParcel); -} - -void PrivacyManagerStub::GetPermissionUsedRecordsAsyncInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - - if (!VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - sptr requestParcel = data.ReadParcelable(); - if (requestParcel == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "ReadParcelable failed"); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - sptr callback = new OnPermissionUsedRecordCallbackProxy(data.ReadRemoteObject()); - if (callback == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Callback is null"); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - reply.WriteInt32(this->GetPermissionUsedRecords(*requestParcel, callback)); -} - -void PrivacyManagerStub::RegisterPermActiveStatusCallbackInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - if (!VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - uint32_t permListSize = data.ReadUint32(); - if (permListSize > PERM_LIST_SIZE_MAX) { - LOGE(PRI_DOMAIN, PRI_TAG, "Read permListSize fail"); - reply.WriteInt32(PrivacyError::ERR_OVERSIZE); - return; - } - std::vector permList; - for (uint32_t i = 0; i < permListSize; i++) { - std::string perm = data.ReadString(); - permList.emplace_back(perm); - } - sptr callback = data.ReadRemoteObject(); - if (callback == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Read ReadRemoteObject fail"); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - reply.WriteInt32(this->RegisterPermActiveStatusCallback(permList, callback)); -} - -void PrivacyManagerStub::UnRegisterPermActiveStatusCallbackInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - if (!VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - sptr callback = data.ReadRemoteObject(); - if (callback == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Read scopeParcel fail"); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - reply.WriteInt32(this->UnRegisterPermActiveStatusCallback(callback)); -} - -void PrivacyManagerStub::IsAllowedUsingPermissionInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - LOGE(PRI_DOMAIN, PRI_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); - reply.WriteBool(false); - return; - } - - if (!VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteBool(false); - return; - } - - AccessTokenID tokenId = data.ReadUint32(); - std::string permissionName = data.ReadString(); - int32_t pid = data.ReadInt32(); - - bool result = this->IsAllowedUsingPermission(tokenId, permissionName, pid); - if (!reply.WriteBool(result)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteBool(%{public}s)", permissionName.c_str()); - reply.WriteBool(false); - return; - } -} - -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -void PrivacyManagerStub::RegisterSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply) -{ - sptr requestParcel = data.ReadParcelable(); - if (requestParcel == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "ReadParcelable faild"); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - reply.WriteInt32(this->RegisterSecCompEnhance(*requestParcel)); -} - -void PrivacyManagerStub::UpdateSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsSecCompServiceCalling()) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - - int32_t pid = data.ReadInt32(); - uint32_t seqNum = data.ReadUint32(); - reply.WriteInt32(this->UpdateSecCompEnhance(pid, seqNum)); -} - -void PrivacyManagerStub::GetSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsSecCompServiceCalling()) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - - int32_t pid = data.ReadInt32(); - SecCompEnhanceDataParcel parcel; - int32_t result = this->GetSecCompEnhance(pid, parcel); - reply.WriteInt32(result); - if (result != RET_SUCCESS) { - return; - } - - reply.WriteParcelable(&parcel); -} - -void PrivacyManagerStub::GetSpecialSecCompEnhanceInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsSecCompServiceCalling()) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - - std::string bundleName = data.ReadString(); - std::vector parcelList; - int32_t result = this->GetSpecialSecCompEnhance(bundleName, parcelList); - reply.WriteInt32(result); - if (result != RET_SUCCESS) { - return; - } - reply.WriteUint32(parcelList.size()); - for (const auto& parcel : parcelList) { - reply.WriteParcelable(&parcel); - } -} - -bool PrivacyManagerStub::IsSecCompServiceCalling() -{ - uint32_t tokenCaller = IPCSkeleton::GetCallingTokenID(); - if (secCompTokenId_ == 0) { - secCompTokenId_ = AccessTokenKit::GetNativeTokenId("security_component_service"); - } - return tokenCaller == secCompTokenId_; -} -#endif - -void PrivacyManagerStub::GetPermissionUsedTypeInfosInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - reply.WriteInt32(PrivacyError::ERR_NOT_SYSTEM_APP); - return; - } - if (!VerifyPermission(PERMISSION_USED_STATS)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - AccessTokenID tokenId = data.ReadUint32(); - std::string permissionName = data.ReadString(); - std::vector resultsParcel; - int32_t result = this->GetPermissionUsedTypeInfos(tokenId, permissionName, resultsParcel); - if (!reply.WriteInt32(result)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteInt32(%{public}d-%{public}s)", tokenId, permissionName.c_str()); - return; - } - reply.WriteUint32(resultsParcel.size()); - for (const auto& parcel : resultsParcel) { - reply.WriteParcelable(&parcel); - } -} - -void PrivacyManagerStub::SetMutePolicyInner(MessageParcel& data, MessageParcel& reply) -{ - if (!VerifyPermission(SET_MUTE_POLICY)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - uint32_t policyType; - if (!data.ReadUint32(policyType)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read policyType."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - uint32_t callerType; - if (!data.ReadUint32(callerType)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read callerType."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - bool isMute; - if (!data.ReadBool(isMute)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read isMute."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - uint32_t tokenID; - if (!data.ReadUint32(tokenID)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read tokenID."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - - int32_t result = this->SetMutePolicy(policyType, callerType, isMute, tokenID); - if (!reply.WriteInt32(result)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteInt32."); - return; - } -} - -void PrivacyManagerStub::SetHapWithFGReminderInner(MessageParcel& data, MessageParcel& reply) -{ - if (!VerifyPermission(SET_FOREGROUND_HAP_REMINDER)) { - reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED); - return; - } - uint32_t tokenId; - if (!data.ReadUint32(tokenId)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read tokenId."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - bool isAllowed; - if (!data.ReadBool(isAllowed)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to read isAllowed."); - reply.WriteInt32(PrivacyError::ERR_READ_PARCEL_FAILED); - return; - } - - int32_t result = this->SetHapWithFGReminder(tokenId, isAllowed); - if (!reply.WriteInt32(result)) { - LOGE(PRI_DOMAIN, PRI_TAG, "Failed to WriteInt32."); - return; - } -} - -bool PrivacyManagerStub::IsPrivilegedCalling() const -{ - // shell process is root in debug mode. -#ifndef ATM_BUILD_VARIANT_USER_ENABLE - int32_t callingUid = IPCSkeleton::GetCallingUid(); - return callingUid == ROOT_UID; -#else - return false; -#endif -} - -bool PrivacyManagerStub::IsAccessTokenCalling() const -{ - int32_t callingUid = IPCSkeleton::GetCallingUid(); - return callingUid == ACCESSTOKEN_UID; -} - -bool PrivacyManagerStub::IsSystemAppCalling() const -{ - uint64_t fullTokenId = IPCSkeleton::GetCallingFullTokenID(); - return TokenIdKit::IsSystemAppByFullTokenID(fullTokenId); -} - -bool PrivacyManagerStub::VerifyPermission(const std::string& permission) const -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if (AccessTokenKit::VerifyAccessToken(callingTokenID, permission) == PERMISSION_DENIED) { - LOGE(PRI_DOMAIN, PRI_TAG, "Permission denied(callingTokenID=%{public}d)", callingTokenID); - return false; - } - return true; -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS diff --git a/services/privacymanager/test/coverage/BUILD.gn b/services/privacymanager/test/coverage/BUILD.gn index d3f3bde0d..79a2a8f51 100644 --- a/services/privacymanager/test/coverage/BUILD.gn +++ b/services/privacymanager/test/coverage/BUILD.gn @@ -70,14 +70,16 @@ if (is_standard_system && ability_base_enable == true) { "../../src/sensitive/audio_manager/audio_manager_adapter.cpp", "../../src/sensitive/camera_manager/camera_manager_adapter.cpp", "../../src/service/privacy_manager_service.cpp", - "../../src/service/privacy_manager_stub.cpp", "permission_record_manager_coverage_test.cpp", "sensitive_manager_coverage_test.cpp", ] cflags_cc = [ "-DHILOG_ENABLE" ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx", @@ -90,6 +92,7 @@ if (is_standard_system && ability_base_enable == true) { "${access_token_path}/services/common:accesstoken_service_common", "${access_token_path}/services/common/proxy_death:proxy_death_handler", "${access_token_path}/services/privacymanager:privacy_manager_service", + "${access_token_path}/services/privacymanager:privacy_manager_stub", ] external_deps = [ diff --git a/services/privacymanager/test/unittest/BUILD.gn b/services/privacymanager/test/unittest/BUILD.gn index a483f42c3..09e69fde2 100644 --- a/services/privacymanager/test/unittest/BUILD.gn +++ b/services/privacymanager/test/unittest/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2022-2024 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -71,7 +71,6 @@ if (is_standard_system && ability_base_enable == true) { "../../src/sensitive/audio_manager/audio_manager_adapter.cpp", "../../src/sensitive/camera_manager/camera_manager_adapter.cpp", "../../src/service/privacy_manager_service.cpp", - "../../src/service/privacy_manager_stub.cpp", "permission_record_db_test.cpp", "permission_record_manager_test.cpp", "permission_record_set_test.cpp", @@ -82,7 +81,10 @@ if (is_standard_system && ability_base_enable == true) { cflags_cc = [ "-DHILOG_ENABLE" ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx", @@ -96,6 +98,7 @@ if (is_standard_system && ability_base_enable == true) { "${access_token_path}/services/common/proxy_death:proxy_death_handler", "${access_token_path}/services/common/proxy_death:proxy_death_stub", "${access_token_path}/services/privacymanager:privacy_manager_service", + "${access_token_path}/services/privacymanager:privacy_manager_stub", ] external_deps = [ diff --git a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp index fa3f3f1d4..a0839f50f 100644 --- a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp +++ b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp @@ -18,6 +18,7 @@ #include "accesstoken_kit.h" #include "constant.h" +#include "iprivacy_manager.h" #include "on_permission_used_record_callback_stub.h" #define private public #include "permission_record_manager.h" @@ -44,6 +45,7 @@ static constexpr int32_t PERMISSION_USAGE_RECORDS_MAX_NUM = 10; constexpr const char* CAMERA_PERMISSION_NAME = "ohos.permission.CAMERA"; constexpr const char* MICROPHONE_PERMISSION_NAME = "ohos.permission.MICROPHONE"; constexpr const char* LOCATION_PERMISSION_NAME = "ohos.permission.LOCATION"; +static const uint32_t PERM_LIST_SIZE_MAX = 1024; static PermissionStateFull g_testState = { .permissionName = "ohos.permission.CAMERA", .isGeneral = true, @@ -206,18 +208,24 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission001, TestSize.Level1 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); - ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, MICROPHONE_PERMISSION_NAME, -1)); - ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, LOCATION_PERMISSION_NAME, -1)); - ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1)); + bool isAllowed = false; + privacyManagerService_->IsAllowedUsingPermission(tokenId, MICROPHONE_PERMISSION_NAME, -1, isAllowed); + ASSERT_EQ(false, isAllowed); + privacyManagerService_->IsAllowedUsingPermission(tokenId, LOCATION_PERMISSION_NAME, -1, isAllowed); + ASSERT_EQ(false, isAllowed); + privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1, isAllowed); + ASSERT_EQ(false, isAllowed); #ifdef CAMERA_FLOAT_WINDOW_ENABLE // not pip PermissionRecordManager::GetInstance().NotifyCameraWindowChange(false, tokenId, false); - ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1)); + privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1, isAllowed); + ASSERT_EQ(false, isAllowed); PermissionRecordManager::GetInstance().NotifyCameraWindowChange(false, tokenId, false); // pip PermissionRecordManager::GetInstance().NotifyCameraWindowChange(true, tokenId, false); - ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1)); + privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1, isAllowed); + ASSERT_EQ(false, isAllowed); #endif } @@ -231,17 +239,21 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission002, TestSize.Level1 { AccessTokenID tokenId = PrivacyTestCommon::GetNativeTokenIdFromProcess("privacy_service"); // invalid tokenId - ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(0, CAMERA_PERMISSION_NAME, -1)); + bool isAllowed = false; + privacyManagerService_->IsAllowedUsingPermission(0, CAMERA_PERMISSION_NAME, -1, isAllowed); + ASSERT_EQ(false, isAllowed); // native tokenId - ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1)); + privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1, isAllowed); + ASSERT_EQ(false, isAllowed); // invalid permission AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); - ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, "test", -1)); + privacyManagerService_->IsAllowedUsingPermission(tokenId, "test", -1, isAllowed); + ASSERT_EQ(false, isAllowed); } /* @@ -257,117 +269,9 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission003, TestSize.Level1 AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(INVALID_TOKENID, tokenId); - ASSERT_EQ(false, privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1)); -} - -class TestPrivacyManagerStub : public PrivacyManagerStub { -public: - TestPrivacyManagerStub() = default; - virtual ~TestPrivacyManagerStub() = default; - - int32_t AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel, bool asyncMode = false) - { - return RET_SUCCESS; - } - int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) - { - return RET_SUCCESS; - } - int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) - { - return RET_SUCCESS; - } - int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel& info, const sptr& anonyStub) - { - return RET_SUCCESS; - } - int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel& info, - const sptr& callback, const sptr& anonyStub) - { - return RET_SUCCESS; - } - int32_t StopUsingPermission(AccessTokenID tokenID, int32_t pid, const std::string& permissionName) - { - return RET_SUCCESS; - } - int32_t RemovePermissionUsedRecords(AccessTokenID tokenID) - { - return RET_SUCCESS; - } - int32_t GetPermissionUsedRecords( - const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) - { - return RET_SUCCESS; - } - int32_t GetPermissionUsedRecords( - const PermissionUsedRequestParcel& request, const sptr& callback) - { - return RET_SUCCESS; - } - int32_t RegisterPermActiveStatusCallback( - std::vector& permList, const sptr& callback) - { - return RET_SUCCESS; - } - int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) - { - return RET_SUCCESS; - } - bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid) - { - return true; - } - int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, - std::vector& resultsParcel) - { - return RET_SUCCESS; - } - int32_t SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, uint32_t tokenID) - { - return RET_SUCCESS; - } - int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed) - { - return RET_SUCCESS; - } -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE - int32_t RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel) - { - return RET_SUCCESS; - } - int32_t DepositSecCompEnhance(const std::vector& enhanceParcelList) - { - return RET_SUCCESS; - } - int32_t RecoverSecCompEnhance(std::vector& enhanceParcelList) - { - return RET_SUCCESS; - } -#endif -}; - -/** - * @tc.name: OnRemoteRequest001 - * @tc.desc: OnRemoteRequest test. - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(PrivacyManagerServiceTest, OnRemoteRequest001, TestSize.Level1) -{ - TestPrivacyManagerStub testSub; - MessageParcel data; - std::string descriptor = "I don't know"; - data.WriteInterfaceToken(OHOS::Str8ToStr16(descriptor)); - - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - // descriptor error - ASSERT_EQ(PrivacyError::ERROR_IPC_REQUEST_FAIL, testSub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD), data, reply, option)); - - uint32_t code = 99999999; // code not exsit - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_NE(RET_SUCCESS, testSub.OnRemoteRequest(code, data, reply, option)); // descriptor true + error msgCode + bool isAllowed = false; + privacyManagerService_->IsAllowedUsingPermission(tokenId, CAMERA_PERMISSION_NAME, -1, isAllowed); + ASSERT_EQ(false, isAllowed); } /** @@ -378,27 +282,22 @@ HWTEST_F(PrivacyManagerServiceTest, OnRemoteRequest001, TestSize.Level1) */ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner001, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - std::string permissionName = "ohos.permission.test"; + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission int32_t successCount = 1; // number 1 int32_t failCount = 1; // number 1 - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); AddPermParamInfoParcel infoParcel; infoParcel.info.tokenId = tokenID; infoParcel.info.permissionName = permissionName; infoParcel.info.successCount = successCount; infoParcel.info.failCount = failCount; - ASSERT_EQ(true, data.WriteParcelable(&infoParcel)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD), data, reply, option)); + // callingTokenID is native token hdcd with need permission, but input tokenID is not a real hap - ASSERT_EQ(RET_SUCCESS, reply.ReadInt32()); + int32_t ret = privacyManagerService_->AddPermissionUsedRecord(infoParcel); + + EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret); + EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret); } /** @@ -409,30 +308,24 @@ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner001, TestSize.Le */ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner002, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - std::string permissionName = "ohos.permission.test"; + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission int32_t successCount = 1; // number 1 int32_t failCount = 1; // number 1 - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - std::vector reqPerm; MockHapToken mock("AddPermissionUsedRecordInner002", reqPerm, false); // set self tokenID to normal app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); AddPermParamInfoParcel infoParcel; infoParcel.info.tokenId = tokenID; infoParcel.info.permissionName = permissionName; infoParcel.info.successCount = successCount; infoParcel.info.failCount = failCount; - ASSERT_EQ(true, data.WriteParcelable(&infoParcel)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD), data, reply, option)); + // callingTokenID is normal hap without need permission - ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32()); + int32_t ret = privacyManagerService_->AddPermissionUsedRecord(infoParcel); + + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret); } /** @@ -443,30 +336,106 @@ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner002, TestSize.Le */ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner003, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - std::string permissionName = "ohos.permission.test"; + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission int32_t successCount = 1; // number 1 int32_t failCount = 1; // number 1 - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - std::vector reqPerm; MockHapToken mock("AddPermissionUsedRecordInner003", reqPerm, true); // set self tokenID to system app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); AddPermParamInfoParcel infoParcel; infoParcel.info.tokenId = tokenID; infoParcel.info.permissionName = permissionName; infoParcel.info.successCount = successCount; infoParcel.info.failCount = failCount; - ASSERT_EQ(true, data.WriteParcelable(&infoParcel)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD), data, reply, option)); - // callingTokenID is system hap without need permission - ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32()); + + // callingTokenID is normal hap without need permission + int32_t ret = privacyManagerService_->AddPermissionUsedRecord(infoParcel); + + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret); +} + +/** + * @tc.name: AddPermissionUsedRecordAsyncInner001 + * @tc.desc: AddPermissionUsedRecordAsyncInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner001, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + int32_t successCount = 1; // number 1 + int32_t failCount = 1; // number 1 + + AddPermParamInfoParcel infoParcel; + infoParcel.info.tokenId = tokenID; + infoParcel.info.permissionName = permissionName; + infoParcel.info.successCount = successCount; + infoParcel.info.failCount = failCount; + + // callingTokenID is native token hdcd with need permission, but input tokenID is not a real hap + int32_t ret = privacyManagerService_->AddPermissionUsedRecordAsync(infoParcel); + + EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret); + EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret); +} + +/** + * @tc.name: AddPermissionUsedRecordAsyncInner002 + * @tc.desc: AddPermissionUsedRecordAsyncInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner002, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + int32_t successCount = 1; // number 1 + int32_t failCount = 1; // number 1 + + std::vector reqPerm; + MockHapToken mock("AddPermissionUsedRecordAsyncInner002", reqPerm, false); // set self tokenID to normal app + + AddPermParamInfoParcel infoParcel; + infoParcel.info.tokenId = tokenID; + infoParcel.info.permissionName = permissionName; + infoParcel.info.successCount = successCount; + infoParcel.info.failCount = failCount; + + // callingTokenID is normal hap without need permission + int32_t ret = privacyManagerService_->AddPermissionUsedRecordAsync(infoParcel); + + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret); +} + +/** + * @tc.name: AddPermissionUsedRecordAsyncInner003 + * @tc.desc: AddPermissionUsedRecordAsyncInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner003, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + int32_t successCount = 1; // number 1 + int32_t failCount = 1; // number 1 + + std::vector reqPerm; + MockHapToken mock("AddPermissionUsedRecordAsyncInner003", reqPerm, true); // set self tokenID to system app + + AddPermParamInfoParcel infoParcel; + infoParcel.info.tokenId = tokenID; + infoParcel.info.permissionName = permissionName; + infoParcel.info.successCount = successCount; + infoParcel.info.failCount = failCount; + + // callingTokenID is normal hap without need permission + int32_t ret = privacyManagerService_->AddPermissionUsedRecordAsync(infoParcel); + + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret); } /** @@ -480,17 +449,8 @@ HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner001, int32_t userID = 1; bool status = true; - TestPrivacyManagerStub testStub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteInt32(userID)); - ASSERT_EQ(true, data.WriteBool(status)); - ASSERT_EQ(RET_SUCCESS, testStub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::SET_PERMISSION_USED_RECORD_TOGGLE_STATUS), data, reply, option)); - ASSERT_EQ(RET_SUCCESS, reply.ReadInt32()); + int32_t ret = privacyManagerService_->SetPermissionUsedRecordToggleStatus(userID, status); + ASSERT_EQ(RET_SUCCESS, ret); } /** @@ -504,20 +464,11 @@ HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner002, int32_t userID = 1; bool status = true; - TestPrivacyManagerStub testStub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - std::vector reqPerm; MockHapToken mock("SetPermissionUsedRecordToggleStatusInner002", reqPerm, false); // set self tokenID to normal app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteInt32(userID)); - ASSERT_EQ(true, data.WriteBool(status)); - ASSERT_EQ(RET_SUCCESS, testStub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::SET_PERMISSION_USED_RECORD_TOGGLE_STATUS), data, reply, option)); - ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32()); + int32_t ret = privacyManagerService_->SetPermissionUsedRecordToggleStatus(userID, status); + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret); } /** @@ -531,17 +482,8 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner001, int32_t userID = 1; bool status = true; - TestPrivacyManagerStub testStub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteInt32(userID)); - ASSERT_EQ(true, data.WriteBool(status)); - ASSERT_EQ(RET_SUCCESS, testStub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORD_TOGGLE_STATUS), data, reply, option)); - ASSERT_EQ(RET_SUCCESS, reply.ReadInt32()); + int32_t ret = privacyManagerService_->GetPermissionUsedRecordToggleStatus(userID, status); + ASSERT_EQ(RET_SUCCESS, ret); } /** @@ -555,20 +497,11 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner002, int32_t userID = 1; bool status = true; - TestPrivacyManagerStub testStub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - std::vector reqPerm; MockHapToken mock("GetPermissionUsedRecordToggleStatusInner002", reqPerm, false); // set self tokenID to normal app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteInt32(userID)); - ASSERT_EQ(true, data.WriteBool(status)); - ASSERT_EQ(RET_SUCCESS, testStub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORD_TOGGLE_STATUS), data, reply, option)); - ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32()); + int32_t ret = privacyManagerService_->GetPermissionUsedRecordToggleStatus(userID, status); + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret); } /** @@ -579,27 +512,19 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner002, */ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner001, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - std::string permissionName = "ohos.permission.test"; + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission int32_t pid = 456; // 456 is random input - auto anonystub = new (std::nothrow) ProxyDeathCallBackStub(); - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); PermissionUsedTypeInfoParcel parcel; parcel.info.tokenId = tokenID; parcel.info.pid = pid; parcel.info.permissionName = permissionName; - ASSERT_EQ(true, data.WriteParcelable(&parcel)); - ASSERT_EQ(true, data.WriteRemoteObject(anonystub->AsObject())); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::START_USING_PERMISSION), data, reply, option)); - // callingTokenID is native token hdcd with need permission, but input tokenID is not a real hap - ASSERT_EQ(RET_SUCCESS, reply.ReadInt32()); + + // callingTokenID is native token hdcd with need permission, but input tokenID & perm are invalid + int32_t ret = privacyManagerService_->StartUsingPermission(parcel, nullptr); + EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret); + EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret); } /** @@ -610,27 +535,18 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner001, TestSize.Level */ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner002, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - std::string permissionName = "ohos.permission.test"; - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission std::vector reqPerm; MockHapToken mock("StartUsingPermissionInner002", reqPerm, false); // set self tokenID to normal app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); PermissionUsedTypeInfoParcel parcel; parcel.info.tokenId = tokenID; parcel.info.pid = -1; parcel.info.permissionName = permissionName; - ASSERT_EQ(true, data.WriteParcelable(&parcel)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::START_USING_PERMISSION), data, reply, option)); // callingTokenID is normal hap without need permission - ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32()); + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, privacyManagerService_->StartUsingPermission(parcel, nullptr)); } /** @@ -641,41 +557,20 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner002, TestSize.Level */ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner003, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - std::string permissionName = "ohos.permission.test"; - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission std::vector reqPerm; MockHapToken mock("StartUsingPermissionInner003", reqPerm, true); // set self tokenID to system app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); PermissionUsedTypeInfoParcel parcel; parcel.info.tokenId = tokenID; parcel.info.pid = -1; parcel.info.permissionName = permissionName; - ASSERT_EQ(true, data.WriteParcelable(&parcel)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::START_USING_PERMISSION), data, reply, option)); // callingTokenID is system hap without need permission - ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32()); + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, privacyManagerService_->StartUsingPermission(parcel, nullptr)); } -class PrivacyManagerServiceTestCb1 : public StateCustomizedCbk { -public: - PrivacyManagerServiceTestCb1() - {} - - ~PrivacyManagerServiceTestCb1() - {} - - virtual void StateChangeNotify(AccessTokenID tokenId, bool isShow) - {} -}; - /** * @tc.name: StartUsingPermissionCallbackInner001 * @tc.desc: StartUsingPermissionCallbackInner test. @@ -684,33 +579,20 @@ public: */ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner001, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission int32_t pid = 111; - std::string permissionName = "ohos.permission.test"; - auto callbackPtr = std::make_shared(); - ASSERT_NE(nullptr, callbackPtr); - auto callbackWrap = new (std::nothrow) StateChangeCallback(callbackPtr); - ASSERT_NE(nullptr, callbackWrap); - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); std::vector reqPerm; MockHapToken mock("StartUsingPermissionCallbackInner001", reqPerm, true); // set self tokenID to system app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); PermissionUsedTypeInfoParcel parcel; parcel.info.tokenId = tokenID; parcel.info.pid = pid; parcel.info.permissionName = permissionName; - ASSERT_EQ(true, data.WriteParcelable(&parcel)); - ASSERT_EQ(true, data.WriteRemoteObject(callbackWrap->AsObject())); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::START_USING_PERMISSION_CALLBACK), data, reply, option)); // callingTokenID has no request permission - ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32()); + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, + privacyManagerService_->StartUsingPermissionCallback(parcel, nullptr, nullptr)); } /** @@ -721,32 +603,43 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner001, TestSi */ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner002, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission int32_t pid = 11; - std::string permissionName = "ohos.permission.test"; - auto callbackPtr = std::make_shared(); - ASSERT_NE(nullptr, callbackPtr); - auto callbackWrap = new (std::nothrow) StateChangeCallback(callbackPtr); - ASSERT_NE(nullptr, callbackWrap); - auto anonystub = new (std::nothrow) ProxyDeathCallBackStub(); - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); + PermissionUsedTypeInfoParcel parcel; parcel.info.tokenId = tokenID; parcel.info.pid = pid; parcel.info.permissionName = permissionName; - ASSERT_EQ(true, data.WriteParcelable(&parcel)); - ASSERT_EQ(true, data.WriteRemoteObject(callbackWrap->AsObject())); - ASSERT_EQ(true, data.WriteRemoteObject(anonystub->AsObject())); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::START_USING_PERMISSION_CALLBACK), data, reply, option)); + // callingTokenID is native token hdcd with request permission - ASSERT_EQ(RET_SUCCESS, reply.ReadInt32()); + int32_t ret = privacyManagerService_->StartUsingPermissionCallback(parcel, nullptr, nullptr); + EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret); + EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret); +} + +/** + * @tc.name: StartUsingPermissionCallbackInner003 + * @tc.desc: StartUsingPermissionCallbackInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner003, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + int32_t pid = 11; + + std::vector reqPerm; + MockHapToken mock("StartUsingPermissionCallbackInner003", reqPerm, false); // set self tokenID to normal app + + PermissionUsedTypeInfoParcel parcel; + parcel.info.tokenId = tokenID; + parcel.info.pid = pid; + parcel.info.permissionName = permissionName; + + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, + privacyManagerService_->StartUsingPermissionCallback(parcel, nullptr, nullptr)); } /** @@ -757,23 +650,14 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner002, TestSi */ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner001, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission int32_t pid = 11; - std::string permissionName = "ohos.permission.test"; - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteUint32(tokenID)); - ASSERT_EQ(true, data.WriteInt32(pid)); - ASSERT_EQ(true, data.WriteString(permissionName)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::STOP_USING_PERMISSION), data, reply, option)); + // callingTokenID is native token hdcd with need permission, but input tokenID is not a real hap - ASSERT_EQ(RET_SUCCESS, reply.ReadInt32()); + int32_t ret = privacyManagerService_->StopUsingPermission(tokenID, pid, permissionName); + EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret); + EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret); } /** @@ -784,24 +668,16 @@ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner001, TestSize.Level1 */ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner002, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - std::string permissionName = "ohos.permission.test"; - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + int32_t pid = 11; std::vector reqPerm; MockHapToken mock("StopUsingPermissionInner002", reqPerm, false); // set self tokenID to normal app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteUint32(tokenID)); - ASSERT_EQ(true, data.WriteString(permissionName)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::STOP_USING_PERMISSION), data, reply, option)); // callingTokenID is normal hap without need permission - ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32()); + int32_t ret = privacyManagerService_->StopUsingPermission(tokenID, pid, permissionName); + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret); } /** @@ -812,24 +688,16 @@ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner002, TestSize.Level1 */ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner003, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - std::string permissionName = "ohos.permission.test"; - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + int32_t pid = 11; std::vector reqPerm; MockHapToken mock("StopUsingPermissionInner003", reqPerm, true); // set self tokenID to system app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteUint32(tokenID)); - ASSERT_EQ(true, data.WriteString(permissionName)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest( - static_cast(PrivacyInterfaceCode::STOP_USING_PERMISSION), data, reply, option)); // callingTokenID is system hap without need permission - ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32()); + int32_t ret = privacyManagerService_->StopUsingPermission(tokenID, pid, permissionName); + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret); } /** @@ -840,19 +708,10 @@ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner003, TestSize.Level1 */ HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner001, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); + AccessTokenID tokenID = 123; // 123 is invalid tokenID - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteUint32(tokenID)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::DELETE_PERMISSION_USED_RECORDS), data, reply, option)); // callingTokenID is native token hdcd with need permission, but input tokenID is not a real hap - ASSERT_EQ(RET_SUCCESS, reply.ReadInt32()); + ASSERT_EQ(RET_SUCCESS, privacyManagerService_->RemovePermissionUsedRecords(tokenID)); } /** @@ -863,23 +722,31 @@ HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner001, TestSiz */ HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner002, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); + AccessTokenID tokenID = 123; // 123 is invalid tokenID MockNativeToken mock("device_manager"); // set self tokenID to native device_manager AccessTokenID nativeTokenID = GetSelfTokenID(); ASSERT_NE(nativeTokenID, static_cast(0)); - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteUint32(tokenID)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::DELETE_PERMISSION_USED_RECORDS), data, reply, option)); // native token device_manager don't have request permission - ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32()); + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, privacyManagerService_->RemovePermissionUsedRecords(tokenID)); +} + +/** + * @tc.name: RemovePermissionUsedRecordsInner003 + * @tc.desc: RemovePermissionUsedRecordsInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner003, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + + std::vector reqPerm; + MockHapToken mock("RemovePermissionUsedRecordsInner003", reqPerm, false); // set self tokenID to normal app + + // native token device_manager don't have request permission + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, privacyManagerService_->RemovePermissionUsedRecords(tokenID)); } /** @@ -892,18 +759,10 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner001, TestSize.L { PermissionUsedRequestParcel request; request.request.isRemote = true; + PermissionUsedResultParcel resultParcel; - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteParcelable(&request)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS), data, reply, option)); - // callingTokenID is native token hdcd with need permission, remote is true return ERR_PARAM_INVALID - ASSERT_EQ(RET_SUCCESS, reply.ReadInt32()); + // callingTokenID is native token hdcd with need permission + ASSERT_EQ(RET_SUCCESS, privacyManagerService_->GetPermissionUsedRecords(request, resultParcel)); } /** @@ -916,21 +775,14 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner002, TestSize.L { PermissionUsedRequestParcel request; request.request.isRemote = true; - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); + PermissionUsedResultParcel resultParcel; std::vector reqPerm; MockHapToken mock("GetPermissionUsedRecordsInner002", reqPerm, false); // set self tokenID to normal app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteParcelable(&request)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS), data, reply, option)); // callingTokenID is normal hap without need permission - ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32()); + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, + privacyManagerService_->GetPermissionUsedRecords(request, resultParcel)); } /** @@ -943,33 +795,70 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner003, TestSize.L { PermissionUsedRequestParcel request; request.request.isRemote = true; - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); + PermissionUsedResultParcel resultParcel; std::vector reqPerm; MockHapToken mock("GetPermissionUsedRecordsInner003", reqPerm, true); // set self tokenID to system app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteParcelable(&request)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS), data, reply, option)); // callingTokenID is system hap without need permission - ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32()); + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, + privacyManagerService_->GetPermissionUsedRecords(request, resultParcel)); } -class TestCallBack : public OnPermissionUsedRecordCallbackStub { -public: - TestCallBack() = default; - virtual ~TestCallBack() = default; +/** + * @tc.name: GetPermissionUsedRecordsAsyncInner001 + * @tc.desc: GetPermissionUsedRecordsAsyncInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner001, TestSize.Level1) +{ + PermissionUsedRequestParcel request; + request.request.isRemote = true; - void OnQueried(ErrCode code, PermissionUsedResult& result) - { - GTEST_LOG_(INFO) << "TestCallBack, code :" << code << ", bundleSize :" << result.bundleRecords.size(); - } -}; + int32_t ret = privacyManagerService_->GetPermissionUsedRecordsAsync(request, nullptr); + // callingTokenID is native token hdcd with need permission + EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret); + EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret); +} + +/** + * @tc.name: GetPermissionUsedRecordsAsyncInner002 + * @tc.desc: GetPermissionUsedRecordsAsyncInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner002, TestSize.Level1) +{ + PermissionUsedRequestParcel request; + request.request.isRemote = true; + + std::vector reqPerm; + MockHapToken mock("GetPermissionUsedRecordsAsyncInner002", reqPerm, false); // set self tokenID to normal app + + int32_t ret = privacyManagerService_->GetPermissionUsedRecordsAsync(request, nullptr); + // callingTokenID is normal hap without need permission + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret); +} + +/** + * @tc.name: GetPermissionUsedRecordsAsyncInner003 + * @tc.desc: GetPermissionUsedRecordsAsyncInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner003, TestSize.Level1) +{ + PermissionUsedRequestParcel request; + request.request.isRemote = true; + + std::vector reqPerm; + MockHapToken mock("GetPermissionUsedRecordsAsyncInner003", reqPerm, true); // set self tokenID to system app + + int32_t ret = privacyManagerService_->GetPermissionUsedRecordsAsync(request, nullptr); + // callingTokenID is system hap without need permission + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret); +} /** * @tc.name: RegisterPermActiveStatusCallbackInner001 @@ -979,19 +868,11 @@ public: */ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner001, TestSize.Level1) { - std::vector permList = {}; + std::vector permList(PERM_LIST_SIZE_MAX + 1); - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteUint32(permList.size())); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option)); - // callingTokenID is native token hdcd with need permission - ASSERT_EQ(PrivacyError::ERR_READ_PARCEL_FAILED, reply.ReadInt32()); + // permList size oversize + ASSERT_EQ(PrivacyError::ERR_OVERSIZE, + privacyManagerService_->RegisterPermActiveStatusCallback(permList, nullptr)); } /** @@ -1003,20 +884,13 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner001, Te HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner002, TestSize.Level1) { std::vector permList = {}; - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); std::vector reqPerm; MockHapToken mock("RegisterPermActiveStatusCallbackInner002", reqPerm, false); // set self tokenID to normal app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteUint32(permList.size())); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option)); // callingTokenID is normal hap without need permission - ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32()); + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, + privacyManagerService_->RegisterPermActiveStatusCallback(permList, nullptr)); } /** @@ -1027,20 +901,30 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner002, Te */ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner003, TestSize.Level1) { - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); + std::vector permList = {}; std::vector reqPerm; MockHapToken mock("RegisterPermActiveStatusCallbackInner003", reqPerm, true); // set self tokenID to system app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteUint32(0)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option)); // callingTokenID is system hap without need permission - ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32()); + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, + privacyManagerService_->RegisterPermActiveStatusCallback(permList, nullptr)); +} + +/** + * @tc.name: RegisterPermActiveStatusCallbackInner004 + * @tc.desc: RegisterPermActiveStatusCallbackInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner004, TestSize.Level1) +{ + std::vector permList; + + // systemapp with need permission + int32_t ret = privacyManagerService_->RegisterPermActiveStatusCallback(permList, nullptr); + EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret); + EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret); } /** @@ -1051,15 +935,10 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner003, Te */ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner001, TestSize.Level1) { - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option)); - // callingTokenID is native token hdcd with need permission - ASSERT_EQ(PrivacyError::ERR_READ_PARCEL_FAILED, reply.ReadInt32()); + // systemapp with need permission + int32_t ret = privacyManagerService_->UnRegisterPermActiveStatusCallback(nullptr); + EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret); + EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret); } /** @@ -1070,19 +949,12 @@ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner001, */ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner002, TestSize.Level1) { - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - std::vector reqPerm; MockHapToken mock("UnRegisterPermActiveStatusCallbackInner002", reqPerm, false); // set self tokenID to normal app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option)); // callingTokenID is normal hap without need permission - ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, reply.ReadInt32()); + ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, + privacyManagerService_->UnRegisterPermActiveStatusCallback(nullptr)); } /** @@ -1093,19 +965,12 @@ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner002, */ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner003, TestSize.Level1) { - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - std::vector reqPerm; MockHapToken mock("UnRegisterPermActiveStatusCallbackInner003", reqPerm, true); // set self tokenID to system app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK), data, reply, option)); // callingTokenID is system hap without need permission - ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, reply.ReadInt32()); + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, + privacyManagerService_->UnRegisterPermActiveStatusCallback(nullptr)); } /** @@ -1116,21 +981,15 @@ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner003, */ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner001, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - std::string permissionName = "ohos.permission.test"; - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); - - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteUint32(tokenID)); - ASSERT_EQ(true, data.WriteString(permissionName)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::IS_ALLOWED_USING_PERMISSION), data, reply, option)); - // callingTokenID is native token hdcd with need permission, remote is true return ERR_PARAM_INVALID - ASSERT_EQ(true, reply.ReadBool()); + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + int32_t pid = 11; + bool isAllowed = false; + + // callingTokenID is native token hdcd with need permission, but tokenID is invalid + int32_t result = privacyManagerService_->IsAllowedUsingPermission(tokenID, permissionName, pid, isAllowed); + ASSERT_EQ(result, RET_SUCCESS); + ASSERT_EQ(false, isAllowed); } /** @@ -1141,24 +1000,133 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner001, TestSize.L */ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner002, TestSize.Level1) { - AccessTokenID tokenID = 123; // 123 is random input - std::string permissionName = "ohos.permission.test"; - - TestPrivacyManagerStub testSub; - MessageParcel data; - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + int32_t pid = 11; + bool isAllowed = false; std::vector reqPerm; MockHapToken mock("IsAllowedUsingPermissionInner002", reqPerm, false); // set self tokenID to normal app - ASSERT_EQ(true, data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())); - ASSERT_EQ(true, data.WriteUint32(tokenID)); - ASSERT_EQ(true, data.WriteString(permissionName)); - ASSERT_EQ(RET_SUCCESS, testSub.OnRemoteRequest(static_cast( - PrivacyInterfaceCode::IS_ALLOWED_USING_PERMISSION), data, reply, option)); // callingTokenID is normal hap without need permission - ASSERT_EQ(false, reply.ReadBool()); + int32_t result = privacyManagerService_->IsAllowedUsingPermission(tokenID, permissionName, pid, isAllowed); + ASSERT_EQ(result, PrivacyError::ERR_NOT_SYSTEM_APP); +} + +/** + * @tc.name: IsAllowedUsingPermissionInner003 + * @tc.desc: IsAllowedUsingPermissionInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner003, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + int32_t pid = 11; + bool isAllowed = false; + + std::vector reqPerm; + MockHapToken mock("IsAllowedUsingPermissionInner003", reqPerm, true); // set self tokenID to system app + + // callingTokenID is normal hap without need permission + int32_t result = privacyManagerService_->IsAllowedUsingPermission(tokenID, permissionName, pid, isAllowed); + ASSERT_EQ(result, PrivacyError::ERR_PERMISSION_DENIED); +} + +/** + * @tc.name: GetPermissionUsedTypeInfosInner001 + * @tc.desc: GetPermissionUsedTypeInfosInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner001, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + std::vector resultsParcel; + + // systemapp with need permission + int32_t ret = privacyManagerService_->GetPermissionUsedTypeInfos(tokenID, permissionName, resultsParcel); + EXPECT_NE(PrivacyError::ERR_NOT_SYSTEM_APP, ret); + EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret); +} + +/** + * @tc.name: GetPermissionUsedTypeInfosInner002 + * @tc.desc: GetPermissionUsedTypeInfosInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner002, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + std::vector resultsParcel; + + std::vector reqPerm; + MockHapToken mock("GetPermissionUsedTypeInfosInner002", reqPerm, false); // set self tokenID to normal app + + int32_t ret = privacyManagerService_->GetPermissionUsedTypeInfos(tokenID, permissionName, resultsParcel); + EXPECT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret); +} + +/** + * @tc.name: GetPermissionUsedTypeInfosInner003 + * @tc.desc: GetPermissionUsedTypeInfosInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner003, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + std::string permissionName = "ohos.permission.test"; // is invalid permission + std::vector resultsParcel; + + std::vector reqPerm; + MockHapToken mock("GetPermissionUsedTypeInfosInner003", reqPerm, true); // set self tokenID to system app + + int32_t ret = privacyManagerService_->GetPermissionUsedTypeInfos(tokenID, permissionName, resultsParcel); + EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret); +} + +/** + * @tc.name: SetMutePolicyInner001 + * @tc.desc: SetMutePolicyInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner001, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + uint32_t policyType = 0; + uint32_t callerType = 0; + bool isMute = false; + + std::vector reqPerm; + MockHapToken mock("SetMutePolicyInner001", reqPerm, true); // set self tokenID to system app + + int32_t ret = privacyManagerService_->SetMutePolicy(policyType, callerType, isMute, tokenID); + EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret); +} + +/** + * @tc.name: SetHapWithFGReminderInner001 + * @tc.desc: SetHapWithFGReminderInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, SetHapWithFGReminderInner001, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + bool isAllowed = true; + + std::vector reqPerm; + MockHapToken mock("SetHapWithFGReminderInner001", reqPerm, true); // set self tokenID to system app + + // systemapp with need permission + int32_t ret = privacyManagerService_->SetHapWithFGReminder(tokenID, isAllowed); + EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret); } } // namespace AccessToken } // namespace Security diff --git a/test/fuzztest/innerkits/privacy/BUILD.gn b/test/fuzztest/innerkits/privacy/BUILD.gn index 6c9eb2ded..cce6b6df9 100644 --- a/test/fuzztest/innerkits/privacy/BUILD.gn +++ b/test/fuzztest/innerkits/privacy/BUILD.gn @@ -18,6 +18,7 @@ group("fuzztest") { if (is_standard_system && ability_base_enable == true) { deps += [ "addpermissionusedrecord_fuzzer:AddPermissionUsedRecordFuzzTest", + "addpermissionusedrecordasync_fuzzer:AddPermissionUsedRecordAsyncFuzzTest", "getpermissionusedrecords_fuzzer:GetPermissionUsedRecordsFuzzTest", "getpermissionusedrecordtogglestatus_fuzzer:GetPermissionUsedRecordToggleStatusFuzzTest", "getpermissionusedtypeinfos_fuzzer:GetPermissionUsedTypeInfosFuzzTest", diff --git a/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/BUILD.gn b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/BUILD.gn new file mode 100644 index 000000000..da27010f0 --- /dev/null +++ b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/BUILD.gn @@ -0,0 +1,42 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../access_token.gni") + +ohos_fuzztest("AddPermissionUsedRecordAsyncFuzzTest") { + module_out_path = module_output_path_interface_privacy + fuzz_config_file = "." + include_dirs = [ + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/test/fuzztest/common", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "addpermissionusedrecordasync_fuzzer.cpp" ] + + deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] + + configs = [ "${access_token_path}/config:coverage_flags" ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + "ipc:ipc_core", + ] +} diff --git a/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.cpp b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.cpp new file mode 100644 index 000000000..16d20756b --- /dev/null +++ b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.cpp @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "addpermissionusedrecordasync_fuzzer.h" + +#include +#include +#include +#include + +#include "accesstoken_fuzzdata.h" +#undef private +#include "privacy_kit.h" + +using namespace std; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { + bool AddPermissionUsedRecordAsyncFuzzTest(const uint8_t* data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + AccessTokenFuzzData fuzzData(data, size); + + AddPermParamInfo info; + info.tokenId = static_cast(fuzzData.GetData()); + info.permissionName = fuzzData.GenerateStochasticString(); + info.successCount = fuzzData.GetData(); + info.failCount = fuzzData.GetData(); + info.type = fuzzData.GenerateStochasticEnmu(PERM_USED_TYPE_BUTT); + + return PrivacyKit::AddPermissionUsedRecord(info, true) == 0; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::AddPermissionUsedRecordAsyncFuzzTest(data, size); + return 0; +} diff --git a/frameworks/privacy/include/privacy_service_ipc_interface_code.h b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.h similarity index 33% rename from frameworks/privacy/include/privacy_service_ipc_interface_code.h rename to test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.h index db02228f2..a63800093 100644 --- a/frameworks/privacy/include/privacy_service_ipc_interface_code.h +++ b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/addpermissionusedrecordasync_fuzzer.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,38 +13,9 @@ * limitations under the License. */ -#ifndef PRIVACY_SERVICE_IPC_INTERFACE_CODE_H -#define PRIVACY_SERVICE_IPC_INTERFACE_CODE_H +#ifndef TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNC_FUZZER_H +#define TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNC_FUZZER_H -namespace OHOS { -namespace Security { -namespace AccessToken { -/* SAID:3505 */ -enum class PrivacyInterfaceCode { - ADD_PERMISSION_USED_RECORD = 0x0000, - START_USING_PERMISSION, - START_USING_PERMISSION_CALLBACK, - STOP_USING_PERMISSION, - DELETE_PERMISSION_USED_RECORDS, - GET_PERMISSION_USED_RECORDS, - GET_PERMISSION_USED_RECORDS_ASYNC, - REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK, - UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK, - IS_ALLOWED_USING_PERMISSION, -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE - REGISTER_SEC_COMP_ENHANCE, - UPDATE_SEC_COMP_ENHANCE, - GET_SEC_COMP_ENHANCE, - GET_SPECIAL_SEC_COMP_ENHANCE, -#endif - GET_PERMISSION_USED_TYPE_INFOS, - SET_MUTE_POLICY, - SET_HAP_WITH_FOREGROUND_REMINDER, - SET_PERMISSION_USED_RECORD_TOGGLE_STATUS, - GET_PERMISSION_USED_RECORD_TOGGLE_STATUS -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS +#define FUZZ_PROJECT_NAME "addpermissionusedrecordasync_fuzzer" -#endif // PRIVACY_SERVICE_IPC_INTERFACE_CODE_H +#endif // TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNC_FUZZER_H diff --git a/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/corpus/init b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/corpus/init new file mode 100644 index 000000000..65af8ee8d --- /dev/null +++ b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/project.xml b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/project.xml new file mode 100644 index 000000000..66e1dcac4 --- /dev/null +++ b/test/fuzztest/innerkits/privacy/addpermissionusedrecordasync_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/services/privacy/BUILD.gn b/test/fuzztest/services/privacy/BUILD.gn index c27efe960..a978c1437 100644 --- a/test/fuzztest/services/privacy/BUILD.gn +++ b/test/fuzztest/services/privacy/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -18,6 +18,7 @@ group("fuzztest") { if (is_standard_system && ability_base_enable == true) { deps += [ + "addpermissionusedrecordasyncstub_fuzzer:AddPermissionUsedRecordAsyncStubFuzzTest", "addpermissionusedrecordstub_fuzzer:AddPermissionUsedRecordStubFuzzTest", "getpermissionusedrecordsasyncstub_fuzzer:GetPermissionUsedRecordsAsyncStubFuzzTest", "getpermissionusedrecordsstub_fuzzer:GetPermissionUsedRecordsStubFuzzTest", diff --git a/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/BUILD.gn new file mode 100644 index 000000000..d88ba72f2 --- /dev/null +++ b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/BUILD.gn @@ -0,0 +1,48 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../access_token.gni") +import("../privacy_service_fuzz.gni") + +ohos_fuzztest("AddPermissionUsedRecordAsyncStubFuzzTest") { + module_out_path = module_output_path_service_privacy + fuzz_config_file = "." + + sources = [ "addpermissionusedrecordasyncstub_fuzzer.cpp" ] + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] + + include_dirs = privacy_include_dirs + + sources += privacy_sources + + defines = privacy_defines + + cflags_cc = privacy_cflags_cc + + deps = privacy_deps + + external_deps = privacy_external_deps +} diff --git a/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.cpp b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.cpp new file mode 100644 index 000000000..9e570a493 --- /dev/null +++ b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.cpp @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "addpermissionusedrecordasyncstub_fuzzer.h" + +#include +#include +#include + +#include "accesstoken_fuzzdata.h" +#undef private +#include "iprivacy_manager.h" +#include "privacy_manager_service.h" + +using namespace std; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { + bool AddPermissionUsedRecordAsyncStubFuzzTest(const uint8_t* data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + AccessTokenFuzzData fuzzData(data, size); + + MessageParcel datas; + datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + + AddPermParamInfoParcel infoParcel; + infoParcel.info.tokenId = static_cast(fuzzData.GetData()); + infoParcel.info.permissionName = fuzzData.GenerateStochasticString(); + infoParcel.info.successCount = fuzzData.GetData(); + infoParcel.info.failCount = fuzzData.GetData(); + if (!datas.WriteParcelable(&infoParcel)) { + return false; + } + + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_ADD_PERMISSION_USED_RECORD_ASYNC); + + MessageParcel reply; + MessageOption option; + DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); + + return true; + } +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::AddPermissionUsedRecordAsyncStubFuzzTest(data, size); + return 0; +} diff --git a/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.h b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.h new file mode 100644 index 000000000..1ca1b1bd1 --- /dev/null +++ b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/addpermissionusedrecordasyncstub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNCSTUB_FUZZER_H +#define TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNCSTUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "addpermissionusedrecordasyncstub_fuzzer" + +#endif // TEST_FUZZTEST_ADDPERMISSIONUSEDRECORDASYNCSTUB_FUZZER_H diff --git a/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/corpus/init b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/corpus/init new file mode 100644 index 000000000..65af8ee8d --- /dev/null +++ b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/project.xml b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/project.xml new file mode 100644 index 000000000..66e1dcac4 --- /dev/null +++ b/test/fuzztest/services/privacy/addpermissionusedrecordasyncstub_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/BUILD.gn index 66d310651..0c0e2b7ed 100644 --- a/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("AddPermissionUsedRecordStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/addpermissionusedrecordstub_fuzzer.cpp b/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/addpermissionusedrecordstub_fuzzer.cpp index 37db718d6..046452e7e 100644 --- a/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/addpermissionusedrecordstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/addpermissionusedrecordstub_fuzzer/addpermissionusedrecordstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "privacy_manager_service.h" using namespace std; @@ -48,7 +48,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::ADD_PERMISSION_USED_RECORD); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_ADD_PERMISSION_USED_RECORD); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/BUILD.gn index b9182bd33..98d751a77 100644 --- a/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("GetPermissionUsedRecordsAsyncStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/getpermissionusedrecordsasyncstub_fuzzer.cpp b/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/getpermissionusedrecordsasyncstub_fuzzer.cpp index 61b96f648..298f6418d 100644 --- a/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/getpermissionusedrecordsasyncstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/getpermissionusedrecordsasyncstub_fuzzer/getpermissionusedrecordsasyncstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -22,7 +22,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "errors.h" -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "on_permission_used_record_callback_stub.h" #include "permission_used_request.h" #include "permission_used_request_parcel.h" @@ -75,7 +75,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS_ASYNC); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_GET_PERMISSION_USED_RECORDS_ASYNC); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/BUILD.gn index 1467b5e9f..709384a18 100644 --- a/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("GetPermissionUsedRecordsStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/getpermissionusedrecordsstub_fuzzer.cpp b/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/getpermissionusedrecordsstub_fuzzer.cpp index 3565d7b11..74dfdf1d3 100644 --- a/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/getpermissionusedrecordsstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/getpermissionusedrecordsstub_fuzzer/getpermissionusedrecordsstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "permission_used_request.h" #include "permission_used_request_parcel.h" #include "privacy_manager_service.h" @@ -60,7 +60,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORDS); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_GET_PERMISSION_USED_RECORDS); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn index 3990a43f5..774cdd846 100644 --- a/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn @@ -28,7 +28,10 @@ ohos_fuzztest("GetPermissionUsedRecordToggleStatusStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/getpermissionusedrecordtogglestatusstub_fuzzer.cpp b/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/getpermissionusedrecordtogglestatusstub_fuzzer.cpp index e9609ed9c..bd2846939 100644 --- a/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/getpermissionusedrecordtogglestatusstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/getpermissionusedrecordtogglestatusstub_fuzzer/getpermissionusedrecordtogglestatusstub_fuzzer.cpp @@ -17,7 +17,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "privacy_manager_service.h" using namespace std; @@ -42,7 +42,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::GET_PERMISSION_USED_RECORD_TOGGLE_STATUS); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_GET_PERMISSION_USED_RECORD_TOGGLE_STATUS); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/BUILD.gn index e4361c0a2..e91375f35 100644 --- a/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("GetPermissionUsedTypeInfosStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/getpermissionusedtypeinfosstub_fuzzer.cpp b/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/getpermissionusedtypeinfosstub_fuzzer.cpp index 3b50ce603..c243b50d4 100644 --- a/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/getpermissionusedtypeinfosstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/getpermissionusedtypeinfosstub_fuzzer/getpermissionusedtypeinfosstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "privacy_manager_service.h" using namespace std; @@ -45,7 +45,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::GET_PERMISSION_USED_TYPE_INFOS); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_GET_PERMISSION_USED_TYPE_INFOS); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/BUILD.gn index 058d96bbd..91d09a472 100644 --- a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("GetSecCompEnhanceStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp index 3a5e4e063..fb6b46af6 100644 --- a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -22,7 +22,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "errors.h" -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "on_permission_used_record_callback_stub.h" #include "permission_used_request.h" #include "permission_used_request_parcel.h" @@ -46,7 +46,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::GET_SEC_COMP_ENHANCE); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_GET_SEC_COMP_ENHANCE); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/BUILD.gn index f9454c81c..f3f0eae63 100644 --- a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("GetSpecialSecCompEnhanceStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.cpp index 542ab9e67..aaf7a81bc 100644 --- a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -22,7 +22,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "errors.h" -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "on_permission_used_record_callback_stub.h" #include "permission_used_request.h" #include "permission_used_request_parcel.h" @@ -46,7 +46,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::GET_SPECIAL_SEC_COMP_ENHANCE); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_GET_SPECIAL_SEC_COMP_ENHANCE); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/BUILD.gn index 94e5f22c1..7a2238e4c 100644 --- a/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("IsAllowedUsingPermissionStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/isallowedusingpermissionstub_fuzzer.cpp b/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/isallowedusingpermissionstub_fuzzer.cpp index 1eca6c5a8..e26b26f1b 100644 --- a/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/isallowedusingpermissionstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/isallowedusingpermissionstub_fuzzer/isallowedusingpermissionstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "privacy_manager_service.h" using namespace std; @@ -49,7 +49,7 @@ namespace OHOS { } uint32_t code = static_cast( - PrivacyInterfaceCode::IS_ALLOWED_USING_PERMISSION); + IPrivacyManagerIpcCode::COMMAND_IS_ALLOWED_USING_PERMISSION); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/privacy_service_fuzz.gni b/test/fuzztest/services/privacy/privacy_service_fuzz.gni index 1e574a97e..285586d63 100644 --- a/test/fuzztest/services/privacy/privacy_service_fuzz.gni +++ b/test/fuzztest/services/privacy/privacy_service_fuzz.gni @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -49,6 +49,7 @@ privacy_deps = [ "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", "${access_token_path}/services/common:accesstoken_service_common", "${access_token_path}/services/common/proxy_death:proxy_death_handler", + "${access_token_path}/services/privacymanager:privacy_manager_stub", ] privacy_external_deps = [ @@ -85,7 +86,6 @@ privacy_sources = [ "${access_token_path}/services/privacymanager/src/sensitive/audio_manager/audio_manager_adapter.cpp", "${access_token_path}/services/privacymanager/src/sensitive/camera_manager/camera_manager_adapter.cpp", "${access_token_path}/services/privacymanager/src/service/privacy_manager_service.cpp", - "${access_token_path}/services/privacymanager/src/service/privacy_manager_stub.cpp", ] privacy_cflags_cc = [ diff --git a/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/BUILD.gn index e6457ef8f..b4a541307 100644 --- a/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("RegisterPermActiveStatusCallbackStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/registerpermactivestatuscallbackstub_fuzzer.cpp b/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/registerpermactivestatuscallbackstub_fuzzer.cpp index 47fc2f21d..7ae82265a 100644 --- a/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/registerpermactivestatuscallbackstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/registerpermactivestatuscallbackstub_fuzzer/registerpermactivestatuscallbackstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "perm_active_status_change_callback.h" #include "perm_active_status_customized_cbk.h" #include "privacy_manager_service.h" @@ -74,7 +74,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_REGISTER_PERM_ACTIVE_STATUS_CALLBACK); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/BUILD.gn index 7e2be9f5b..1eef34967 100644 --- a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("RegisterSecCompEnhanceStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp index 79a248074..de6cfaee5 100644 --- a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -24,7 +24,7 @@ #undef private #include "errors.h" #include "hap_token_info.h" -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "on_permission_used_record_callback_stub.h" #include "permission_used_request.h" #include "permission_used_request_parcel.h" @@ -91,7 +91,7 @@ public: return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::REGISTER_SEC_COMP_ENHANCE); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_REGISTER_SEC_COMP_ENHANCE); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/BUILD.gn index f9e87ddda..dc2bdf02f 100644 --- a/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("RemovePermissionUsedRecordsStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/removepermissionusedrecordsstub_fuzzer.cpp b/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/removepermissionusedrecordsstub_fuzzer.cpp index d3c3b8510..67d6b8546 100644 --- a/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/removepermissionusedrecordsstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/removepermissionusedrecordsstub_fuzzer/removepermissionusedrecordsstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "privacy_manager_service.h" using namespace std; @@ -46,7 +46,7 @@ namespace OHOS { } uint32_t code = static_cast( - PrivacyInterfaceCode::DELETE_PERMISSION_USED_RECORDS); + IPrivacyManagerIpcCode::COMMAND_REMOVE_PERMISSION_USED_RECORDS); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/BUILD.gn index b6c38befc..3c9a0ba27 100644 --- a/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("SetHapWithFGReminderStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/sethapwithfgreminderstub_fuzzer.cpp b/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/sethapwithfgreminderstub_fuzzer.cpp index 15847a653..364077315 100644 --- a/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/sethapwithfgreminderstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/sethapwithfgreminderstub_fuzzer/sethapwithfgreminderstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -22,7 +22,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "accesstoken_kit.h" -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "privacy_manager_service.h" #include "nativetoken_kit.h" #include "token_setproc.h" @@ -78,7 +78,7 @@ namespace OHOS { } uint32_t code = static_cast( - PrivacyInterfaceCode::SET_HAP_WITH_FOREGROUND_REMINDER); + IPrivacyManagerIpcCode::COMMAND_SET_HAP_WITH_F_G_REMINDER); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/BUILD.gn index f278054a8..fe53ed0ff 100644 --- a/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("SetMutePolicyStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/setmutepolicystub_fuzzer.cpp b/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/setmutepolicystub_fuzzer.cpp index 69c220f55..56b6b8760 100644 --- a/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/setmutepolicystub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/setmutepolicystub_fuzzer/setmutepolicystub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -22,7 +22,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "accesstoken_kit.h" -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "privacy_manager_service.h" #include "nativetoken_kit.h" #include "token_setproc.h" @@ -89,7 +89,7 @@ size_t g_baseFuzzPos = 0; } uint32_t code = static_cast( - PrivacyInterfaceCode::SET_MUTE_POLICY); + IPrivacyManagerIpcCode::COMMAND_SET_MUTE_POLICY); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn index 6feddd9ac..4b68e6395 100644 --- a/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/BUILD.gn @@ -28,7 +28,10 @@ ohos_fuzztest("SetPermissionUsedRecordToggleStatusStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/setpermissionusedrecordtogglestatusstub_fuzzer.cpp b/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/setpermissionusedrecordtogglestatusstub_fuzzer.cpp index 9b5c47a88..25292163b 100644 --- a/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/setpermissionusedrecordtogglestatusstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/setpermissionusedrecordtogglestatusstub_fuzzer/setpermissionusedrecordtogglestatusstub_fuzzer.cpp @@ -17,7 +17,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "privacy_manager_service.h" using namespace std; @@ -43,7 +43,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::SET_PERMISSION_USED_RECORD_TOGGLE_STATUS); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_SET_PERMISSION_USED_RECORD_TOGGLE_STATUS); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn index bdbc691db..e61cf194d 100644 --- a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("StartUsingPermissionCallbackStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp index 85b7bfcf6..66b6c2c71 100644 --- a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "state_change_callback.h" #include "state_customized_cbk.h" #include "privacy_manager_service.h" @@ -74,7 +74,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::START_USING_PERMISSION_CALLBACK); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_START_USING_PERMISSION_CALLBACK); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn index 1b1ee0ad0..ed318f6e2 100644 --- a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("StartUsingPermissionStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp index e9fb147ff..42181dd68 100644 --- a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "privacy_manager_service.h" using namespace std; @@ -48,7 +48,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::START_USING_PERMISSION); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_START_USING_PERMISSION); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/BUILD.gn index 982e60386..44b6b6990 100644 --- a/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("StopUsingPermissionStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/stopusingpermissionstub_fuzzer.cpp b/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/stopusingpermissionstub_fuzzer.cpp index afce9afa0..74183f9e3 100644 --- a/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/stopusingpermissionstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/stopusingpermissionstub_fuzzer/stopusingpermissionstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "privacy_manager_service.h" using namespace std; @@ -48,7 +48,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::STOP_USING_PERMISSION); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_STOP_USING_PERMISSION); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/BUILD.gn index 4933d084e..585a8e2a7 100644 --- a/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("UnRegisterPermActiveStatusCallbackStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/unregisterpermactivestatuscallbackstub_fuzzer.cpp b/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/unregisterpermactivestatuscallbackstub_fuzzer.cpp index 14d23c014..6e08e8862 100644 --- a/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/unregisterpermactivestatuscallbackstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/unregisterpermactivestatuscallbackstub_fuzzer/unregisterpermactivestatuscallbackstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "perm_active_status_change_callback.h" #include "perm_active_status_customized_cbk.h" #include "privacy_manager_service.h" @@ -69,7 +69,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_UN_REGISTER_PERM_ACTIVE_STATUS_CALLBACK); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/BUILD.gn index d97ec3ca2..f432f9793 100644 --- a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -29,7 +29,10 @@ ohos_fuzztest("UpdateSecCompEnhanceStubFuzzTest") { "-fno-omit-frame-pointer", ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + ] include_dirs = privacy_include_dirs diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp index 28b460006..c203ebb84 100644 --- a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -22,7 +22,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "errors.h" -#include "i_privacy_manager.h" +#include "iprivacy_manager.h" #include "on_permission_used_record_callback_stub.h" #include "permission_used_request.h" #include "permission_used_request_parcel.h" @@ -50,7 +50,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(PrivacyInterfaceCode::UPDATE_SEC_COMP_ENHANCE); + uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_UPDATE_SEC_COMP_ENHANCE); MessageParcel reply; MessageOption option; -- Gitee From 642cb45e04f225f819f4d1be055e36a63cf0a231 Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Fri, 28 Mar 2025 15:10:46 +0800 Subject: [PATCH 026/103] =?UTF-8?q?IDL=E5=8C=96=20250328?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: Ieb16946f4429aceda92161a474bb44ead78c4343 --- frameworks/accesstoken/BUILD.gn | 2 +- .../include/i_accesstoken_manager.h | 126 -- ...cel.h => perm_state_change_scope_parcel.h} | 2 +- ...cpp => perm_state_change_scope_parcel.cpp} | 4 +- .../test/unittest/accesstoken_parcel_test.cpp | 2 +- interfaces/innerkits/accesstoken/BUILD.gn | 7 +- .../src/accesstoken_manager_client.cpp | 448 ++++- .../src/accesstoken_manager_client.h | 5 +- .../src/accesstoken_manager_proxy.cpp | 1578 ----------------- .../src/accesstoken_manager_proxy.h | 122 -- .../accesstoken/test/unittest/BUILD.gn | 7 +- .../accesstoken_kit_coverage_test.cpp | 1 - .../get_hap_dlp_flag_test.cpp | 2 +- .../get_permission_flag_test.cpp | 2 +- .../get_permissions_status_test.cpp | 2 +- .../permission_request_toggle_status_test.cpp | 2 +- .../HapTokenTest/alloc_hap_token_test.cpp | 1 - .../app_installation_optimized_test.cpp | 2 +- .../HapTokenTest/delete_token_test.cpp | 2 +- .../HapTokenTest/get_hap_token_test.cpp | 2 +- .../HapTokenTest/get_token_type_test.cpp | 2 +- .../HapTokenTest/init_hap_token_test.cpp | 4 +- .../HapTokenTest/update_hap_token_test.cpp | 2 +- .../set_perm_dialog_cap_test.cpp | 1 - ...ar_user_granted__permission_state_test.cpp | 2 +- .../PermissionsTest/get_permission_test.cpp | 2 +- .../PermissionsTest/grant_permission_test.cpp | 2 +- .../revoke_permission_test.cpp | 2 +- .../verify_access_token_test.cpp | 2 +- ...gister_perm_state_change_callback_test.cpp | 2 +- ...gister_perm_state_change_callback_test.cpp | 2 +- .../unittest/SaTest/dump_token_info_test.cpp | 2 +- .../SaTest/get_native_token_id_test.cpp | 2 +- .../SaTest/get_native_token_info_test.cpp | 2 +- .../test/unittest/SaTest/get_version_test.cpp | 2 +- services/accesstokenmanager/BUILD.gn | 5 +- services/accesstokenmanager/idl/BUILD.gn | 125 ++ .../idl/IAccessTokenManager.idl | 89 + services/accesstokenmanager/idl/IdlCommon.idl | 49 + .../service/accesstoken_manager_service.h | 64 +- .../service/accesstoken_manager_stub.h | 113 -- .../service/accesstoken_manager_service.cpp | 590 +++++- .../src/service/accesstoken_manager_stub.cpp | 1335 -------------- .../accesstokenmanager/test/coverage/BUILD.gn | 7 +- .../accesstokenmanager/test/mock/BUILD.gn | 7 +- .../accesstokenmanager/test/unittest/BUILD.gn | 7 +- .../accesstoken_info_manager_test.cpp | 136 +- .../accesstoken/access_token_service_fuzz.gni | 4 +- .../allochaptokenstub_fuzzer/BUILD.gn | 7 +- .../allochaptokenstub_fuzzer.cpp | 6 +- .../alloclocaltokenidstub_fuzzer/BUILD.gn | 7 +- .../alloclocaltokenidstub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- ...rusergrantedpermissionstatestub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- .../deleteremotedevicetokensstub_fuzzer.cpp | 4 +- .../deleteremotetokenstub_fuzzer/BUILD.gn | 7 +- .../deleteremotetokenstub_fuzzer.cpp | 6 +- .../deletetokenstub_fuzzer/BUILD.gn | 7 +- .../deletetokenstub_fuzzer.cpp | 6 +- .../dumptokeninfostub_fuzzer/BUILD.gn | 7 +- .../dumptokeninfostub_fuzzer.cpp | 6 +- .../getdefpermissionstub_fuzzer/BUILD.gn | 7 +- .../getdefpermissionstub_fuzzer.cpp | 6 +- .../gethaptokenidstub_fuzzer/BUILD.gn | 7 +- .../gethaptokenidstub_fuzzer.cpp | 6 +- .../gethaptokeninfoextstub_fuzzer/BUILD.gn | 7 +- .../gethaptokeninfoextstub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- .../gethaptokeninfofromremotestub_fuzzer.cpp | 6 +- .../gethaptokeninfostub_fuzzer/BUILD.gn | 7 +- .../gethaptokeninfostub_fuzzer.cpp | 6 +- .../getkernelpermissionsstub_fuzzer/BUILD.gn | 7 +- .../getkernelpermissionsstub_fuzzer.cpp | 6 +- .../getnativetokenidstub_fuzzer/BUILD.gn | 7 +- .../getnativetokenidstub_fuzzer.cpp | 6 +- .../getnativetokeninfostub_fuzzer/BUILD.gn | 7 +- .../getnativetokeninfostub_fuzzer.cpp | 6 +- .../getpermissionflagstub_fuzzer/BUILD.gn | 7 +- .../getpermissionflagstub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- ...rmissionrequesttogglestatusstub_fuzzer.cpp | 6 +- .../getpermissionsstatusstub_fuzzer/BUILD.gn | 7 +- .../getpermissionsstatusstub_fuzzer.cpp | 6 +- .../getpermissionusedtypestub_fuzzer/BUILD.gn | 7 +- .../getpermissionusedtypestub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- .../getremotenativetokenidstub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- .../getreqpermissionbynamestub_fuzzer.cpp | 6 +- .../getreqpermissionsstub_fuzzer/BUILD.gn | 7 +- .../getreqpermissionsstub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- .../getselfpermissionsstatestub_fuzzer.cpp | 6 +- .../gettokenidbyuseridstub_fuzzer/BUILD.gn | 5 +- .../gettokenidbyuseridstub_fuzzer.cpp | 4 +- .../gettokentypestub_fuzzer/BUILD.gn | 7 +- .../gettokentypestub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- ...tpermissionforspecifiedtimestub_fuzzer.cpp | 6 +- .../grantpermissionstub_fuzzer/BUILD.gn | 7 +- .../grantpermissionstub_fuzzer.cpp | 6 +- .../inithaptokenstub_fuzzer/BUILD.gn | 7 +- .../inithaptokenstub_fuzzer.cpp | 6 +- .../inituserpolicystub_fuzzer/BUILD.gn | 5 +- .../inituserpolicystub_fuzzer.cpp | 4 +- .../BUILD.gn | 7 +- ...sterpermstatechangecallbackstub_fuzzer.cpp | 6 +- .../BUILD.gn | 5 +- ...selfpermstatechangecallbackstub_fuzzer.cpp | 4 +- .../BUILD.gn | 7 +- .../requestapppermonsettingstub_fuzzer.cpp | 6 +- .../revokepermissionstub_fuzzer/BUILD.gn | 7 +- .../revokepermissionstub_fuzzer.cpp | 6 +- .../setpermdialogcap_fuzzer/BUILD.gn | 7 +- .../setpermdialogcap_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- ...rmissionrequesttogglestatusstub_fuzzer.cpp | 6 +- .../setremotehaptokeninfostub_fuzzer/BUILD.gn | 7 +- .../setremotehaptokeninfostub_fuzzer.cpp | 6 +- .../updatehaptokenstub_fuzzer/BUILD.gn | 7 +- .../updatehaptokenstub_fuzzer.cpp | 4 +- .../updateuserpolicystub_fuzzer/BUILD.gn | 5 +- .../updateuserpolicystub_fuzzer.cpp | 4 +- .../verifyaccesstokenstub_fuzzer/BUILD.gn | 7 +- .../verifyaccesstokenstub_fuzzer.cpp | 6 +- .../BUILD.gn | 7 +- .../verifyaccesstokenwithliststub_fuzzer.cpp | 7 +- 128 files changed, 1702 insertions(+), 3680 deletions(-) delete mode 100644 frameworks/accesstoken/include/i_accesstoken_manager.h rename frameworks/accesstoken/include/{permission_state_change_scope_parcel.h => perm_state_change_scope_parcel.h} (95%) rename frameworks/accesstoken/src/{permission_state_change_scope_parcel.cpp => perm_state_change_scope_parcel.cpp} (96%) delete mode 100644 interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp delete mode 100644 interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h create mode 100644 services/accesstokenmanager/idl/BUILD.gn create mode 100644 services/accesstokenmanager/idl/IAccessTokenManager.idl create mode 100644 services/accesstokenmanager/idl/IdlCommon.idl delete mode 100644 services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h delete mode 100644 services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp diff --git a/frameworks/accesstoken/BUILD.gn b/frameworks/accesstoken/BUILD.gn index 905cf9753..6730263a5 100644 --- a/frameworks/accesstoken/BUILD.gn +++ b/frameworks/accesstoken/BUILD.gn @@ -55,11 +55,11 @@ ohos_shared_library("accesstoken_communication_adapter_cxx") { "src/hap_token_info_for_sync_parcel.cpp", "src/hap_token_info_parcel.cpp", "src/native_token_info_parcel.cpp", + "src/perm_state_change_scope_parcel.cpp", "src/permission_def_parcel.cpp", "src/permission_grant_info_parcel.cpp", "src/permission_list_state_parcel.cpp", "src/permission_state_change_info_parcel.cpp", - "src/permission_state_change_scope_parcel.cpp", "src/permission_status_parcel.cpp", ] diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h deleted file mode 100644 index 22709473a..000000000 --- a/frameworks/accesstoken/include/i_accesstoken_manager.h +++ /dev/null @@ -1,126 +0,0 @@ -/* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef I_ACCESSTOKEN_MANAGER_H -#define I_ACCESSTOKEN_MANAGER_H - -#include -#include - -#include "access_token.h" -#include "accesstoken_service_ipc_interface_code.h" -#include "atm_tools_param_info_parcel.h" -#include "errors.h" -#include "hap_base_info_parcel.h" -#include "hap_info_parcel.h" -#include "hap_policy_parcel.h" -#include "hap_token_info_for_sync_parcel.h" -#include "hap_token_info_parcel.h" -#include "iremote_broker.h" -#include "i_permission_state_callback.h" -#include "native_token_info_parcel.h" -#include "permission_def_parcel.h" -#include "permission_grant_info_parcel.h" -#include "permission_list_state_parcel.h" -#include "permission_status_parcel.h" -#include "permission_state_change_scope_parcel.h" -#include "system_ability_definition.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class IAccessTokenManager : public IRemoteBroker { -public: - static const int SA_ID_ACCESSTOKEN_MANAGER_SERVICE = ACCESS_TOKEN_MANAGER_SERVICE_ID; - - DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IAccessTokenManager"); - - virtual PermUsedTypeEnum GetPermissionUsedType( - AccessTokenID tokenID, const std::string& permissionName) = 0; - virtual int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) = 0; - virtual int VerifyAccessToken(AccessTokenID tokenID, - const std::vector& permissionList, std::vector& permStateList) = 0; - virtual int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) = 0; - virtual int GetReqPermissions( - AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) = 0; - virtual int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) = 0; - virtual int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, - int32_t userID = 0) = 0; - virtual int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, - int32_t userID = 0) = 0; - virtual int32_t RequestAppPermOnSetting(AccessTokenID tokenID) = 0; - virtual PermissionOper GetSelfPermissionsState(std::vector& permListParcel, - PermissionGrantInfoParcel& infoParcel) = 0; - virtual int32_t GetPermissionsStatus( - AccessTokenID tokenID, std::vector& permListParcel) = 0; - virtual int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) = 0; - virtual int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) = 0; - virtual int GrantPermissionForSpecifiedTime( - AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime) = 0; - virtual int ClearUserGrantedPermissionState(AccessTokenID tokenID) = 0; - virtual AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) = 0; - virtual int32_t InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy, - AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) = 0; - virtual int DeleteToken(AccessTokenID tokenID) = 0; - virtual int GetTokenType(AccessTokenID tokenID) = 0; - virtual AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex) = 0; - virtual AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) = 0; - virtual int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) = 0; - virtual int32_t GetTokenIDByUserID(int32_t userID, std::unordered_set& tokenIdList) = 0; - virtual int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) = 0; - virtual int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const HapPolicyParcel& policyParcel, HapInfoCheckResult& result) = 0; - virtual int32_t RegisterPermStateChangeCallback( - const PermStateChangeScopeParcel& scope, const sptr& callback) = 0; - virtual int32_t UnRegisterPermStateChangeCallback(const sptr& callback) = 0; - virtual int32_t RegisterSelfPermStateChangeCallback(const PermStateChangeScopeParcel& scope, - const sptr& callback) = 0; - virtual int32_t UnRegisterSelfPermStateChangeCallback(const sptr& callback) = 0; -#ifndef ATM_BUILD_VARIANT_USER_ENABLE - virtual int32_t ReloadNativeTokenInfo() = 0; -#endif - virtual int GetHapTokenInfoExtension(AccessTokenID tokenID, - HapTokenInfoParcel& hapTokenInfoRes, std::string& appID) = 0; - virtual AccessTokenID GetNativeTokenId(const std::string& processName) = 0; - -#ifdef TOKEN_SYNC_ENABLE - virtual int GetHapTokenInfoFromRemote(AccessTokenID tokenID, - HapTokenInfoForSyncParcel& hapSyncParcel) = 0; - virtual int SetRemoteHapTokenInfo(const std::string& deviceID, - HapTokenInfoForSyncParcel& hapSyncParcel) = 0; - virtual int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) = 0; - virtual AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) = 0; - virtual int DeleteRemoteDeviceTokens(const std::string& deviceID) = 0; - virtual int32_t RegisterTokenSyncCallback(const sptr& callback) = 0; - virtual int32_t UnRegisterTokenSyncCallback() = 0; -#endif - virtual int32_t GetKernelPermissions( - AccessTokenID tokenId, std::vector& kernelPermList) = 0; - virtual int32_t GetReqPermissionByName( - AccessTokenID tokenId, const std::string& permissionName, std::string& value) = 0; - virtual int SetPermDialogCap(const HapBaseInfoParcel& hapBaseInfoParcel, bool enable) = 0; - virtual int32_t InitUserPolicy( - const std::vector& userList, const std::vector& permList) = 0; - virtual int32_t UpdateUserPolicy(const std::vector& userList) = 0; - virtual int32_t ClearUserPolicy() = 0; - virtual void DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& tokenInfo) = 0; - virtual int32_t GetVersion(uint32_t& version) = 0; - virtual void GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) = 0; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS - -#endif // I_ACCESSTOKEN_MANAGER_H diff --git a/frameworks/accesstoken/include/permission_state_change_scope_parcel.h b/frameworks/accesstoken/include/perm_state_change_scope_parcel.h similarity index 95% rename from frameworks/accesstoken/include/permission_state_change_scope_parcel.h rename to frameworks/accesstoken/include/perm_state_change_scope_parcel.h index e1988a8f2..b6807c499 100644 --- a/frameworks/accesstoken/include/permission_state_change_scope_parcel.h +++ b/frameworks/accesstoken/include/perm_state_change_scope_parcel.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at diff --git a/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp b/frameworks/accesstoken/src/perm_state_change_scope_parcel.cpp similarity index 96% rename from frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp rename to frameworks/accesstoken/src/perm_state_change_scope_parcel.cpp index 8555df353..1d7345cd5 100644 --- a/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp +++ b/frameworks/accesstoken/src/perm_state_change_scope_parcel.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,7 +13,7 @@ * limitations under the License. */ -#include "permission_state_change_scope_parcel.h" +#include "perm_state_change_scope_parcel.h" #include "parcel_utils.h" namespace OHOS { diff --git a/frameworks/test/unittest/accesstoken_parcel_test.cpp b/frameworks/test/unittest/accesstoken_parcel_test.cpp index ebafe0eb7..aae920356 100644 --- a/frameworks/test/unittest/accesstoken_parcel_test.cpp +++ b/frameworks/test/unittest/accesstoken_parcel_test.cpp @@ -27,7 +27,7 @@ #include "parcel.h" #include "parcel_utils.h" #include "permission_grant_info_parcel.h" -#include "permission_state_change_scope_parcel.h" +#include "perm_state_change_scope_parcel.h" #include "permission_state_change_info_parcel.h" #include "permission_status_parcel.h" diff --git a/interfaces/innerkits/accesstoken/BUILD.gn b/interfaces/innerkits/accesstoken/BUILD.gn index 72f24f1d6..21fdd24ff 100644 --- a/interfaces/innerkits/accesstoken/BUILD.gn +++ b/interfaces/innerkits/accesstoken/BUILD.gn @@ -41,7 +41,10 @@ if (is_standard_system) { output_name = "libaccesstoken_sdk" - public_configs = [ ":accesstoken" ] + public_configs = [ + ":accesstoken", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] include_dirs = [ "${access_token_path}/frameworks/accesstoken/include", @@ -55,7 +58,6 @@ if (is_standard_system) { "src/accesstoken_death_recipient.cpp", "src/accesstoken_kit.cpp", "src/accesstoken_manager_client.cpp", - "src/accesstoken_manager_proxy.cpp", "src/perm_state_change_callback_customize.cpp", ] @@ -63,6 +65,7 @@ if (is_standard_system) { "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_proxy", ] external_deps = [ diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index 2f7a6df29..e2d5ac4dd 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -15,16 +15,18 @@ #include "accesstoken_manager_client.h" -#include "accesstoken_common_log.h" #include "access_token_error.h" -#include "accesstoken_manager_proxy.h" +#include "access_token_manager_proxy.h" +#include "accesstoken_callbacks.h" +#include "accesstoken_common_log.h" #include "atm_tools_param_info_parcel.h" #include "hap_token_info.h" #include "hap_token_info_for_sync_parcel.h" +#include "idl_common.h" #include "iservice_registry.h" #include "parameter.h" +#include "perm_state_change_scope_parcel.h" #include "permission_grant_info_parcel.h" -#include "accesstoken_callbacks.h" namespace OHOS { namespace Security { @@ -33,6 +35,11 @@ namespace { static constexpr int32_t VALUE_MAX_LEN = 32; static const char* ACCESS_TOKEN_SERVICE_INIT_KEY = "accesstoken.permission.init"; std::recursive_mutex g_instanceMutex; +static const int32_t SA_ID_ACCESSTOKEN_MANAGER_SERVICE = 3503; +static const int MAX_PERMISSION_SIZE = 1000; +static const int32_t MAX_USER_POLICY_SIZE = 1024; +static const int32_t MAX_EXTENDED_VALUE_LIST_SIZE = 512; +const size_t NUMBER_TWO = 2; } // namespace static const uint32_t MAX_CALLBACK_MAP_SIZE = 200; @@ -59,6 +66,21 @@ AccessTokenManagerClient::~AccessTokenManagerClient() ReleaseProxy(); } +static int32_t ConvertResult(int32_t ret) +{ + switch (ret) { + case ERR_INVALID_DATA: + ret = ERR_WRITE_PARCEL_FAILED; + break; + case ERR_TRANSACTION_FAILED: + ret = ERR_SERVICE_ABNORMAL; + break; + default: + return ret; + } + return ret; +} + PermUsedTypeEnum AccessTokenManagerClient::GetPermissionUsedType( AccessTokenID tokenID, const std::string &permissionName) { @@ -67,14 +89,28 @@ PermUsedTypeEnum AccessTokenManagerClient::GetPermissionUsedType( LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null."); return PermUsedTypeEnum::INVALID_USED_TYPE; } - return proxy->GetPermissionUsedType(tokenID, permissionName); + int32_t permUsedType; + int32_t errCode = proxy->GetPermissionUsedType(tokenID, permissionName, permUsedType); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + return PermUsedTypeEnum::INVALID_USED_TYPE; + } + PermUsedTypeEnum result = static_cast(permUsedType); + return result; } int AccessTokenManagerClient::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) { auto proxy = GetProxy(); if (proxy != nullptr) { - return proxy->VerifyAccessToken(tokenID, permissionName); + int32_t errCode = proxy->VerifyAccessToken(tokenID, permissionName); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + return PERMISSION_DENIED; + } + return errCode; } char value[VALUE_MAX_LEN] = {0}; int32_t ret = GetParameter(ACCESS_TOKEN_SERVICE_INIT_KEY, "", value, VALUE_MAX_LEN - 1); @@ -99,7 +135,12 @@ int AccessTokenManagerClient::VerifyAccessToken(AccessTokenID tokenID, LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->VerifyAccessToken(tokenID, permissionList, permStateList); + int32_t errCode = proxy->VerifyAccessToken(tokenID, permissionList, permStateList); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + } + return errCode; } int AccessTokenManagerClient::GetDefPermission( @@ -113,6 +154,10 @@ int AccessTokenManagerClient::GetDefPermission( PermissionDefParcel permissionDefParcel; int result = proxy->GetDefPermission(permissionName, permissionDefParcel); permissionDefResult = permissionDefParcel.permissionDef; + if (result != RET_SUCCESS) { + result = ConvertResult(result); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", result); + } return result; } @@ -126,6 +171,18 @@ int AccessTokenManagerClient::GetReqPermissions( } std::vector parcelList; int result = proxy->GetReqPermissions(tokenID, parcelList, isSystemGrant); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", result); + return result; + } + + uint32_t reqPermSize = parcelList.size(); + if (reqPermSize > MAX_PERMISSION_SIZE) { + LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}u) is oversize.", reqPermSize); + return ERR_OVERSIZE; + } + for (const auto& permParcel : parcelList) { PermissionStateFull perm; perm.permissionName = permParcel.permState.permissionName; @@ -146,7 +203,12 @@ int AccessTokenManagerClient::GetPermissionFlag( LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->GetPermissionFlag(tokenID, permissionName, flag); + int32_t result = proxy->GetPermissionFlag(tokenID, permissionName, flag); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, flag=%{public}d).", result, flag); + return result; } PermissionOper AccessTokenManagerClient::GetSelfPermissionsState(std::vector& permList, @@ -172,16 +234,33 @@ PermissionOper AccessTokenManagerClient::GetSelfPermissionsState(std::vectorGetSelfPermissionsState(parcelList, infoParcel); + int32_t permOper; + int32_t errCode = proxy->GetSelfPermissionsState(parcelList, infoParcel, permOper); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + return INVALID_OPER; + } + + size_t size = parcelList.size(); + if (size != (len * NUMBER_TWO)) { + LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) from server is not equal inputSize(%{public}zu)!", + size, len); + return INVALID_OPER; + } + if (size > MAX_PERMISSION_SIZE) { + LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) is oversize.", size); + return INVALID_OPER; + } for (uint32_t i = 0; i < len; i++) { - PermissionListState perm = parcelList[i].permsState; + PermissionListState perm = parcelList[i + len].permsState; permList[i].state = perm.state; permList[i].errorReason = perm.errorReason; } info = infoParcel.info; - return result; + return static_cast(permOper); } int32_t AccessTokenManagerClient::GetPermissionsStatus( @@ -208,10 +287,20 @@ int32_t AccessTokenManagerClient::GetPermissionsStatus( } int32_t result = proxy->GetPermissionsStatus(tokenID, parcelList); if (result != RET_SUCCESS) { + result = ConvertResult(result); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", result); return result; } + + size_t size = parcelList.size(); + if (size != (len * NUMBER_TWO)) { + LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) from server is not equal inputSize(%{public}zu)!", + size, len); + return ERR_SIZE_NOT_EQUAL; + } + for (uint32_t i = 0; i < len; i++) { - PermissionListState perm = parcelList[i].permsState; + PermissionListState perm = parcelList[i + len].permsState; permList[i].state = perm.state; } @@ -225,7 +314,12 @@ int AccessTokenManagerClient::GrantPermission(AccessTokenID tokenID, const std:: LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->GrantPermission(tokenID, permissionName, flag); + int32_t result = proxy->GrantPermission(tokenID, permissionName, flag); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); + return result; } int AccessTokenManagerClient::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) @@ -235,7 +329,12 @@ int AccessTokenManagerClient::RevokePermission(AccessTokenID tokenID, const std: LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->RevokePermission(tokenID, permissionName, flag); + int32_t result = proxy->RevokePermission(tokenID, permissionName, flag); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); + return result; } int AccessTokenManagerClient::GrantPermissionForSpecifiedTime( @@ -246,7 +345,12 @@ int AccessTokenManagerClient::GrantPermissionForSpecifiedTime( LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->GrantPermissionForSpecifiedTime(tokenID, permissionName, onceTime); + int32_t result = proxy->GrantPermissionForSpecifiedTime(tokenID, permissionName, onceTime); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); + return result; } int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID tokenID) @@ -256,7 +360,12 @@ int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID toke LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->ClearUserGrantedPermissionState(tokenID); + int32_t result = proxy->ClearUserGrantedPermissionState(tokenID); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); + return result; } int32_t AccessTokenManagerClient::SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, @@ -267,7 +376,12 @@ int32_t AccessTokenManagerClient::SetPermissionRequestToggleStatus(const std::st LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null."); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->SetPermissionRequestToggleStatus(permissionName, status, userID); + int32_t result = proxy->SetPermissionRequestToggleStatus(permissionName, status, userID); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); + return result; } int32_t AccessTokenManagerClient::GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, @@ -278,7 +392,12 @@ int32_t AccessTokenManagerClient::GetPermissionRequestToggleStatus(const std::st LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null."); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->GetPermissionRequestToggleStatus(permissionName, status, userID); + int32_t result = proxy->GetPermissionRequestToggleStatus(permissionName, status, userID); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, status=%{public}d).", result, status); + return result; } int32_t AccessTokenManagerClient::RequestAppPermOnSetting(AccessTokenID tokenID) @@ -288,7 +407,12 @@ int32_t AccessTokenManagerClient::RequestAppPermOnSetting(AccessTokenID tokenID) LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null."); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->RequestAppPermOnSetting(tokenID); + int32_t result = proxy->RequestAppPermOnSetting(tokenID); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); + return result; } int32_t AccessTokenManagerClient::CreatePermStateChangeCallback( @@ -358,6 +482,10 @@ int32_t AccessTokenManagerClient::RegisterPermStateChangeCallback( std::lock_guard lock(callbackMutex_); callbackMap_[customizedCb] = callback; } + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); return result; } @@ -385,6 +513,10 @@ int32_t AccessTokenManagerClient::UnRegisterPermStateChangeCallback( if (result == RET_SUCCESS) { callbackMap_.erase(goalCallback); } + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); return result; } @@ -401,7 +533,16 @@ AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& inf hapInfoParcel.hapInfoParameter = info; hapPolicyParcel.hapPolicy = policy; - return proxy->AllocHapToken(hapInfoParcel, hapPolicyParcel); + uint64_t fullTokenId; + int32_t errCode = proxy->AllocHapToken(hapInfoParcel, hapPolicyParcel, fullTokenId); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + return tokenIdEx; + } + tokenIdEx.tokenIDEx = fullTokenId; + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}llu).", tokenIdEx.tokenIDEx); + return tokenIdEx; } int32_t AccessTokenManagerClient::InitHapToken(const HapInfoParams& info, HapPolicy& policy, @@ -417,7 +558,24 @@ int32_t AccessTokenManagerClient::InitHapToken(const HapInfoParams& info, HapPol hapInfoParcel.hapInfoParameter = info; hapPolicyParcel.hapPolicy = policy; - return proxy->InitHapToken(hapInfoParcel, hapPolicyParcel, fullTokenId, result); + HapInfoCheckResultIdl resultInfoIdl; + uint64_t fullToken = 0; + int32_t res = proxy->InitHapToken(hapInfoParcel, hapPolicyParcel, fullToken, resultInfoIdl); + if (fullToken == 0 && res == RET_SUCCESS) { + res = AccessTokenError::ERR_PERM_REQUEST_CFG_FAILED; + PermissionInfoCheckResult permCheckResult; + permCheckResult.permissionName = resultInfoIdl.permissionName; + int32_t rule = static_cast(resultInfoIdl.rule); + permCheckResult.rule = static_cast(rule); + result.permCheckResult = permCheckResult; + } + fullTokenId.tokenIDEx = fullToken; + if (res != RET_SUCCESS) { + res = ConvertResult(res); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, id=%{public}llu).", + res, fullTokenId.tokenIDEx); + return res; } int AccessTokenManagerClient::DeleteToken(AccessTokenID tokenID) @@ -427,7 +585,12 @@ int AccessTokenManagerClient::DeleteToken(AccessTokenID tokenID) LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->DeleteToken(tokenID); + int32_t result = proxy->DeleteToken(tokenID); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, id=%{public}u).", result, tokenID); + return result; } ATokenTypeEnum AccessTokenManagerClient::GetTokenType(AccessTokenID tokenID) @@ -437,7 +600,13 @@ ATokenTypeEnum AccessTokenManagerClient::GetTokenType(AccessTokenID tokenID) LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return TOKEN_INVALID; } - return static_cast(proxy->GetTokenType(tokenID)); + int32_t tokenType = static_cast(TOKEN_INVALID); + int32_t result = proxy->GetTokenType(tokenID, tokenType); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + LOGE(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); + } + return static_cast(tokenType); } AccessTokenIDEx AccessTokenManagerClient::GetHapTokenID( @@ -449,7 +618,15 @@ AccessTokenIDEx AccessTokenManagerClient::GetHapTokenID( LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return result; } - return proxy->GetHapTokenID(userID, bundleName, instIndex); + uint64_t fullTokenId; + int32_t errCode = proxy->GetHapTokenID(userID, bundleName, instIndex, fullTokenId); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + return result; + } + result.tokenIDEx = fullTokenId; + return result; } AccessTokenID AccessTokenManagerClient::AllocLocalTokenID( @@ -460,7 +637,15 @@ AccessTokenID AccessTokenManagerClient::AllocLocalTokenID( LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return INVALID_TOKENID; } - return proxy->AllocLocalTokenID(remoteDeviceID, remoteTokenID); + uint32_t tokenId; + int32_t errCode = proxy->AllocLocalTokenID(remoteDeviceID, remoteTokenID, tokenId); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + return INVALID_TOKENID; + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}d).", tokenId); + return tokenId; } int32_t AccessTokenManagerClient::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, @@ -473,7 +658,28 @@ int32_t AccessTokenManagerClient::UpdateHapToken(AccessTokenIDEx& tokenIdEx, con } HapPolicyParcel hapPolicyParcel; hapPolicyParcel.hapPolicy = policy; - return proxy->UpdateHapToken(tokenIdEx, info, hapPolicyParcel, result); + UpdateHapInfoParamsIdl infoIdl; + infoIdl.appIDDesc = info.appIDDesc; + infoIdl.apiVersion = info.apiVersion; + infoIdl.isSystemApp = info.isSystemApp; + infoIdl.appDistributionType = info.appDistributionType; + HapInfoCheckResultIdl resultInfoIdl; + uint64_t fullTokenId = tokenIdEx.tokenIDEx; + int32_t res = proxy->UpdateHapToken(fullTokenId, infoIdl, hapPolicyParcel, resultInfoIdl); + tokenIdEx.tokenIDEx = fullTokenId; + if (res == RET_SUCCESS && resultInfoIdl.realResult != RET_SUCCESS) { + res = AccessTokenError::ERR_PERM_REQUEST_CFG_FAILED; + PermissionInfoCheckResult permCheckResult; + permCheckResult.permissionName = resultInfoIdl.permissionName; + int32_t rule = static_cast(resultInfoIdl.rule); + permCheckResult.rule = static_cast(rule); + result.permCheckResult = permCheckResult; + } + if (res != RET_SUCCESS) { + res = ConvertResult(res); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res); + return res; } int32_t AccessTokenManagerClient::GetTokenIDByUserID(int32_t userID, std::unordered_set& tokenIdList) @@ -483,7 +689,15 @@ int32_t AccessTokenManagerClient::GetTokenIDByUserID(int32_t userID, std::unorde LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->GetTokenIDByUserID(userID, tokenIdList); + std::vector tokenIds; + auto result = proxy->GetTokenIDByUserID(userID, tokenIds); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); + return result; + } + std::copy(tokenIds.begin(), tokenIds.end(), std::inserter(tokenIdList, tokenIdList.begin())); + return result; } int AccessTokenManagerClient::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes) @@ -495,6 +709,11 @@ int AccessTokenManagerClient::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInf } HapTokenInfoParcel hapTokenInfoParcel; int res = proxy->GetHapTokenInfo(tokenID, hapTokenInfoParcel); + if (res != RET_SUCCESS) { + res = ConvertResult(res); + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res); + return res; + } hapTokenInfoRes = hapTokenInfoParcel.hapTokenInfoParams; return res; @@ -509,6 +728,11 @@ int AccessTokenManagerClient::GetNativeTokenInfo(AccessTokenID tokenID, NativeTo } NativeTokenInfoParcel nativeTokenInfoParcel; int res = proxy->GetNativeTokenInfo(tokenID, nativeTokenInfoParcel); + if (res != RET_SUCCESS) { + res = ConvertResult(res); + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res); + return res; + } nativeTokenInfoRes = nativeTokenInfoParcel.nativeTokenInfoParams; return res; } @@ -521,7 +745,13 @@ int32_t AccessTokenManagerClient::ReloadNativeTokenInfo() LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->ReloadNativeTokenInfo(); + int32_t res = proxy->ReloadNativeTokenInfo(); + if (res != RET_SUCCESS) { + res = ConvertResult(res); + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res); + return res; + } + return res; } #endif @@ -535,6 +765,11 @@ int AccessTokenManagerClient::GetHapTokenInfoExtension(AccessTokenID tokenID, Ha HapTokenInfoParcel hapTokenInfoParcel; int res = proxy->GetHapTokenInfoExtension(tokenID, hapTokenInfoParcel, info.appID); + if (res != RET_SUCCESS) { + res = ConvertResult(res); + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res); + return res; + } info.baseInfo = hapTokenInfoParcel.hapTokenInfoParams; return res; } @@ -546,7 +781,14 @@ AccessTokenID AccessTokenManagerClient::GetNativeTokenId(const std::string& proc LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return INVALID_TOKENID; } - return proxy->GetNativeTokenId(processName); + uint32_t tokenID; + ErrCode errCode = proxy->GetNativeTokenId(processName, tokenID); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + return INVALID_TOKENID; + } + return tokenID; } #ifdef TOKEN_SYNC_ENABLE @@ -560,6 +802,11 @@ int AccessTokenManagerClient::GetHapTokenInfoFromRemote(AccessTokenID tokenID, H HapTokenInfoForSyncParcel hapSyncParcel; int res = proxy->GetHapTokenInfoFromRemote(tokenID, hapSyncParcel); + if (res != RET_SUCCESS) { + res = ConvertResult(res); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", res); + return res; + } hapSync = hapSyncParcel.hapTokenInfoForSyncParams; return res; } @@ -576,6 +823,10 @@ int AccessTokenManagerClient::SetRemoteHapTokenInfo(const std::string& deviceID, hapSyncParcel.hapTokenInfoForSyncParams = hapSync; int res = proxy->SetRemoteHapTokenInfo(deviceID, hapSyncParcel); + if (res != RET_SUCCESS) { + res = ConvertResult(res); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res); return res; } @@ -588,6 +839,10 @@ int AccessTokenManagerClient::DeleteRemoteToken(const std::string& deviceID, Acc } int res = proxy->DeleteRemoteToken(deviceID, tokenID); + if (res != RET_SUCCESS) { + res = ConvertResult(res); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res); return res; } @@ -599,8 +854,15 @@ AccessTokenID AccessTokenManagerClient::GetRemoteNativeTokenID(const std::string return INVALID_TOKENID; } - AccessTokenID res = proxy->GetRemoteNativeTokenID(deviceID, tokenID); - return res; + uint32_t tokenId; + ErrCode errCode = proxy->GetRemoteNativeTokenID(deviceID, tokenID, tokenId); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + return INVALID_TOKENID; + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}d).", tokenId); + return tokenId; } int AccessTokenManagerClient::DeleteRemoteDeviceTokens(const std::string& deviceID) @@ -612,6 +874,10 @@ int AccessTokenManagerClient::DeleteRemoteDeviceTokens(const std::string& device } int res = proxy->DeleteRemoteDeviceTokens(deviceID); + if (res != RET_SUCCESS) { + res = ConvertResult(res); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res); return res; } @@ -637,6 +903,10 @@ int32_t AccessTokenManagerClient::RegisterTokenSyncCallback( tokenSyncCallback_ = callback; syncCallbackImpl_ = syncCallback; } + if (res != RET_SUCCESS) { + res = ConvertResult(res); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res); return res; } @@ -653,6 +923,10 @@ int32_t AccessTokenManagerClient::UnRegisterTokenSyncCallback() tokenSyncCallback_ = nullptr; syncCallbackImpl_ = nullptr; } + if (res != RET_SUCCESS) { + res = ConvertResult(res); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", res); return res; } #endif @@ -667,7 +941,11 @@ void AccessTokenManagerClient::DumpTokenInfo(const AtmToolsParamInfo& info, std: AtmToolsParamInfoParcel infoParcel; infoParcel.info = info; - proxy->DumpTokenInfo(infoParcel, dumpInfo); + int32_t errCode = proxy->DumpTokenInfo(infoParcel, dumpInfo); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + } } int32_t AccessTokenManagerClient::GetVersion(uint32_t& version) @@ -678,7 +956,12 @@ int32_t AccessTokenManagerClient::GetVersion(uint32_t& version) return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->GetVersion(version); + int32_t errCode = proxy->GetVersion(version); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + } + return errCode; } void AccessTokenManagerClient::InitProxy() @@ -690,10 +973,10 @@ void AccessTokenManagerClient::InitProxy() return; } sptr accesstokenSa = - sam->GetSystemAbility(IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE); + sam->GetSystemAbility(SA_ID_ACCESSTOKEN_MANAGER_SERVICE); if (accesstokenSa == nullptr) { LOGE(ATM_DOMAIN, ATM_TAG, "GetSystemAbility %{public}d is null", - IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE); + SA_ID_ACCESSTOKEN_MANAGER_SERVICE); return; } @@ -741,7 +1024,12 @@ int32_t AccessTokenManagerClient::SetPermDialogCap(const HapBaseInfo& hapBaseInf } HapBaseInfoParcel hapBaseInfoParcel; hapBaseInfoParcel.hapBaseInfo = hapBaseInfo; - return proxy->SetPermDialogCap(hapBaseInfoParcel, enable); + int32_t errCode = proxy->SetPermDialogCap(hapBaseInfoParcel, enable); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + } + return errCode; } void AccessTokenManagerClient::GetPermissionManagerInfo(PermissionGrantInfo& info) @@ -752,7 +1040,12 @@ void AccessTokenManagerClient::GetPermissionManagerInfo(PermissionGrantInfo& inf return; } PermissionGrantInfoParcel infoParcel; - proxy->GetPermissionManagerInfo(infoParcel); + int32_t errorCode = proxy->GetPermissionManagerInfo(infoParcel); + if (errorCode != RET_SUCCESS) { + errorCode = ConvertResult(errorCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errorCode); + return; + } info = infoParcel.info; } @@ -764,7 +1057,27 @@ int32_t AccessTokenManagerClient::InitUserPolicy( LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->InitUserPolicy(userList, permList); + + size_t userLen = userList.size(); + size_t permLen = permList.size(); + if ((userLen == 0) || (userLen > MAX_USER_POLICY_SIZE) || (permLen == 0) || (permLen > MAX_USER_POLICY_SIZE)) { + LOGE(ATM_DOMAIN, ATM_TAG, "UserLen %{public}zu or permLen %{public}zu is invalid", userLen, permLen); + return AccessTokenError::ERR_PARAM_INVALID; + } + + std::vector userIdlList; + for (const auto& userSate : userList) { + UserStateIdl userIdl; + userIdl.userId = userSate.userId; + userIdl.isActive = userSate.isActive; + userIdlList.emplace_back(userIdl); + } + int32_t errCode = proxy->InitUserPolicy(userIdlList, permList); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + } + return errCode; } int32_t AccessTokenManagerClient::ClearUserPolicy() @@ -774,7 +1087,12 @@ int32_t AccessTokenManagerClient::ClearUserPolicy() LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->ClearUserPolicy(); + int32_t errCode = proxy->ClearUserPolicy(); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + } + return errCode; } int32_t AccessTokenManagerClient::UpdateUserPolicy(const std::vector& userList) @@ -784,7 +1102,26 @@ int32_t AccessTokenManagerClient::UpdateUserPolicy(const std::vector& LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->UpdateUserPolicy(userList); + + size_t userLen = userList.size(); + if ((userLen == 0) || (userLen > MAX_USER_POLICY_SIZE)) { + LOGE(ATM_DOMAIN, ATM_TAG, "UserLen %{public}zu is invalid.", userLen); + return AccessTokenError::ERR_PARAM_INVALID; + } + + std::vector userIdlList; + for (const auto& userSate : userList) { + UserStateIdl userIdl; + userIdl.userId = userSate.userId; + userIdl.isActive = userSate.isActive; + userIdlList.emplace_back(userIdl); + } + int32_t errCode = proxy->UpdateUserPolicy(userIdlList); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + } + return errCode; } void AccessTokenManagerClient::ReleaseProxy() @@ -804,7 +1141,29 @@ int32_t AccessTokenManagerClient::GetKernelPermissions( LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->GetKernelPermissions(tokenId, kernelPermList); + std::vector kernelPermIdlList; + int32_t errCode = proxy->GetKernelPermissions(tokenId, kernelPermIdlList); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + return errCode; + } + + if (kernelPermIdlList.size() > MAX_EXTENDED_VALUE_LIST_SIZE) { + return AccessTokenError::ERR_OVERSIZE; + } + + for (const auto& item : kernelPermIdlList) { + PermissionWithValue tmp; + tmp.permissionName = item.permissionName; + tmp.value = item.value; + if (tmp.value == "true") { + tmp.value.clear(); + } + kernelPermList.emplace_back(tmp); + } + + return errCode; } int32_t AccessTokenManagerClient::GetReqPermissionByName( @@ -815,7 +1174,12 @@ int32_t AccessTokenManagerClient::GetReqPermissionByName( LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - return proxy->GetReqPermissionByName(tokenId, permissionName, value); + int32_t errCode = proxy->GetReqPermissionByName(tokenId, permissionName, value); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + } + return errCode; } } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index b5a4d0984..df0ed5815 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -19,6 +19,7 @@ #include #include #include +#include #include #include "access_token.h" @@ -28,7 +29,7 @@ #include "hap_info_parcel.h" #include "hap_policy_parcel.h" #include "hap_token_info.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "nocopyable.h" #include "permission_def.h" #include "permission_grant_info.h" diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp deleted file mode 100644 index 767678b54..000000000 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp +++ /dev/null @@ -1,1578 +0,0 @@ -/* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "accesstoken_manager_proxy.h" - -#include "accesstoken_log.h" -#include "accesstoken_common_log.h" -#include "access_token_error.h" - -#include "parcel.h" -#include "string_ex.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "ATMProxy"}; -static const int MAX_PERMISSION_SIZE = 1000; -static const int32_t MAX_USER_POLICY_SIZE = 1024; -static const int32_t MAX_EXTENDED_VALUE_LIST_SIZE = 512; -} - -AccessTokenManagerProxy::AccessTokenManagerProxy(const sptr& impl) - : IRemoteProxy(impl) { -} - -AccessTokenManagerProxy::~AccessTokenManagerProxy() -{} - -bool AccessTokenManagerProxy::SendRequest( - AccessTokenInterfaceCode code, MessageParcel& data, MessageParcel& reply) -{ - MessageOption option(MessageOption::TF_SYNC); - - sptr remote = Remote(); - if (remote == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Code: %{public}d remote service null.", code); - return false; - } - int32_t requestResult = remote->SendRequest( - static_cast(code), data, reply, option); - if (requestResult != NO_ERROR) { - LOGE(ATM_DOMAIN, ATM_TAG, "Code: %{public}d request fail, result: %{public}d", code, requestResult); - return false; - } - return true; -} - -PermUsedTypeEnum AccessTokenManagerProxy::GetPermissionUsedType( - AccessTokenID tokenID, const std::string &permissionName) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return PermUsedTypeEnum::INVALID_USED_TYPE; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return PermUsedTypeEnum::INVALID_USED_TYPE; - } - if (!data.WriteString(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed."); - return PermUsedTypeEnum::INVALID_USED_TYPE; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_USER_GRANTED_PERMISSION_USED_TYPE, data, reply)) { - return PermUsedTypeEnum::INVALID_USED_TYPE; - } - - int32_t ret; - if (!reply.ReadInt32(ret)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32t failed."); - return PermUsedTypeEnum::INVALID_USED_TYPE; - } - PermUsedTypeEnum result = static_cast(ret); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (type=%{public}d).", result); - return result; -} - -int AccessTokenManagerProxy::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return PERMISSION_DENIED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return PERMISSION_DENIED; - } - if (!data.WriteString(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed."); - return PERMISSION_DENIED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN, data, reply)) { - return PERMISSION_DENIED; - } - - int32_t result = reply.ReadInt32(); - LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (status=%{public}d).", result); - return result; -} - -int AccessTokenManagerProxy::VerifyAccessToken(AccessTokenID tokenID, - const std::vector& permissionList, std::vector& permStateList) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteStringVector(permissionList)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteStringVector failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN_WITH_LIST, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - if (!reply.ReadInt32Vector(&permStateList)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32Vector failed."); - return ERR_READ_PARCEL_FAILED; - } - - return ERR_OK; -} - -int AccessTokenManagerProxy::GetDefPermission( - const std::string& permissionName, PermissionDefParcel& permissionDefResult) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteString(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_DEF_PERMISSION, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - if (result != RET_SUCCESS) { - return result; - } - sptr resultSptr = reply.ReadParcelable(); - if (resultSptr == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable failed."); - return ERR_READ_PARCEL_FAILED; - } - permissionDefResult = *resultSptr; - return result; -} - -int AccessTokenManagerProxy::GetReqPermissions( - AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteInt32(isSystemGrant)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_REQ_PERMISSIONS, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - if (result != RET_SUCCESS) { - return result; - } - uint32_t reqPermSize = reply.ReadUint32(); - if (reqPermSize > MAX_PERMISSION_SIZE) { - LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}u) is oversize.", reqPermSize); - return ERR_OVERSIZE; - } - for (uint32_t i = 0; i < reqPermSize; i++) { - sptr permissionReq = reply.ReadParcelable(); - if (permissionReq != nullptr) { - reqPermList.emplace_back(*permissionReq); - } - } - return result; -} - -int32_t AccessTokenManagerProxy::SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, - int32_t userID = 0) -{ - MessageParcel sendData; - if (!sendData.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!sendData.WriteString(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!sendData.WriteUint32(status)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!sendData.WriteInt32(userID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::SET_PERMISSION_REQUEST_TOGGLE_STATUS, sendData, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -int32_t AccessTokenManagerProxy::GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, - int32_t userID = 0) -{ - MessageParcel sendData; - if (!sendData.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!sendData.WriteString(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!sendData.WriteInt32(userID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSION_REQUEST_TOGGLE_STATUS, sendData, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - if (result == RET_SUCCESS) { - status = reply.ReadUint32(); - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, status=%{public}d).", result, status); - return result; -} - -int32_t AccessTokenManagerProxy::RequestAppPermOnSetting(AccessTokenID tokenID) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::REQUEST_APP_PERM_ON_SETTING, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed."); - return ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (result=%{public}d).", result); - return result; -} - -int AccessTokenManagerProxy::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) -{ - MessageParcel sendData; - if (!sendData.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!sendData.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!sendData.WriteString(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSION_FLAG, sendData, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - if (result == RET_SUCCESS) { - flag = reply.ReadUint32(); - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, flag=%{public}d).", result, flag); - return result; -} - -PermissionOper AccessTokenManagerProxy::GetSelfPermissionsState(std::vector& permListParcel, - PermissionGrantInfoParcel& infoParcel) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return INVALID_OPER; - } - if (!data.WriteUint32(permListParcel.size())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return INVALID_OPER; - } - for (const auto& permission : permListParcel) { - if (!data.WriteParcelable(&permission)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed."); - return INVALID_OPER; - } - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSION_OPER_STATE, data, reply)) { - return INVALID_OPER; - } - - PermissionOper result = static_cast(reply.ReadInt32()); - size_t size = reply.ReadUint32(); - if (size != permListParcel.size()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) from server is not equal inputSize(%{public}zu)!", - size, permListParcel.size()); - return INVALID_OPER; - } - if (size > MAX_PERMISSION_SIZE) { - LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) is oversize.", size); - return INVALID_OPER; - } - for (uint32_t i = 0; i < size; i++) { - sptr permissionReq = reply.ReadParcelable(); - if (permissionReq != nullptr) { - permListParcel[i].permsState.state = permissionReq->permsState.state; - permListParcel[i].permsState.errorReason = permissionReq->permsState.errorReason; - } - } - - sptr resultSptr = reply.ReadParcelable(); - if (resultSptr == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable failed."); - return INVALID_OPER; - } - infoParcel = *resultSptr; - - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (status=%{public}d).", result); - return result; -} - -int32_t AccessTokenManagerProxy::GetPermissionsStatus(AccessTokenID tokenID, - std::vector& permListParcel) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed"); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(permListParcel.size())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - for (const auto& permission : permListParcel) { - if (!data.WriteParcelable(&permission)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed."); - return ERR_WRITE_PARCEL_FAILED; - } - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSIONS_STATUS, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - if (result != RET_SUCCESS) { - return result; - } - size_t size = reply.ReadUint32(); - if (size != permListParcel.size()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}zu) from server is not equal inputSize(%{public}zu)!", - size, permListParcel.size()); - return ERR_SIZE_NOT_EQUAL; - } - for (uint32_t i = 0; i < size; i++) { - sptr permissionReq = reply.ReadParcelable(); - if (permissionReq != nullptr) { - permListParcel[i].permsState.state = permissionReq->permsState.state; - } - } - return result; -} - -int AccessTokenManagerProxy::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) -{ - MessageParcel inData; - if (!inData.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!inData.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!inData.WriteString(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!inData.WriteUint32(flag)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GRANT_PERMISSION, inData, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -int AccessTokenManagerProxy::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteString(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(flag)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::REVOKE_PERMISSION, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -int AccessTokenManagerProxy::GrantPermissionForSpecifiedTime( - AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteString(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(onceTime)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GRANT_PERMISSION_FOR_SPECIFIEDTIME, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed."); - return ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (result=%{public}d).", result); - return result; -} - -int AccessTokenManagerProxy::ClearUserGrantedPermissionState(AccessTokenID tokenID) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::CLEAR_USER_GRANT_PERMISSION, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -int32_t AccessTokenManagerProxy::RegisterPermStateChangeCallback( - const PermStateChangeScopeParcel& scope, const sptr& callback) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteParcelable(&scope)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteRemoteObject(callback)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteRemoteObject failed."); - return ERR_WRITE_PARCEL_FAILED; - } - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::REGISTER_PERM_STATE_CHANGE_CALLBACK, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t ret; - if (!reply.ReadInt32(ret)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed."); - return ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", ret); - return ret; -} - -int32_t AccessTokenManagerProxy::UnRegisterPermStateChangeCallback(const sptr& callback) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteRemoteObject(callback)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteRemoteObject failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest( - AccessTokenInterfaceCode::UNREGISTER_PERM_STATE_CHANGE_CALLBACK, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed."); - return ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -int32_t AccessTokenManagerProxy::RegisterSelfPermStateChangeCallback( - const PermStateChangeScopeParcel& scope, const sptr& callback) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteParcelable(&scope)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteRemoteObject(callback)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteRemoteObject failed."); - return ERR_WRITE_PARCEL_FAILED; - } - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::REGISTER_SELF_PERM_STATE_CHANGE_CALLBACK, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t ret; - if (!reply.ReadInt32(ret)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed."); - return ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", ret); - return ret; -} - -int32_t AccessTokenManagerProxy::UnRegisterSelfPermStateChangeCallback(const sptr& callback) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteRemoteObject(callback)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteRemoteObject failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest( - AccessTokenInterfaceCode::UNREGISTER_SELF_PERM_STATE_CHANGE_CALLBACK, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed."); - return ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -AccessTokenIDEx AccessTokenManagerProxy::AllocHapToken( - const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) -{ - MessageParcel data; - AccessTokenIDEx res = { 0 }; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return res; - } - - if (!data.WriteParcelable(&hapInfo)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed."); - return res; - } - if (!data.WriteParcelable(&policyParcel)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed."); - return res; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::ALLOC_TOKEN_HAP, data, reply)) { - return res; - } - - unsigned long long result = reply.ReadUint64(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}llu).", result); - res.tokenIDEx = result; - return res; -} - -int32_t AccessTokenManagerProxy::InitHapToken(const HapInfoParcel& hapInfoParcel, HapPolicyParcel& policyParcel, - AccessTokenIDEx& fullTokenId, HapInfoCheckResult& resultInfo) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteParcelable(&hapInfoParcel)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteParcelable(&policyParcel)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::INIT_TOKEN_HAP, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - int32_t result = 0; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed."); - return ERR_READ_PARCEL_FAILED; - } - if (result == RET_SUCCESS) { - uint64_t tokenId = 0; - if (!reply.ReadUint64(tokenId)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadUint64 faild."); - return ERR_READ_PARCEL_FAILED; - } - fullTokenId.tokenIDEx = tokenId; - } else { - if (reply.GetDataSize() > reply.GetReadPosition()) { - IF_FALSE_RETURN_VALUE_LOG(LABEL, reply.ReadString(resultInfo.permCheckResult.permissionName), - ERR_READ_PARCEL_FAILED, "ReadString faild."); - - int32_t rule; - IF_FALSE_RETURN_VALUE_LOG(LABEL, reply.ReadInt32(rule), - ERR_READ_PARCEL_FAILED, "ReadString faild."); - resultInfo.permCheckResult.rule = static_cast(rule); - } - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, id=%{public}llu).", - result, fullTokenId.tokenIDEx); - return result; -} - -int AccessTokenManagerProxy::DeleteToken(AccessTokenID tokenID) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::TOKEN_DELETE, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, id=%{public}u).", result, tokenID); - return result; -} - -int AccessTokenManagerProxy::GetTokenType(AccessTokenID tokenID) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write tokenID"); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_TOKEN_TYPE, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int result = reply.ReadInt32(); - LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (type=%{public}d).", result); - return result; -} - -AccessTokenIDEx AccessTokenManagerProxy::GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex) -{ - AccessTokenIDEx tokenIdEx = {0}; - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return tokenIdEx; - } - - if (!data.WriteInt32(userID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write tokenID"); - return tokenIdEx; - } - if (!data.WriteString(bundleName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write dcap"); - return tokenIdEx; - } - if (!data.WriteInt32(instIndex)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write dcap"); - return tokenIdEx; - } - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_HAP_TOKEN_ID, data, reply)) { - return tokenIdEx; - } - - tokenIdEx.tokenIDEx = reply.ReadUint64(); - LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}llu).", tokenIdEx.tokenIDEx); - return tokenIdEx; -} - -AccessTokenID AccessTokenManagerProxy::AllocLocalTokenID( - const std::string& remoteDeviceID, AccessTokenID remoteTokenID) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return 0; - } - - if (!data.WriteString(remoteDeviceID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write dcap"); - return 0; - } - if (!data.WriteUint32(remoteTokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write dcap"); - return 0; - } - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::ALLOC_LOCAL_TOKEN_ID, data, reply)) { - return 0; - } - - AccessTokenID result = reply.ReadUint32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}d).", result); - return result; -} - -int AccessTokenManagerProxy::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_NATIVE_TOKENINFO, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - if (result != RET_SUCCESS) { - return result; - } - sptr resultSptr = reply.ReadParcelable(); - if (resultSptr == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable fail"); - return ERR_READ_PARCEL_FAILED; - } - nativeTokenInfoRes = *resultSptr; - return result; -} - -int32_t AccessTokenManagerProxy::GetTokenIDByUserID(int32_t userID, std::unordered_set& tokenIdList) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteInt32(userID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_TOKEN_ID_BY_USER_ID, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = 0; - if (!reply.ReadInt32(result)) { - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return ERR_READ_PARCEL_FAILED; - } - if (result != RET_SUCCESS) { - return result; - } - - uint32_t tokenIDListSize = 0; - if (!reply.ReadUint32(tokenIDListSize)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadUint32 failed."); - return ERR_READ_PARCEL_FAILED; - } - for (uint32_t i = 0; i < tokenIDListSize; i++) { - AccessTokenID tokenId = 0; - if (!reply.ReadUint32(tokenId)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadUint32 failed."); - return ERR_READ_PARCEL_FAILED; - } - tokenIdList.emplace(tokenId); - } - return result; -} - -int AccessTokenManagerProxy::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_HAP_TOKENINFO, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - if (result != RET_SUCCESS) { - return result; - } - sptr resultSptr = reply.ReadParcelable(); - if (resultSptr == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable failed."); - return ERR_READ_PARCEL_FAILED; - } - hapTokenInfoRes = *resultSptr; - return result; -} - -int32_t AccessTokenManagerProxy::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const HapPolicyParcel& policyParcel, HapInfoCheckResult& resultInfo) -{ - AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write tokenID failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteBool(info.isSystemApp)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write isSystemApp failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteString(info.appIDDesc)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write appIDDesc failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteInt32(info.apiVersion)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write apiVersion failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteString(info.appDistributionType)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write appDistributionType failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteParcelable(&policyParcel)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write policyParcel failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::UPDATE_HAP_TOKEN, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - int32_t result = reply.ReadInt32(); - tokenIdEx.tokenIdExStruct.tokenAttr = reply.ReadUint32(); - if (result != RET_SUCCESS && reply.GetDataSize() > reply.GetReadPosition()) { - IF_FALSE_RETURN_VALUE_LOG(LABEL, reply.ReadString(resultInfo.permCheckResult.permissionName), - ERR_READ_PARCEL_FAILED, "ReadString faild."); - - int32_t rule; - IF_FALSE_RETURN_VALUE_LOG(LABEL, reply.ReadInt32(rule), - ERR_READ_PARCEL_FAILED, "ReadString faild."); - resultInfo.permCheckResult.rule = static_cast(rule); - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -#ifndef ATM_BUILD_VARIANT_USER_ENABLE -int32_t AccessTokenManagerProxy::ReloadNativeTokenInfo() -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::RELOAD_NATIVE_TOKEN_INFO, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -#endif - -int AccessTokenManagerProxy::GetHapTokenInfoExtension(AccessTokenID tokenID, - HapTokenInfoParcel& hapTokenInfoRes, std::string& appID) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 fail"); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_HAP_TOKENINFO_EXT, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - if (result != RET_SUCCESS) { - return result; - } - sptr hapResult = reply.ReadParcelable(); - if (hapResult == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable fail."); - return ERR_READ_PARCEL_FAILED; - } - hapTokenInfoRes = *hapResult; - if (!reply.ReadString(appID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadString fail."); - return ERR_READ_PARCEL_FAILED; - } - - return result; -} - -AccessTokenID AccessTokenManagerProxy::GetNativeTokenId(const std::string& processName) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return INVALID_TOKENID; - } - - if (!data.WriteString(processName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed."); - return INVALID_TOKENID; - } - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_NATIVE_TOKEN_ID, data, reply)) { - return INVALID_TOKENID; - } - AccessTokenID id; - if (!reply.ReadUint32(id)) { - LOGI(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed."); - return INVALID_TOKENID; - } - LOGD(ATM_DOMAIN, ATM_TAG, "Result from server (process=%{public}s, id=%{public}d).", processName.c_str(), id); - return id; -} - -#ifdef TOKEN_SYNC_ENABLE -int AccessTokenManagerProxy::GetHapTokenInfoFromRemote(AccessTokenID tokenID, - HapTokenInfoForSyncParcel& hapSyncParcel) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_HAP_TOKEN_FROM_REMOTE, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - if (result != RET_SUCCESS) { - return result; - } - sptr hapResult = reply.ReadParcelable(); - if (hapResult == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable fail"); - return ERR_READ_PARCEL_FAILED; - } - hapSyncParcel = *hapResult; - return result; -} - -int AccessTokenManagerProxy::SetRemoteHapTokenInfo(const std::string& deviceID, - HapTokenInfoForSyncParcel& hapSyncParcel) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteString(deviceID)) { - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteParcelable(&hapSyncParcel)) { - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::SET_REMOTE_HAP_TOKEN_INFO, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -int AccessTokenManagerProxy::DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) -{ - MessageParcel data; - data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); - if (!data.WriteString(deviceID)) { - return ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteUint32(tokenID)) { - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::DELETE_REMOTE_TOKEN_INFO, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -AccessTokenID AccessTokenManagerProxy::GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return 0; - } - if (!data.WriteString(deviceID)) { - return 0; - } - - if (!data.WriteUint32(tokenID)) { - return 0; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_NATIVE_REMOTE_TOKEN, data, reply)) { - return 0; - } - - AccessTokenID id = reply.ReadUint32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}d).", id); - return id; -} - -int AccessTokenManagerProxy::DeleteRemoteDeviceTokens(const std::string& deviceID) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteString(deviceID)) { - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::DELETE_REMOTE_DEVICE_TOKEN, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -int32_t AccessTokenManagerProxy::RegisterTokenSyncCallback(const sptr& callback) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteRemoteObject(callback)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteRemoteObject failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest( - AccessTokenInterfaceCode::REGISTER_TOKEN_SYNC_CALLBACK, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed."); - return ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} - -int32_t AccessTokenManagerProxy::UnRegisterTokenSyncCallback() -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest( - AccessTokenInterfaceCode::UNREGISTER_TOKEN_SYNC_CALLBACK, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadInt32 failed."); - return ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - return result; -} -#endif - -void AccessTokenManagerProxy::DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return; - } - - if (!data.WriteParcelable(&infoParcel)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write infoParcel failed."); - return; - } - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::DUMP_TOKENINFO, data, reply)) { - return; - } - if (!reply.ReadString(dumpInfo)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadString failed."); - } -} - -int32_t AccessTokenManagerProxy::GetVersion(uint32_t& version) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_VERSION, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - if (result != RET_SUCCESS) { - return result; - } - if (!reply.ReadUint32(version)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadUint32 failed."); - return ERR_READ_PARCEL_FAILED; - } - return result; -} - -int32_t AccessTokenManagerProxy::SetPermDialogCap(const HapBaseInfoParcel& hapBaseInfo, bool enable) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteParcelable(&hapBaseInfo)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteBool(enable)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteBool failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::SET_PERM_DIALOG_CAPABILITY, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - return reply.ReadInt32(); -} - -void AccessTokenManagerProxy::GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSION_MANAGER_INFO, data, reply)) { - return; - } - - sptr parcel = reply.ReadParcelable(); - if (parcel == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadParcelable failed."); - return; - } - infoParcel = *parcel; -} - -int32_t AccessTokenManagerProxy::InitUserPolicy( - const std::vector& userList, const std::vector& permList) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - size_t userLen = userList.size(); - size_t permLen = permList.size(); - if ((userLen == 0) || (userLen > MAX_USER_POLICY_SIZE) || (permLen == 0) || (permLen > MAX_USER_POLICY_SIZE)) { - LOGE(ATM_DOMAIN, ATM_TAG, "UserLen %{public}zu or permLen %{public}zu is invalid", userLen, permLen); - return ERR_PARAM_INVALID; - } - - if (!data.WriteUint32(userLen)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write userLen size."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(permLen)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write permLen size."); - return ERR_WRITE_PARCEL_FAILED; - } - for (const auto& userInfo : userList) { - if (!data.WriteInt32(userInfo.userId)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write userId."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteBool(userInfo.isActive)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write isActive."); - return ERR_WRITE_PARCEL_FAILED; - } - } - for (const auto& permission : permList) { - if (!data.WriteString(permission)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write permission."); - return ERR_WRITE_PARCEL_FAILED; - } - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::INIT_USER_POLICY, data, reply)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read replay failed"); - return ERR_SERVICE_ABNORMAL; - } - int32_t result; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read Int32 failed"); - return AccessTokenError::ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t AccessTokenManagerProxy::ClearUserPolicy() -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::CLEAR_USER_POLICY, data, reply)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read replay failed"); - return ERR_SERVICE_ABNORMAL; - } - int32_t result; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read Int32 failed"); - return AccessTokenError::ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t AccessTokenManagerProxy::UpdateUserPolicy(const std::vector& userList) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - size_t userLen = userList.size(); - if ((userLen == 0) || (userLen > MAX_USER_POLICY_SIZE)) { - LOGE(ATM_DOMAIN, ATM_TAG, "UserLen %{public}zu is invalid.", userLen); - return ERR_PARAM_INVALID; - } - - if (!data.WriteUint32(userLen)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write userLen size."); - return ERR_WRITE_PARCEL_FAILED; - } - - for (const auto& userInfo : userList) { - if (!data.WriteInt32(userInfo.userId)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write userId."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteBool(userInfo.isActive)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write isActive."); - return ERR_WRITE_PARCEL_FAILED; - } - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::UPDATE_USER_POLICY, data, reply)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read replay failed"); - return ERR_SERVICE_ABNORMAL; - } - int32_t result; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read Int32 failed"); - return AccessTokenError::ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server data = %{public}d", result); - return result; -} - -int32_t AccessTokenManagerProxy::GetKernelPermissions( - AccessTokenID tokenID, std::vector& kernelPermList) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write tokenID."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_KERNEL_PERMISSIONS, data, reply)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read replay failed"); - return ERR_SERVICE_ABNORMAL; - } - int32_t result; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read result failed"); - return AccessTokenError::ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server data = %{public}d", result); - if (result != RET_SUCCESS) { - return result; - } - uint32_t size; - if (!reply.ReadUint32(size)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read size failed"); - return AccessTokenError::ERR_READ_PARCEL_FAILED; - } - if (size > MAX_EXTENDED_VALUE_LIST_SIZE) { - return AccessTokenError::ERR_OVERSIZE; - } - for (uint32_t i = 0; i < size; ++i) { - PermissionWithValue perm; - if (!reply.ReadString(perm.permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read permission name failed."); - return AccessTokenError::ERR_READ_PARCEL_FAILED; - } - if (!reply.ReadString(perm.value)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read value failed."); - return AccessTokenError::ERR_READ_PARCEL_FAILED; - } - if (perm.value == "true") { - perm.value.clear(); - } - kernelPermList.emplace_back(perm); - } - return RET_SUCCESS; -} - -int32_t AccessTokenManagerProxy::GetReqPermissionByName( - AccessTokenID tokenID, const std::string& permissionName, std::string& value) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "Write interface token failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write tokenID."); - return ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteString(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write tokenID."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_PERMISSION_BY_NAME, data, reply)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read replay failed"); - return ERR_SERVICE_ABNORMAL; - } - int32_t result; - if (!reply.ReadInt32(result)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read result failed"); - return AccessTokenError::ERR_READ_PARCEL_FAILED; - } - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server data = %{public}d", result); - if (result != RET_SUCCESS) { - return result; - } - if (!reply.ReadString(value)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read value failed"); - return AccessTokenError::ERR_READ_PARCEL_FAILED; - } - - return RET_SUCCESS; -} - -} // namespace AccessToken -} // namespace Security -} // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h deleted file mode 100644 index 99ff5740f..000000000 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h +++ /dev/null @@ -1,122 +0,0 @@ -/* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef ACCESSTOKEN_MANAGER_PROXY_H -#define ACCESSTOKEN_MANAGER_PROXY_H - -#include -#include - -#include "access_token.h" -#include "atm_tools_param_info_parcel.h" -#include "hap_info_parcel.h" -#include "hap_base_info_parcel.h" -#include "hap_policy_parcel.h" -#include "hap_token_info_parcel.h" -#include "hap_token_info_for_sync_parcel.h" -#include "i_accesstoken_manager.h" -#include "iremote_proxy.h" -#include "native_token_info_parcel.h" -#include "permission_def_parcel.h" -#include "permission_grant_info_parcel.h" -#include "permission_list_state_parcel.h" -#include "permission_status_parcel.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class AccessTokenManagerProxy : public IRemoteProxy { -public: - explicit AccessTokenManagerProxy(const sptr& impl); - ~AccessTokenManagerProxy() override; - - PermUsedTypeEnum GetPermissionUsedType( - AccessTokenID tokenID, const std::string& permissionName) override; - int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) override; - int VerifyAccessToken(AccessTokenID tokenID, - const std::vector& permissionList, std::vector& permStateList) override; - int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; - int GetReqPermissions( - AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; - int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) override; - int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, - int32_t userID) override; - int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, - int32_t userID) override; - int32_t RequestAppPermOnSetting(AccessTokenID tokenID) override; - int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) override; - int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) override; - int GrantPermissionForSpecifiedTime( - AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime) override; - PermissionOper GetSelfPermissionsState(std::vector& permListParcel, - PermissionGrantInfoParcel& infoParcel) override; - int32_t GetPermissionsStatus( - AccessTokenID tokenID, std::vector& permListParcel) override; - int ClearUserGrantedPermissionState(AccessTokenID tokenID) override; - int GetTokenType(AccessTokenID tokenID) override; - AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex) override; - AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) override; - AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) override; - int32_t InitHapToken(const HapInfoParcel& hapInfoParcel, HapPolicyParcel& policyParcel, - AccessTokenIDEx& fullTokenId, HapInfoCheckResult& resultInfo) override; - int DeleteToken(AccessTokenID tokenID) override; - int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const HapPolicyParcel& policyParcel, HapInfoCheckResult& resultInfo) override; - int32_t GetTokenIDByUserID(int32_t userID, std::unordered_set& tokenIdList) override; - int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) override; - int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) override; -#ifndef ATM_BUILD_VARIANT_USER_ENABLE - int32_t ReloadNativeTokenInfo() override; -#endif - int32_t RegisterPermStateChangeCallback(const PermStateChangeScopeParcel& scope, - const sptr& callback) override; - int32_t UnRegisterPermStateChangeCallback(const sptr& callback) override; - int32_t RegisterSelfPermStateChangeCallback(const PermStateChangeScopeParcel& scope, - const sptr& callback) override; - int32_t UnRegisterSelfPermStateChangeCallback(const sptr& callback) override; - AccessTokenID GetNativeTokenId(const std::string& processName) override; - int GetHapTokenInfoExtension(AccessTokenID tokenID, - HapTokenInfoParcel& hapTokenInfoRes, std::string& appID) override; - int32_t InitUserPolicy(const std::vector& userList, const std::vector& permList) override; - int32_t UpdateUserPolicy(const std::vector& userList) override; - int32_t ClearUserPolicy() override; - -#ifdef TOKEN_SYNC_ENABLE - int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override; - int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSyncParcel& hapSyncParcel) override; - int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) override; - AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) override; - int DeleteRemoteDeviceTokens(const std::string& deviceID) override; - int32_t RegisterTokenSyncCallback(const sptr& callback) override; - int32_t UnRegisterTokenSyncCallback() override; -#endif - - int32_t GetKernelPermissions( - AccessTokenID tokenId, std::vector& kernelPermList) override; - int32_t GetReqPermissionByName( - AccessTokenID tokenId, const std::string& permissionName, std::string& value) override; - int32_t SetPermDialogCap(const HapBaseInfoParcel& hapBaseInfo, bool enable) override; - void DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo) override; - int32_t GetVersion(uint32_t& version) override; - void GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) override; - -private: - bool SendRequest(AccessTokenInterfaceCode code, MessageParcel& data, MessageParcel& reply); - static inline BrokerDelegator delegator_; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // ACCESSTOKEN_MANAGER_PROXY_H diff --git a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn index 1727ef9f3..39bdcaf01 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn @@ -143,14 +143,16 @@ ohos_unittest("accesstoken_mock_test") { "${access_token_innerkit_path}/src/accesstoken_death_recipient.cpp", "${access_token_innerkit_path}/src/accesstoken_kit.cpp", "${access_token_innerkit_path}/src/accesstoken_manager_client.cpp", - "${access_token_innerkit_path}/src/accesstoken_manager_proxy.cpp", "${access_token_innerkit_path}/src/perm_state_change_callback_customize.cpp", "../mock/src/iservice_registry.cpp", "ProxyMockTest/accesstoken_mock_test.cpp", ] cflags_cc = [ "-DHILOG_ENABLE" ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", @@ -158,6 +160,7 @@ ohos_unittest("accesstoken_mock_test") { "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_proxy", ] external_deps = [ diff --git a/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp index 0a225086d..5e3274cab 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp @@ -19,7 +19,6 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" #include "hap_token_info.h" #include "nativetoken_kit.h" #include "permission_grant_info.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_hap_dlp_flag_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_hap_dlp_flag_test.cpp index 8800bdfa9..f55615cce 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_hap_dlp_flag_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_hap_dlp_flag_test.cpp @@ -21,7 +21,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp index e9eb03f38..5236a9c8e 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp @@ -21,7 +21,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp index 2174649a0..4a25e0bd3 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp @@ -21,7 +21,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp index 8e70c9307..cf2d74ba3 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp @@ -21,7 +21,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp index d8d286e83..75d8794af 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp @@ -20,7 +20,6 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" #include "nativetoken_kit.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp index a53385c71..cd31758cf 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp @@ -18,7 +18,7 @@ #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "nativetoken_kit.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp index 68281ff82..654954664 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp @@ -21,7 +21,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp index f91a41454..22156a78f 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp @@ -20,7 +20,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp index b6b81fb80..85bc3e63f 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp @@ -20,7 +20,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp index 8ce8e5dd8..6f1c99888 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp @@ -20,7 +20,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "nativetoken_kit.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" @@ -855,12 +855,12 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest011, TestSize.Level1) policyParams.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue; ret = AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId); ASSERT_EQ(RET_SUCCESS, ret); + AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID; testValue.push_back('1'); policyParams.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue; ret = AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId); ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret); - AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID; ret = AccessTokenKit::DeleteToken(tokenID); EXPECT_EQ(RET_SUCCESS, ret); diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp index 54ff953ba..ab697988f 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp @@ -20,7 +20,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "nativetoken_kit.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp index de1cf2d96..abcfeb50a 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp @@ -21,7 +21,6 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/clear_user_granted__permission_state_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/clear_user_granted__permission_state_test.cpp index 636cbcb42..bc84fa973 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/clear_user_granted__permission_state_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/clear_user_granted__permission_state_test.cpp @@ -20,7 +20,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "test_common.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp index a7c19f175..78a607366 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp @@ -20,7 +20,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp index 6cf38323b..7676a7f0b 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp @@ -20,7 +20,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp index bb24a2e78..3e3c794eb 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/revoke_permission_test.cpp @@ -20,7 +20,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp index 262d7ca2d..2bf298ec3 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp @@ -20,7 +20,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp index c58a3429a..d7c7d250d 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp @@ -19,7 +19,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "hap_token_info.h" #include "nativetoken_kit.h" #include "permission_grant_info.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp index 0331e7b96..d56b32c8a 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp @@ -19,7 +19,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "hap_token_info.h" #include "nativetoken_kit.h" #include "permission_grant_info.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp index 83424dac6..5f7ff2fba 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp @@ -21,7 +21,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp index 2f910f59b..5c945a183 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp @@ -21,7 +21,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp index ada8b705a..9ad51d8f1 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp @@ -21,7 +21,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "permission_grant_info.h" #include "permission_state_change_info_parcel.h" #include "string_ex.h" diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_version_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_version_test.cpp index eb6c1343d..c0b9c2d5d 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_version_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_version_test.cpp @@ -19,7 +19,7 @@ #include "access_token.h" #include "access_token_error.h" #include "accesstoken_common_log.h" -#include "accesstoken_service_ipc_interface_code.h" +#include "iaccess_token_manager.h" #include "hap_token_info.h" #include "nativetoken_kit.h" #include "permission_grant_info.h" diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index 9fa2fc93c..6ef246714 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2021-2024 Huawei Device Co., Ltd. +# Copyright (c) 2021-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -91,7 +91,6 @@ if (is_standard_system) { "main/cpp/src/permission/short_grant_manager.cpp", "main/cpp/src/permission/temp_permission_observer.cpp", "main/cpp/src/service/accesstoken_manager_service.cpp", - "main/cpp/src/service/accesstoken_manager_stub.cpp", "main/cpp/src/token/accesstoken_id_manager.cpp", "main/cpp/src/token/accesstoken_info_manager.cpp", "main/cpp/src/token/hap_token_info_inner.cpp", @@ -105,6 +104,7 @@ if (is_standard_system) { configs = [ "${access_token_path}/config:access_token_compile_flags", "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", ] if (dlp_permission_enable == true) { @@ -125,6 +125,7 @@ if (is_standard_system) { "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc", "${access_token_path}/services/accesstokenmanager:access_token.rc", "${access_token_path}/services/accesstokenmanager:permission_definition_config", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", "${access_token_path}/services/common:accesstoken_service_common", ] diff --git a/services/accesstokenmanager/idl/BUILD.gn b/services/accesstokenmanager/idl/BUILD.gn new file mode 100644 index 000000000..1b08e66a7 --- /dev/null +++ b/services/accesstokenmanager/idl/BUILD.gn @@ -0,0 +1,125 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/components/idl_tool/idl.gni") +import("//build/ohos.gni") +import("../../../access_token.gni") + +idl_gen_interface("access_token_manager_interface") { + sources = [ "IAccessTokenManager.idl" ] + sources_common = [ "IdlCommon.idl" ] + log_domainid = "0xD005A01" + log_tag = "ATM" + subsystem_name = "security" + part_name = "access_token" +} + +config("access_token_manager_gen_config") { + include_dirs = [ "${target_gen_dir}" ] +} + +ohos_source_set("access_token_manager_proxy") { + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + + cflags_cc = [] + if (build_variant == "user") { + cflags_cc += [ "-DATM_BUILD_VARIANT_USER_ENABLE" ] + } + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + } + + output_values = get_target_outputs(":access_token_manager_interface") + + include_dirs = [ + "${access_token_path}/frameworks/accesstoken/include", + "${access_token_path}/frameworks/common/include", + "src", + ] + + sources = filter_include(output_values, + [ + "*_proxy.cpp", + "*idl_common.cpp", + ]) + + deps = [ + ":access_token_manager_interface", + "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", + "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", + ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + "init:libbegetutil", + "ipc:ipc_single", + "samgr:samgr_proxy", + ] + + subsystem_name = "security" + part_name = "access_token" +} + +ohos_source_set("access_token_manager_stub") { + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + + cflags_cc = [] + if (build_variant == "user") { + cflags_cc += [ "-DATM_BUILD_VARIANT_USER_ENABLE" ] + } + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + } + + output_values = get_target_outputs(":access_token_manager_interface") + + include_dirs = [ + "${access_token_path}/frameworks/accesstoken/include", + "${access_token_path}/frameworks/common/include", + "src", + ] + + sources = filter_include(output_values, + [ + "*_stub.cpp", + "*idl_common.cpp", + ]) + + deps = [ + ":access_token_manager_interface", + "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", + "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", + ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + "init:libbegetutil", + "ipc:ipc_single", + "samgr:samgr_proxy", + ] + + subsystem_name = "security" + part_name = "access_token" +} diff --git a/services/accesstokenmanager/idl/IAccessTokenManager.idl b/services/accesstokenmanager/idl/IAccessTokenManager.idl new file mode 100644 index 000000000..31da0d225 --- /dev/null +++ b/services/accesstokenmanager/idl/IAccessTokenManager.idl @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package OHOS.Security.AccessToken; +sequenceable OHOS.Security.AccessToken.PermissionDefParcel; +sequenceable OHOS.Security.AccessToken.PermissionStatusParcel; +sequenceable OHOS.Security.AccessToken.PermissionListStateParcel; +sequenceable OHOS.Security.AccessToken.PermissionGrantInfoParcel; +sequenceable OHOS.Security.AccessToken.HapInfoParcel; +sequenceable OHOS.Security.AccessToken.HapPolicyParcel; +sequenceable OHOS.Security.AccessToken.NativeTokenInfoParcel; +sequenceable OHOS.Security.AccessToken.HapTokenInfoParcel; +sequenceable OHOS.Security.AccessToken.PermStateChangeScopeParcel; +sequenceable OHOS.IRemoteObject; +sequenceable OHOS.Security.AccessToken.HapTokenInfoForSyncParcel; +sequenceable OHOS.Security.AccessToken.HapBaseInfoParcel; +sequenceable OHOS.Security.AccessToken.AtmToolsParamInfoParcel; + +import IdlCommon; + +option_stub_hooks on; + +interface OHOS.Security.AccessToken.IAccessTokenManager{ + [ipccode 1] void VerifyAccessToken([in] unsigned int tokenID, [in] String permissionName); + [ipccode 2] void GetDefPermission([in] String permissionName, [out] PermissionDefParcel permissionDefResult); + [ipccode 3] void GetReqPermissions([in] unsigned int tokenID, [out] List reqPermList, [in] boolean isSystemGrant); + [ipccode 4] void GetPermissionFlag([in] unsigned int tokenID, [in] String permissionName, [out] unsigned int flag); + [ipccode 5] void GrantPermission([in] unsigned int tokenID, [in] String permissionName, [in] unsigned int flag); + [ipccode 6] void RevokePermission([in] unsigned int tokenID, [in] String permissionName, [in] unsigned int flag); + [ipccode 7] void ClearUserGrantedPermissionState([in] unsigned int tokenID); + [ipccode 8] void AllocHapToken([in] HapInfoParcel hapInfo, [in] HapPolicyParcel policyParcel, [out] unsigned long fullTokenId); + [ipccode 9] void DeleteToken([in] unsigned int tokenID); + [ipccode 10] void InitHapToken([in] HapInfoParcel info, [in] HapPolicyParcel policy, [out] unsigned long fullTokenId, [out] HapInfoCheckResultIdl resultInfoIdl); + [ipccode 11] void SetPermissionRequestToggleStatus([in] String permissionName, [in] unsigned int status, [in] int userID); + [ipccode 12] void GetPermissionRequestToggleStatus([in] String permissionName, [out] unsigned int status, [in] int userID); + [ipccode 13] void GrantPermissionForSpecifiedTime([in] unsigned int tokenID, [in] String permissionName, [in] unsigned int onceTime); + [ipccode 14] void RequestAppPermOnSetting([in] unsigned int tokenID); + [ipccode 16] void GetTokenType([in] unsigned int tokenID, [out] int tokenType); + + [ipccode 18] void GetHapTokenID([in] int userID, [in] String bundleName, [in] int instIndex, [out] unsigned long fullTokenId); + [ipccode 19] void AllocLocalTokenID([in] String remoteDeviceID, [in] unsigned int remoteTokenID, [out] unsigned int tokenId); + [ipccode 20] void GetNativeTokenInfo([in] unsigned int tokenID, [out] NativeTokenInfoParcel nativeTokenInfoRes); + [ipccode 21] void GetHapTokenInfo([in] unsigned int tokenID, [out] HapTokenInfoParcel hapTokenInfoRes); + [ipccode 22] void UpdateHapToken([inout] unsigned long fullTokenId, [in] UpdateHapInfoParamsIdl infoIdl, [in] HapPolicyParcel policyParcel, [out] HapInfoCheckResultIdl resultInfoIdl); + [ipccode 23] void GetTokenIDByUserID([in] int userID, [out] List tokenIdList); + [macrodef TOKEN_SYNC_ENABLE, ipccode 32] void GetHapTokenInfoFromRemote([in] unsigned int tokenID, [out] HapTokenInfoForSyncParcel hapSyncParcel); + + [macrodef TOKEN_SYNC_ENABLE, ipccode 34] void SetRemoteHapTokenInfo([in] String deviceID, [in] HapTokenInfoForSyncParcel hapSyncParcel); + + [macrodef TOKEN_SYNC_ENABLE, ipccode 36] void DeleteRemoteToken([in] String deviceID, [in] unsigned int tokenID); + [macrodef TOKEN_SYNC_ENABLE, ipccode 37] void DeleteRemoteDeviceTokens([in] String deviceID); + [macrodef TOKEN_SYNC_ENABLE, ipccode 38] void GetRemoteNativeTokenID([in] String deviceID, [in] unsigned int tokenID, [out] unsigned int tokenId); + [macrodef TOKEN_SYNC_ENABLE, ipccode 39] void RegisterTokenSyncCallback([in] IRemoteObject cb); + [macrodef TOKEN_SYNC_ENABLE, ipccode 40] void UnRegisterTokenSyncCallback(); + [ipccode 48, ipcoutcapacity 2000] void DumpTokenInfo([in] AtmToolsParamInfoParcel infoParcel, [out] String tokenInfo); + [ipccode 49] void GetSelfPermissionsState([inout] List permListParcel, [out] PermissionGrantInfoParcel infoParcel, [out] int permOper); + [ipccode 50] void GetPermissionsStatus([in] unsigned int tokenID, [inout] ListpermListParcel); + [ipccode 51] void RegisterPermStateChangeCallback([in] PermStateChangeScopeParcel scope, [in] IRemoteObject cb); + [ipccode 52] void UnRegisterPermStateChangeCallback([in] IRemoteObject cb); + [ipccode 53, macrondef ATM_BUILD_VARIANT_USER_ENABLE] void ReloadNativeTokenInfo(); + [ipccode 54] void GetNativeTokenId([in] String processName, [out] unsigned int tokenID); + [ipccode 55] void SetPermDialogCap([in] HapBaseInfoParcel hapBaseInfoParcel, [in] boolean enable); + [ipccode 56] void GetPermissionUsedType([in] unsigned int tokenID, [in] String permissionName, [out] int permUsedType); + + [ipccode 58] void GetVersion([out] unsigned int version); + [ipccode 59] void GetPermissionManagerInfo([out] PermissionGrantInfoParcel infoParcel); + + [ipccode 61] void InitUserPolicy([in] List userIdlList, [in] List permList); + [ipccode 62] void UpdateUserPolicy([in] List userIdlList); + [ipccode 63] void ClearUserPolicy(); + [ipccode 64] void GetHapTokenInfoExtension([in] unsigned int tokenID, [out] HapTokenInfoParcel hapTokenInfoRes, [out] String appID); + [ipccode 65] void RegisterSelfPermStateChangeCallback([in] PermStateChangeScopeParcel scope, [in] IRemoteObject cb); + [ipccode 66] void UnRegisterSelfPermStateChangeCallback([in] IRemoteObject cb); + [ipccode 67] void GetKernelPermissions([in] unsigned int tokenId, [out] List kernelPermIdlList); + [ipccode 68] void GetReqPermissionByName([in] unsigned int tokenId, [in] String permissionName, [out] String value); + [ipccode 80] void VerifyAccessToken([in] unsigned int tokenID, [in] List permissionList, [out] List permStateList); +} \ No newline at end of file diff --git a/services/accesstokenmanager/idl/IdlCommon.idl b/services/accesstokenmanager/idl/IdlCommon.idl new file mode 100644 index 000000000..a95766a4e --- /dev/null +++ b/services/accesstokenmanager/idl/IdlCommon.idl @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package OHOS.Security.AccessToken; + +struct UserStateIdl { + /** user id */ + int userId; + /** active status */ + boolean isActive; +}; + +struct PermissionWithValueIdl { + String permissionName; + String value; +}; + +struct UpdateHapInfoParamsIdl { + String appIDDesc; + /** which version of the SDK is used to develop the hap */ + int apiVersion; + /** indicates whether the hap is a system app */ + boolean isSystemApp; + /* app type */ + String appDistributionType; +}; + +enum PermissionRulesEnumIdl { + PERMISSION_EDM_RULE = 0, + PERMISSION_ACL_RULE +}; + +struct HapInfoCheckResultIdl { + String permissionName; + PermissionRulesEnumIdl rule; + int realResult +}; \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index befb3df1b..c90a9a26b 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -18,8 +18,9 @@ #include #include +#include -#include "accesstoken_manager_stub.h" +#include "access_token_manager_stub.h" #ifdef EVENTHANDLER_ENABLE #include "access_event_handler.h" #endif @@ -45,19 +46,19 @@ public: void OnAddSystemAbility(int32_t systemAbilityId, const std::string& deviceId) override; void OnRemoveSystemAbility(int32_t systemAbilityId, const std::string& deviceId) override; - AccessTokenIDEx AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy) override; - PermUsedTypeEnum GetPermissionUsedType( - AccessTokenID tokenID, const std::string& permissionName) override; - int32_t InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy, - AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) override; + int32_t AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy, uint64_t& fullTokenId) override; + int32_t GetPermissionUsedType( + AccessTokenID tokenID, const std::string& permissionName, int32_t& permUsedType) override; + int32_t InitHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy, + uint64_t& fullTokenId, HapInfoCheckResultIdl& resultInfoIdl) override; int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) override; int VerifyAccessToken(AccessTokenID tokenID, const std::vector& permissionList, std::vector& permStateList) override; int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; int GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; - PermissionOper GetSelfPermissionsState(std::vector& reqPermList, - PermissionGrantInfoParcel& infoParcel) override; + int32_t GetSelfPermissionsState(std::vector& reqPermList, + PermissionGrantInfoParcel& infoParcel, int32_t& permOper) override; int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector& reqPermList) override; int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) override; int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, @@ -71,14 +72,17 @@ public: AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime) override; int ClearUserGrantedPermissionState(AccessTokenID tokenID) override; int DeleteToken(AccessTokenID tokenID) override; - int GetTokenType(AccessTokenID tokenID) override; - AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex) override; - AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) override; + int GetTokenType(AccessTokenID tokenID); + int GetTokenType(AccessTokenID tokenID, int32_t& tokenType) override; + int32_t GetHapTokenID( + int32_t userID, const std::string& bundleName, int32_t instIndex, uint64_t& fullTokenId) override; + int32_t AllocLocalTokenID( + const std::string& remoteDeviceID, AccessTokenID remoteTokenID, AccessTokenID& tokenId) override; int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& infoParcel) override; - int32_t GetTokenIDByUserID(int32_t userID, std::unordered_set& tokenIdList) override; + int32_t GetTokenIDByUserID(int32_t userID, std::vector& tokenIds) override; int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& infoParcel) override; - int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const HapPolicyParcel& policyParcel, HapInfoCheckResult& result) override; + int32_t UpdateHapToken(uint64_t& fullTokenId, const UpdateHapInfoParamsIdl& infoIdl, + const HapPolicyParcel& policyParcel, HapInfoCheckResultIdl& resultInfoIdl) override; int32_t RegisterPermStateChangeCallback( const PermStateChangeScopeParcel& scope, const sptr& callback) override; int32_t UnRegisterPermStateChangeCallback(const sptr& callback) override; @@ -90,30 +94,34 @@ public: #endif int GetHapTokenInfoExtension(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes, std::string& appID) override; - AccessTokenID GetNativeTokenId(const std::string& processName) override; + int32_t GetNativeTokenId(const std::string& processName, AccessTokenID& tokenID) override; #ifdef TOKEN_SYNC_ENABLE int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override; - int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSyncParcel& hapSyncParcel) override; + int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSyncParcel& hapSyncParcel) override; int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) override; - AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) override; + int32_t GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID, AccessTokenID& tokenId) override; int DeleteRemoteDeviceTokens(const std::string& deviceID) override; int32_t RegisterTokenSyncCallback(const sptr& callback) override; int32_t UnRegisterTokenSyncCallback() override; #endif int32_t GetKernelPermissions( - AccessTokenID tokenId, std::vector& kernelPermList) override; + AccessTokenID tokenId, std::vector& kernelPermIdlList) override; int32_t GetReqPermissionByName( AccessTokenID tokenId, const std::string& permissionName, std::string& value) override; int SetPermDialogCap(const HapBaseInfoParcel& hapBaseInfoParcel, bool enable) override; - void GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) override; - int32_t InitUserPolicy(const std::vector& userList, const std::vector& permList) override; - int32_t UpdateUserPolicy(const std::vector& userList) override; + int32_t GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) override; + int32_t InitUserPolicy( + const std::vector& userIdlList, const std::vector& permList) override; + int32_t UpdateUserPolicy(const std::vector& userIdlList) override; int32_t ClearUserPolicy() override; - void DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo) override; + int32_t DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo) override; int32_t GetVersion(uint32_t& version) override; int Dump(int fd, const std::vector& args) override; + int32_t CallbackEnter(uint32_t code) override; + int32_t CallbackExit(uint32_t code, int32_t result) override; + private: void GetValidConfigFilePathList(std::vector& pathList); bool GetConfigGrantValueFromFile(std::string& fileContent); @@ -128,6 +136,18 @@ private: std::string permStateAbilityName_; std::string globalSwitchAbilityName_; std::string applicationSettingAbilityName_; + + bool IsPrivilegedCalling() const; + bool IsAccessTokenCalling(); + bool IsNativeProcessCalling(); + bool IsSystemAppCalling() const; + bool IsShellProcessCalling(); +#ifndef ATM_BUILD_VARIANT_USER_ENABLE + static const int32_t ROOT_UID = 0; +#endif + static const int32_t ACCESSTOKEN_UID = 3020; + + AccessTokenID tokenSyncId_ = 0; }; } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h deleted file mode 100644 index 03647a2e5..000000000 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef ACCESSTOKEN_MANAGER_STUB_H -#define ACCESSTOKEN_MANAGER_STUB_H - -#include - -#include "i_accesstoken_manager.h" - -#include "iremote_stub.h" -#include "nocopyable.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class AccessTokenManagerStub : public IRemoteStub { -public: - AccessTokenManagerStub(); - virtual ~AccessTokenManagerStub(); - - int OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& options) override; - -private: - void GetPermissionUsedTypeInner(MessageParcel& data, MessageParcel& reply); - void VerifyAccessTokenInner(MessageParcel& data, MessageParcel& reply); - void VerifyAccessTokenWithListInner(MessageParcel& data, MessageParcel& reply); - void GetDefPermissionInner(MessageParcel& data, MessageParcel& reply); - void GetReqPermissionsInner(MessageParcel& data, MessageParcel& reply); - void GetSelfPermissionsStateInner(MessageParcel& data, MessageParcel& reply); - void GetPermissionsStatusInner(MessageParcel& data, MessageParcel& reply); - void GetPermissionFlagInner(MessageParcel& data, MessageParcel& reply); - void SetPermissionRequestToggleStatusInner(MessageParcel& data, MessageParcel& reply); - void GetPermissionRequestToggleStatusInner(MessageParcel& data, MessageParcel& reply); - void RequestAppPermOnSettingInner(MessageParcel& data, MessageParcel& reply); - void GrantPermissionInner(MessageParcel& data, MessageParcel& reply); - void RevokePermissionInner(MessageParcel& data, MessageParcel& reply); - void GrantPermissionForSpecifiedTimeInner(MessageParcel& data, MessageParcel& reply); - void ClearUserGrantedPermissionStateInner(MessageParcel& data, MessageParcel& reply); - void AllocHapTokenInner(MessageParcel& data, MessageParcel& reply); - void InitHapTokenInner(MessageParcel& data, MessageParcel& reply); - void DeleteTokenInfoInner(MessageParcel& data, MessageParcel& reply); - void UpdateHapTokenInner(MessageParcel& data, MessageParcel& reply); - void GetTokenIDByUserIDInner(MessageParcel& data, MessageParcel& reply); - void GetHapTokenInfoInner(MessageParcel& data, MessageParcel& reply); - void GetNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply); - void AllocLocalTokenIDInner(MessageParcel& data, MessageParcel& reply); - void GetHapTokenIDInner(MessageParcel& data, MessageParcel& reply); - void GetTokenTypeInner(MessageParcel& data, MessageParcel& reply); - void RegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply); - void UnRegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply); - void RegisterSelfPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply); - void UnRegisterSelfPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply); -#ifndef ATM_BUILD_VARIANT_USER_ENABLE - void ReloadNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply); - void DumpPermDefInfoInner(MessageParcel& data, MessageParcel& reply); -#endif - void GetHapTokenInfoExtensionInner(MessageParcel& data, MessageParcel& reply); - void GetNativeTokenIdInner(MessageParcel& data, MessageParcel& reply); - -#ifdef TOKEN_SYNC_ENABLE - void GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply); - void SetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply); - void DeleteRemoteTokenInner(MessageParcel& data, MessageParcel& reply); - void DeleteRemoteDeviceTokensInner(MessageParcel& data, MessageParcel& reply); - void GetRemoteNativeTokenIDInner(MessageParcel& data, MessageParcel& reply); - void RegisterTokenSyncCallbackInner(MessageParcel& data, MessageParcel& reply); - void UnRegisterTokenSyncCallbackInner(MessageParcel& data, MessageParcel& reply); - void SetTokenSyncFuncInMap(); -#endif - void SetPermissionOpFuncInMap(); - void SetLocalTokenOpFuncInMap(); - void DumpTokenInfoInner(MessageParcel& data, MessageParcel& reply); - void GetVersionInner(MessageParcel& data, MessageParcel& reply); - void SetPermDialogCapInner(MessageParcel& data, MessageParcel& reply); - void GetPermissionManagerInfoInner(MessageParcel& data, MessageParcel& reply); - void InitUserPolicyInner(MessageParcel& data, MessageParcel& reply); - void UpdateUserPolicyInner(MessageParcel& data, MessageParcel& reply); - void ClearUserPolicyInner(MessageParcel& data, MessageParcel& reply); - void GetReqPermissionByNameInner(MessageParcel& data, MessageParcel& reply); - void GetKernelPermissionsInner(MessageParcel& data, MessageParcel& reply); - - bool IsPrivilegedCalling() const; - bool IsAccessTokenCalling(); - bool IsNativeProcessCalling(); - bool IsSystemAppCalling() const; - bool IsShellProcessCalling(); -#ifndef ATM_BUILD_VARIANT_USER_ENABLE - static const int32_t ROOT_UID = 0; -#endif - static const int32_t ACCESSTOKEN_UID = 3020; - - AccessTokenID tokenSyncId_ = 0; - - using RequestFuncType = void (AccessTokenManagerStub::*)(MessageParcel &data, MessageParcel &reply); - std::map requestFuncMap_; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // ACCESSTOKEN_MANAGER_STUB_H diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index ff56b39dd..353ad782c 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -18,12 +18,12 @@ #include #include "access_token.h" -#include "access_token_error.h" #include "access_token_db.h" +#include "access_token_error.h" +#include "accesstoken_common_log.h" #include "accesstoken_dfx_define.h" #include "accesstoken_id_manager.h" #include "accesstoken_info_manager.h" -#include "accesstoken_common_log.h" #include "constant_common.h" #include "data_validator.h" #include "hap_token_info.h" @@ -49,6 +49,10 @@ #ifdef TOKEN_SYNC_ENABLE #include "token_modify_notifier.h" #endif // TOKEN_SYNC_ENABLE +#include "tokenid_kit.h" +#ifdef HICOLLIE_ENABLE +#include "xcollie/xcollie.h" +#endif // HICOLLIE_ENABLE namespace OHOS { namespace Security { @@ -63,6 +67,22 @@ const char* PERMISSION_STATE_SHEET_ABILITY_NAME = "com.ohos.permissionmanager.Pe const char* GLOBAL_SWITCH_SHEET_ABILITY_NAME = "com.ohos.permissionmanager.GlobalSwitchSheetAbility"; const char* APPLICATION_SETTING_ABILITY_NAME = "com.ohos.permissionmanager.MainAbility"; const char* DEVELOPER_MODE_STATE = "const.security.developermode.state"; + +const std::string MANAGE_HAP_TOKENID_PERMISSION = "ohos.permission.MANAGE_HAP_TOKENID"; +static constexpr int MAX_PERMISSION_SIZE = 1000; +static constexpr int32_t MAX_USER_POLICY_SIZE = 1024; +const std::string GRANT_SENSITIVE_PERMISSIONS = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS"; +const std::string REVOKE_SENSITIVE_PERMISSIONS = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"; +const std::string GET_SENSITIVE_PERMISSIONS = "ohos.permission.GET_SENSITIVE_PERMISSIONS"; +const std::string DISABLE_PERMISSION_DIALOG = "ohos.permission.DISABLE_PERMISSION_DIALOG"; +const std::string GRANT_SHORT_TERM_WRITE_MEDIAVIDEO = "ohos.permission.GRANT_SHORT_TERM_WRITE_MEDIAVIDEO"; + +static constexpr int32_t SA_ID_ACCESSTOKEN_MANAGER_SERVICE = 3503; + +#ifdef HICOLLIE_ENABLE +constexpr uint32_t TIMEOUT = 40; // 40s +thread_local int32_t g_timerId = 0; +#endif // HICOLLIE_ENABLE } const bool REGISTER_RESULT = @@ -128,11 +148,18 @@ void AccessTokenManagerService::OnRemoveSystemAbility(int32_t systemAbilityId, c } } -PermUsedTypeEnum AccessTokenManagerService::GetPermissionUsedType( - AccessTokenID tokenID, const std::string& permissionName) +int32_t AccessTokenManagerService::GetPermissionUsedType( + AccessTokenID tokenID, const std::string& permissionName, int32_t& permUsedType) { LOGI(ATM_DOMAIN, ATM_TAG, "TokenID=%{public}d, permission=%{public}s", tokenID, permissionName.c_str()); - return PermissionManager::GetInstance().GetPermissionUsedType(tokenID, permissionName); + if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + permUsedType = static_cast(PermUsedTypeEnum::INVALID_USED_TYPE); + return permUsedType; + } + permUsedType = static_cast( + PermissionManager::GetInstance().GetPermissionUsedType(tokenID, permissionName)); + return ERR_OK; } int AccessTokenManagerService::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) @@ -210,6 +237,16 @@ int AccessTokenManagerService::GetDefPermission( int AccessTokenManagerService::GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { + AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } + if (!IsPrivilegedCalling() && + VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + std::vector permList; int ret = PermissionManager::GetInstance().GetReqPermissions(tokenID, permList, isSystemGrant); @@ -221,19 +258,41 @@ int AccessTokenManagerService::GetReqPermissions( return ret; } -PermissionOper AccessTokenManagerService::GetSelfPermissionsState(std::vector& reqPermList, - PermissionGrantInfoParcel& infoParcel) +int32_t AccessTokenManagerService::GetSelfPermissionsState(std::vector& reqPermList, + PermissionGrantInfoParcel& infoParcel, int32_t& permOper) { + uint32_t size = reqPermList.size(); + if (size > MAX_PERMISSION_SIZE) { + LOGE(ATM_DOMAIN, ATM_TAG, "PermList size %{public}d is invalid", size); + return INVALID_OPER; + } infoParcel.info.grantBundleName = grantBundleName_; infoParcel.info.grantAbilityName = grantAbilityName_; infoParcel.info.grantServiceAbilityName = grantServiceAbilityName_; AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); - return GetPermissionsState(callingTokenID, reqPermList); + permOper = GetPermissionsState(callingTokenID, reqPermList); + return ERR_OK; } int32_t AccessTokenManagerService::GetPermissionsStatus(AccessTokenID tokenID, std::vector& reqPermList) { + AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } + if (!IsPrivilegedCalling() && + VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + + uint32_t size = reqPermList.size(); + if (size > MAX_PERMISSION_SIZE) { + LOGE(ATM_DOMAIN, ATM_TAG, "PermList size %{public}d is invalid", size); + return INVALID_OPER; + } + if (!AccessTokenInfoManager::GetInstance().IsTokenIdExist(tokenID)) { LOGE(ATM_DOMAIN, ATM_TAG, "TokenID=%{public}d does not exist", tokenID); return ERR_TOKENID_NOT_EXIST; @@ -314,23 +373,64 @@ PermissionOper AccessTokenManagerService::GetPermissionsState(AccessTokenID toke int AccessTokenManagerService::GetPermissionFlag( AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) { + AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } + + if (!IsPrivilegedCalling() && + VerifyAccessToken(callingTokenID, GRANT_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED && + VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED && + VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } return PermissionManager::GetInstance().GetPermissionFlag(tokenID, permissionName, flag); } int32_t AccessTokenManagerService::SetPermissionRequestToggleStatus( const std::string& permissionName, uint32_t status, int32_t userID = 0) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } + + if (!IsPrivilegedCalling() && VerifyAccessToken(callingTokenID, DISABLE_PERMISSION_DIALOG) == PERMISSION_DENIED) { + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", + HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, "CALLER_TOKENID", + callingTokenID, "PERMISSION_NAME", permissionName, "INTERFACE", "SetToggleStatus"); + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } return AccessTokenInfoManager::GetInstance().SetPermissionRequestToggleStatus(permissionName, status, userID); } int32_t AccessTokenManagerService::GetPermissionRequestToggleStatus( const std::string& permissionName, uint32_t& status, int32_t userID = 0) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } + + if (!IsShellProcessCalling() && !IsPrivilegedCalling() && + VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", + HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, "CALLER_TOKENID", + callingTokenID, "PERMISSION_NAME", permissionName, "INTERFACE", "GetToggleStatus"); + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } return AccessTokenInfoManager::GetInstance().GetPermissionRequestToggleStatus(permissionName, status, userID); } int32_t AccessTokenManagerService::RequestAppPermOnSetting(AccessTokenID tokenID) { + if (!IsSystemAppCalling()) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } + HapTokenInfo hapInfo; int32_t ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapInfo); if (ret != ERR_OK) { @@ -343,18 +443,59 @@ int32_t AccessTokenManagerService::RequestAppPermOnSetting(AccessTokenID tokenID int AccessTokenManagerService::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) { + AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } + + if (!IsPrivilegedCalling() && + VerifyAccessToken(callingTokenID, GRANT_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", + HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, + "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName); + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + int32_t ret = PermissionManager::GetInstance().GrantPermission(tokenID, permissionName, flag); return ret; } int AccessTokenManagerService::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) { + AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } + + if (!IsPrivilegedCalling() && + VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", + HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, + "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName); + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } return PermissionManager::GetInstance().RevokePermission(tokenID, permissionName, flag); } int AccessTokenManagerService::GrantPermissionForSpecifiedTime( AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime) { + AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } + + if (!IsPrivilegedCalling() && + VerifyAccessToken(callingTokenID, GRANT_SHORT_TERM_WRITE_MEDIAVIDEO) == PERMISSION_DENIED) { + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", + HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, + "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName); + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + int32_t ret = PermissionManager::GetInstance().GrantPermissionForSpecifiedTime(tokenID, permissionName, onceTime); return ret; } @@ -362,6 +503,16 @@ int AccessTokenManagerService::GrantPermissionForSpecifiedTime( int AccessTokenManagerService::ClearUserGrantedPermissionState(AccessTokenID tokenID) { LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID); + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if (!IsPrivilegedCalling() && + VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", + HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, + "CALLER_TOKENID", callingTokenID); + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + AccessTokenInfoManager::GetInstance().ClearUserGrantedPermissionState(tokenID); AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenID, false); return RET_SUCCESS; @@ -370,48 +521,119 @@ int AccessTokenManagerService::ClearUserGrantedPermissionState(AccessTokenID tok int32_t AccessTokenManagerService::RegisterPermStateChangeCallback( const PermStateChangeScopeParcel& scope, const sptr& callback) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } + if (VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } return PermissionManager::GetInstance().AddPermStateChangeCallback(scope.scope, callback); } int32_t AccessTokenManagerService::UnRegisterPermStateChangeCallback(const sptr& callback) { + uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); + if ((this->GetTokenType(callingToken) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } + if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); + + return AccessTokenError::ERR_PERMISSION_DENIED; + } return PermissionManager::GetInstance().RemovePermStateChangeCallback(callback); } int32_t AccessTokenManagerService::RegisterSelfPermStateChangeCallback( const PermStateChangeScopeParcel& scope, const sptr& callback) { + uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); + if (this->GetTokenType(callingTokenID) != TOKEN_HAP) { + LOGE(ATM_DOMAIN, ATM_TAG, "TokenID is not hap."); + return AccessTokenError::ERR_PARAM_INVALID; + } return PermissionManager::GetInstance().AddPermStateChangeCallback(scope.scope, callback); } int32_t AccessTokenManagerService::UnRegisterSelfPermStateChangeCallback(const sptr& callback) { + uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); + if (this->GetTokenType(callingToken) != TOKEN_HAP) { + LOGE(ATM_DOMAIN, ATM_TAG, "TokenID is not hap."); + return AccessTokenError::ERR_PARAM_INVALID; + } return PermissionManager::GetInstance().RemovePermStateChangeCallback(callback); } -AccessTokenIDEx AccessTokenManagerService::AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy) +int32_t AccessTokenManagerService::AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy, + uint64_t& fullTokenId) { LOGI(ATM_DOMAIN, ATM_TAG, "BundleName: %{public}s", info.hapInfoParameter.bundleName.c_str()); AccessTokenIDEx tokenIdEx; tokenIdEx.tokenIDEx = 0LL; + AccessTokenID tokenID = IPCSkeleton::GetCallingTokenID(); + if (!IsPrivilegedCalling() && + (VerifyAccessToken(tokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", tokenID); + fullTokenId = static_cast(tokenIdEx.tokenIDEx); + return ERR_OK; + } + int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( info.hapInfoParameter, policy.hapPolicy, tokenIdEx); if (ret != RET_SUCCESS) { LOGE(ATM_DOMAIN, ATM_TAG, "Hap token info create failed"); } - return tokenIdEx; + fullTokenId = static_cast(tokenIdEx.tokenIDEx); + return ERR_OK; +} + +static void TransferHapPolicy(const HapPolicy& policyIn, HapPolicy& policyOut) +{ + policyOut.apl = policyIn.apl; + policyOut.domain = policyIn.domain; + policyOut.permList.assign(policyIn.permList.begin(), policyIn.permList.end()); + policyOut.aclRequestedList.assign(policyIn.aclRequestedList.begin(), policyIn.aclRequestedList.end()); + policyOut.preAuthorizationInfo.assign(policyIn.preAuthorizationInfo.begin(), policyIn.preAuthorizationInfo.end()); + for (const auto& perm : policyIn.permStateList) { + PermissionStatus tmp; + tmp.permissionName = perm.permissionName; + tmp.grantStatus = perm.grantStatus; + tmp.grantFlag = perm.grantFlag; + policyOut.permStateList.emplace_back(tmp); + } + policyOut.checkIgnore = policyIn.checkIgnore; + policyOut.aclExtendedMap = policyIn.aclExtendedMap; } -int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy, - AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) +int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy, + uint64_t& fullTokenId, HapInfoCheckResultIdl& resultInfoIdl) { LOGI(ATM_DOMAIN, ATM_TAG, "Init hap %{public}s.", info.hapInfoParameter.bundleName.c_str()); + AccessTokenID tokenID = IPCSkeleton::GetCallingTokenID(); + if (!IsPrivilegedCalling() && + (VerifyAccessToken(tokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", tokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + + HapPolicyParcel policyCopy; + TransferHapPolicy(policy.hapPolicy, policyCopy.hapPolicy); + + resultInfoIdl.realResult = ERR_OK; std::vector initializedList; if (info.hapInfoParameter.dlpType == DLP_COMMON) { + HapInfoCheckResult permCheckResult; if (!PermissionManager::GetInstance().InitPermissionList(info.hapInfoParameter.appDistributionType, - policy.hapPolicy, initializedList, result)) { - return ERR_PERM_REQUEST_CFG_FAILED; + policyCopy.hapPolicy, initializedList, permCheckResult)) { + resultInfoIdl.realResult = ERROR; + resultInfoIdl.permissionName = permCheckResult.permCheckResult.permissionName; + int32_t rule = permCheckResult.permCheckResult.rule; + resultInfoIdl.rule = static_cast(rule); + return ERR_OK; } } else { if (!PermissionManager::GetInstance().InitDlpPermissionList( @@ -419,10 +641,12 @@ int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, HapPo return ERR_PERM_REQUEST_CFG_FAILED; } } - policy.hapPolicy.permStateList = initializedList; + policyCopy.hapPolicy.permStateList = initializedList; + AccessTokenIDEx tokenIdEx; int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( - info.hapInfoParameter, policy.hapPolicy, fullTokenId); + info.hapInfoParameter, policyCopy.hapPolicy, tokenIdEx); + fullTokenId = tokenIdEx.tokenIDEx; if (ret != RET_SUCCESS) { return ret; } @@ -433,6 +657,15 @@ int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, HapPo int AccessTokenManagerService::DeleteToken(AccessTokenID tokenID) { LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID); + AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); + if (!IsPrivilegedCalling() && + (VerifyAccessToken(callingTokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + if (this->GetTokenType(tokenID) != TOKEN_HAP) { + return AccessTokenError::ERR_PARAM_INVALID; + } // only support hap token deletion return AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenID); } @@ -443,47 +676,103 @@ int AccessTokenManagerService::GetTokenType(AccessTokenID tokenID) return AccessTokenIDManager::GetInstance().GetTokenIdType(tokenID); } -AccessTokenIDEx AccessTokenManagerService::GetHapTokenID( - int32_t userID, const std::string& bundleName, int32_t instIndex) +int AccessTokenManagerService::GetTokenType(AccessTokenID tokenID, int32_t& tokenType) +{ + LOGD(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID); + tokenType = AccessTokenIDManager::GetInstance().GetTokenIdType(tokenID); + return ERR_OK; +} + +int32_t AccessTokenManagerService::GetHapTokenID( + int32_t userID, const std::string& bundleName, int32_t instIndex, uint64_t& fullTokenId) { LOGD(ATM_DOMAIN, ATM_TAG, "UserID: %{public}d, bundle: %{public}s, instIndex: %{public}d", userID, bundleName.c_str(), instIndex); - return AccessTokenInfoManager::GetInstance().GetHapTokenID(userID, bundleName, instIndex); + if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + + AccessTokenIDEx tokenIdEx = {0}; + fullTokenId = tokenIdEx.tokenIDEx; + return ERR_OK; + } + AccessTokenIDEx tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID(userID, bundleName, instIndex); + fullTokenId = tokenIdEx.tokenIDEx; + return ERR_OK; } -AccessTokenID AccessTokenManagerService::AllocLocalTokenID( - const std::string& remoteDeviceID, AccessTokenID remoteTokenID) +int32_t AccessTokenManagerService::AllocLocalTokenID( + const std::string& remoteDeviceID, AccessTokenID remoteTokenID, AccessTokenID& tokenId) { LOGI(ATM_DOMAIN, ATM_TAG, "RemoteDeviceID: %{public}s, remoteTokenID: %{public}d", ConstantCommon::EncryptDevId(remoteDeviceID).c_str(), remoteTokenID); + if ((!IsNativeProcessCalling()) && !IsPrivilegedCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + tokenId = INVALID_TOKENID; + return ERR_OK; + } AccessTokenID tokenID = AccessTokenInfoManager::GetInstance().AllocLocalTokenID(remoteDeviceID, remoteTokenID); - return tokenID; + tokenId = tokenID; + return ERR_OK; } -int32_t AccessTokenManagerService::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const HapPolicyParcel& policyParcel, HapInfoCheckResult& result) +int32_t AccessTokenManagerService::UpdateHapToken(uint64_t& fullTokenId, const UpdateHapInfoParamsIdl& infoIdl, + const HapPolicyParcel& policyParcel, HapInfoCheckResultIdl& resultInfoIdl) { + AccessTokenIDEx tokenIdEx; + tokenIdEx.tokenIDEx = fullTokenId; LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenIdEx.tokenIdExStruct.tokenID); + AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); + if (!IsPrivilegedCalling() && + (VerifyAccessToken(callingTokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + UpdateHapInfoParams info; + info.appIDDesc = infoIdl.appIDDesc; + info.apiVersion = infoIdl.apiVersion; + info.isSystemApp = infoIdl.isSystemApp; + info.appDistributionType = infoIdl.appDistributionType; std::vector InitializedList; + + resultInfoIdl.realResult = ERR_OK; + HapInfoCheckResult permCheckResult; if (!PermissionManager::GetInstance().InitPermissionList( - info.appDistributionType, policyParcel.hapPolicy, InitializedList, result)) { - return ERR_PERM_REQUEST_CFG_FAILED; + info.appDistributionType, policyParcel.hapPolicy, InitializedList, permCheckResult)) { + resultInfoIdl.realResult = ERROR; + resultInfoIdl.permissionName = permCheckResult.permCheckResult.permissionName; + int32_t rule = permCheckResult.permCheckResult.rule; + resultInfoIdl.rule = static_cast(rule); + return ERR_OK; } int32_t ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenIdEx, info, InitializedList, policyParcel.hapPolicy); + fullTokenId = tokenIdEx.tokenIDEx; return ret; } -int32_t AccessTokenManagerService::GetTokenIDByUserID(int32_t userID, std::unordered_set& tokenIdList) +int32_t AccessTokenManagerService::GetTokenIDByUserID(int32_t userID, std::vector& tokenIds) { LOGD(ATM_DOMAIN, ATM_TAG, "UserID: %{public}d", userID); - return AccessTokenInfoManager::GetInstance().GetTokenIDByUserID(userID, tokenIdList); + if (!IsNativeProcessCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + std::unordered_set tokenIdList; + + auto result = AccessTokenInfoManager::GetInstance().GetTokenIDByUserID(userID, tokenIdList); + std::copy(tokenIdList.begin(), tokenIdList.end(), std::back_inserter(tokenIds)); + return result; } int AccessTokenManagerService::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& infoParcel) { LOGD(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID); + if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + return AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, infoParcel.hapTokenInfoParams); } @@ -491,6 +780,11 @@ int AccessTokenManagerService::GetHapTokenInfoExtension(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes, std::string& appID) { LOGD(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d.", tokenID); + if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + int ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapTokenInfoRes.hapTokenInfoParams); if (ret != RET_SUCCESS) { LOGE(ATM_DOMAIN, ATM_TAG, "Get hap token info extenstion failed, ret is %{public}d.", ret); @@ -503,6 +797,12 @@ int AccessTokenManagerService::GetHapTokenInfoExtension(AccessTokenID tokenID, int AccessTokenManagerService::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& infoParcel) { LOGD(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID); + + if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + NativeTokenInfoBase baseInfo; int32_t ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(tokenID, baseInfo); infoParcel.nativeTokenInfoParams.apl = baseInfo.apl; @@ -513,6 +813,10 @@ int AccessTokenManagerService::GetNativeTokenInfo(AccessTokenID tokenID, NativeT #ifndef ATM_BUILD_VARIANT_USER_ENABLE int32_t AccessTokenManagerService::ReloadNativeTokenInfo() { + if (!IsPrivilegedCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } LibraryLoader loader(CONFIG_PARSE_LIBPATH); ConfigPolicyLoaderInterface* policy = loader.GetObject(); if (policy == nullptr) { @@ -531,9 +835,15 @@ int32_t AccessTokenManagerService::ReloadNativeTokenInfo() } #endif -AccessTokenID AccessTokenManagerService::GetNativeTokenId(const std::string& processName) +int32_t AccessTokenManagerService::GetNativeTokenId(const std::string& processName, AccessTokenID& tokenID) { - return AccessTokenInfoManager::GetInstance().GetNativeTokenId(processName); + if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + tokenID = INVALID_TOKENID; + return ERR_OK; + } + tokenID = AccessTokenInfoManager::GetInstance().GetNativeTokenId(processName); + return ERR_OK; } #ifdef TOKEN_SYNC_ENABLE @@ -542,16 +852,47 @@ int AccessTokenManagerService::GetHapTokenInfoFromRemote(AccessTokenID tokenID, { LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID); + if (!IsAccessTokenCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } return AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenID, hapSyncParcel.hapTokenInfoForSyncParams); } +static void TransferHapTokenInfoForSync(const HapTokenInfoForSync& policyIn, HapTokenInfoForSync& policyOut) +{ + policyOut.baseInfo.ver = policyIn.baseInfo.ver; + policyOut.baseInfo.userID = policyIn.baseInfo.userID; + policyOut.baseInfo.bundleName = policyIn.baseInfo.bundleName; + policyOut.baseInfo.apiVersion = policyIn.baseInfo.apiVersion; + policyOut.baseInfo.instIndex = policyIn.baseInfo.instIndex; + policyOut.baseInfo.dlpType = policyIn.baseInfo.dlpType; + policyOut.baseInfo.tokenID = policyIn.baseInfo.tokenID; + policyOut.baseInfo.tokenAttr = policyIn.baseInfo.tokenAttr; + for (const auto& item : policyIn.permStateList) { + PermissionStatus tmp; + tmp.permissionName = item.permissionName; + tmp.grantStatus = item.grantStatus; + tmp.grantFlag = item.grantFlag; + policyOut.permStateList.emplace_back(tmp); + } +} + int AccessTokenManagerService::SetRemoteHapTokenInfo(const std::string& deviceID, - HapTokenInfoForSyncParcel& hapSyncParcel) + const HapTokenInfoForSyncParcel& hapSyncParcel) { LOGI(ATM_DOMAIN, ATM_TAG, "DeviceID: %{public}s", ConstantCommon::EncryptDevId(deviceID).c_str()); + + if (!IsAccessTokenCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + HapTokenInfoForSyncParcel hapSyncParcelCopy; + TransferHapTokenInfoForSync(hapSyncParcel.hapTokenInfoForSyncParams, hapSyncParcelCopy.hapTokenInfoForSyncParams); + int ret = AccessTokenInfoManager::GetInstance().SetRemoteHapTokenInfo(deviceID, - hapSyncParcel.hapTokenInfoForSyncParams); + hapSyncParcelCopy.hapTokenInfoForSyncParams); return ret; } @@ -559,58 +900,101 @@ int AccessTokenManagerService::DeleteRemoteToken(const std::string& deviceID, Ac { LOGI(ATM_DOMAIN, ATM_TAG, "DeviceID: %{public}s, token id %{public}d", ConstantCommon::EncryptDevId(deviceID).c_str(), tokenID); + + if (!IsAccessTokenCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } return AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceID, tokenID); } -AccessTokenID AccessTokenManagerService::GetRemoteNativeTokenID(const std::string& deviceID, - AccessTokenID tokenID) +int32_t AccessTokenManagerService::GetRemoteNativeTokenID(const std::string& deviceID, + AccessTokenID tokenID, AccessTokenID& tokenId) { LOGI(ATM_DOMAIN, ATM_TAG, "DeviceID: %{public}s, token id %{public}d", ConstantCommon::EncryptDevId(deviceID).c_str(), tokenID); - return AccessTokenInfoManager::GetInstance().GetRemoteNativeTokenID(deviceID, tokenID); + if (!IsAccessTokenCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + tokenId = INVALID_TOKENID; + return ERR_OK; + } + tokenId = AccessTokenInfoManager::GetInstance().GetRemoteNativeTokenID(deviceID, tokenID); + return ERR_OK; } int AccessTokenManagerService::DeleteRemoteDeviceTokens(const std::string& deviceID) { LOGI(ATM_DOMAIN, ATM_TAG, "DeviceID: %{public}s", ConstantCommon::EncryptDevId(deviceID).c_str()); + + if (!IsAccessTokenCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } return AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceID); } int32_t AccessTokenManagerService::RegisterTokenSyncCallback(const sptr& callback) { LOGI(ATM_DOMAIN, ATM_TAG, "Call token sync callback registed."); + + if (!IsAccessTokenCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied, tokenID=%{public}d", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } return TokenModifyNotifier::GetInstance().RegisterTokenSyncCallback(callback); } int32_t AccessTokenManagerService::UnRegisterTokenSyncCallback() { LOGI(ATM_DOMAIN, ATM_TAG, "Call token sync callback unregisted."); + + if (!IsAccessTokenCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied, tokenID=%{public}d", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } return TokenModifyNotifier::GetInstance().UnRegisterTokenSyncCallback(); } #endif -void AccessTokenManagerService::DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo) +int32_t AccessTokenManagerService::DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo) { LOGI(ATM_DOMAIN, ATM_TAG, "Called"); + if (!IsShellProcessCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + dumpInfo = ""; + return ERR_OK; + } + bool isDeveloperMode = OHOS::system::GetBoolParameter(DEVELOPER_MODE_STATE, false); if (!isDeveloperMode) { dumpInfo = "Developer mode not support."; - return; + return ERR_OK; } AccessTokenInfoManager::GetInstance().DumpTokenInfo(infoParcel.info, dumpInfo); + return ERR_OK; } int32_t AccessTokenManagerService::GetVersion(uint32_t& version) { LOGI(ATM_DOMAIN, ATM_TAG, "Called"); + uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); + if ((this->GetTokenType(callingToken) == TOKEN_HAP) && (!IsSystemAppCalling())) { + return AccessTokenError::ERR_NOT_SYSTEM_APP; + } version = DEFAULT_TOKEN_VERSION; return RET_SUCCESS; } int32_t AccessTokenManagerService::SetPermDialogCap(const HapBaseInfoParcel& hapBaseInfoParcel, bool enable) { + uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); + if (VerifyAccessToken(callingToken, DISABLE_PERMISSION_DIALOG) == PERMISSION_DENIED) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + AccessTokenIDEx tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID( hapBaseInfoParcel.hapBaseInfo.userID, hapBaseInfoParcel.hapBaseInfo.bundleName, @@ -624,28 +1008,74 @@ int32_t AccessTokenManagerService::SetPermDialogCap(const HapBaseInfoParcel& hap return ret; } -void AccessTokenManagerService::GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) +int32_t AccessTokenManagerService::GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) { infoParcel.info.grantBundleName = grantBundleName_; infoParcel.info.grantAbilityName = grantAbilityName_; infoParcel.info.grantServiceAbilityName = grantServiceAbilityName_; infoParcel.info.permStateAbilityName = permStateAbilityName_; infoParcel.info.globalSwitchAbilityName = globalSwitchAbilityName_; + return ERR_OK; } int32_t AccessTokenManagerService::InitUserPolicy( - const std::vector& userList, const std::vector& permList) + const std::vector& userIdlList, const std::vector& permList) { + uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); + if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + + uint32_t userSize = userIdlList.size(); + uint32_t permSize = permList.size(); + if ((userSize > MAX_USER_POLICY_SIZE) || (permSize > MAX_USER_POLICY_SIZE)) { + LOGE(ATM_DOMAIN, ATM_TAG, "Size %{public}u is invalid", userSize); + return AccessTokenError::ERR_OVERSIZE; + } + + std::vector userList; + for (const auto& item : userIdlList) { + UserState tmp; + tmp.userId = item.userId; + tmp.isActive = item.isActive; + userList.emplace_back(tmp); + } return AccessTokenInfoManager::GetInstance().InitUserPolicy(userList, permList); } -int32_t AccessTokenManagerService::UpdateUserPolicy(const std::vector& userList) +int32_t AccessTokenManagerService::UpdateUserPolicy(const std::vector& userIdlList) { + uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); + if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + + uint32_t userSize = userIdlList.size(); + if (userSize > MAX_USER_POLICY_SIZE) { + LOGE(ATM_DOMAIN, ATM_TAG, "Size %{public}u is invalid", userSize); + return AccessTokenError::ERR_OVERSIZE; + } + + std::vector userList; + for (const auto& item : userIdlList) { + UserState tmp; + tmp.userId = item.userId; + tmp.isActive = item.isActive; + userList.emplace_back(tmp); + } return AccessTokenInfoManager::GetInstance().UpdateUserPolicy(userList); } int32_t AccessTokenManagerService::ClearUserPolicy() { + uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); + if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + return AccessTokenInfoManager::GetInstance().ClearUserPolicy(); } @@ -741,14 +1171,32 @@ void AccessTokenManagerService::GetConfigValue() } int32_t AccessTokenManagerService::GetKernelPermissions( - AccessTokenID tokenId, std::vector& kernelPermList) + AccessTokenID tokenId, std::vector& kernelPermIdlList) { - return AccessTokenInfoManager::GetInstance().GetKernelPermissions(tokenId, kernelPermList); + auto callingToken = IPCSkeleton::GetCallingTokenID(); + if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); + return AccessTokenError::ERR_PERMISSION_DENIED; + } + + std::vector kernelPermList; + auto result = AccessTokenInfoManager::GetInstance().GetKernelPermissions(tokenId, kernelPermList); + for (const auto& item : kernelPermList) { + PermissionWithValueIdl tmp; + tmp.permissionName = item.permissionName; + tmp.value = item.value; + kernelPermIdlList.emplace_back(tmp); + } + return result; } int32_t AccessTokenManagerService::GetReqPermissionByName( AccessTokenID tokenId, const std::string& permissionName, std::string& value) { + if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); + return AccessTokenError::ERR_PERMISSION_DENIED; + } return AccessTokenInfoManager::GetInstance().GetReqPermissionByName( tokenId, permissionName, value); } @@ -767,6 +1215,64 @@ bool AccessTokenManagerService::Initialize() LOGI(ATM_DOMAIN, ATM_TAG, "Initialize success"); return true; } + +bool AccessTokenManagerService::IsPrivilegedCalling() const +{ + // shell process is root in debug mode. +#ifndef ATM_BUILD_VARIANT_USER_ENABLE + int32_t callingUid = IPCSkeleton::GetCallingUid(); + return callingUid == ROOT_UID; +#else + return false; +#endif +} + +bool AccessTokenManagerService::IsAccessTokenCalling() +{ + uint32_t tokenCaller = IPCSkeleton::GetCallingTokenID(); + if (tokenSyncId_ == 0) { + this->GetNativeTokenId("token_sync_service", tokenSyncId_); + } + return tokenCaller == tokenSyncId_; +} + +bool AccessTokenManagerService::IsNativeProcessCalling() +{ + AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); + return this->GetTokenType(tokenCaller) == TOKEN_NATIVE; +} + +bool AccessTokenManagerService::IsShellProcessCalling() +{ + AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); + return this->GetTokenType(tokenCaller) == TOKEN_SHELL; +} + +bool AccessTokenManagerService::IsSystemAppCalling() const +{ + uint64_t fullTokenId = IPCSkeleton::GetCallingFullTokenID(); + return TokenIdKit::IsSystemAppByFullTokenID(fullTokenId); +} + +int32_t AccessTokenManagerService::CallbackEnter(uint32_t code) +{ + ClearThreadErrorMsg(); +#ifdef HICOLLIE_ENABLE + std::string name = "AtmTimer"; + g_timerId = HiviewDFX::XCollie::GetInstance().SetTimer(name, TIMEOUT, nullptr, nullptr, + HiviewDFX::XCOLLIE_FLAG_LOG); +#endif // HICOLLIE_ENABLE + return ERR_OK; +} + +int32_t AccessTokenManagerService::CallbackExit(uint32_t code, int32_t result) +{ +#ifdef HICOLLIE_ENABLE + HiviewDFX::XCollie::GetInstance().CancelTimer(g_timerId); +#endif // HICOLLIE_ENABLE + ReportSysCommonEventError(code, 0); + return ERR_OK; +} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp deleted file mode 100644 index 9271dc038..000000000 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ /dev/null @@ -1,1335 +0,0 @@ -/* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "accesstoken_manager_stub.h" - -#include -#include "accesstoken_dfx_define.h" -#include "accesstoken_common_log.h" -#include "access_token_error.h" -#include "ipc_skeleton.h" -#include "memory_guard.h" -#include "string_ex.h" -#include "tokenid_kit.h" -#include "hisysevent_adapter.h" -#ifdef HICOLLIE_ENABLE -#include "xcollie/xcollie.h" -#endif // HICOLLIE_ENABLE - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -const std::string MANAGE_HAP_TOKENID_PERMISSION = "ohos.permission.MANAGE_HAP_TOKENID"; -static const int32_t DUMP_CAPACITY_SIZE = 2 * 1024 * 1000; -static const int MAX_PERMISSION_SIZE = 1000; -static const int32_t MAX_USER_POLICY_SIZE = 1024; -const std::string GRANT_SENSITIVE_PERMISSIONS = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS"; -const std::string REVOKE_SENSITIVE_PERMISSIONS = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"; -const std::string GET_SENSITIVE_PERMISSIONS = "ohos.permission.GET_SENSITIVE_PERMISSIONS"; -const std::string DISABLE_PERMISSION_DIALOG = "ohos.permission.DISABLE_PERMISSION_DIALOG"; -const std::string GRANT_SHORT_TERM_WRITE_MEDIAVIDEO = "ohos.permission.GRANT_SHORT_TERM_WRITE_MEDIAVIDEO"; - -#ifdef HICOLLIE_ENABLE -constexpr uint32_t TIMEOUT = 40; // 40s -#endif // HICOLLIE_ENABLE -} - -int32_t AccessTokenManagerStub::OnRemoteRequest( - uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) -{ - MemoryGuard guard; - - ClearThreadErrorMsg(); - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - LOGD(ATM_DOMAIN, ATM_TAG, "Code %{public}u token %{public}u", code, callingTokenID); - std::u16string descriptor = data.ReadInterfaceToken(); - if (descriptor != IAccessTokenManager::GetDescriptor()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str()); - return ERROR_IPC_REQUEST_FAIL; - } - -#ifdef HICOLLIE_ENABLE - std::string name = "AtmTimer"; - int timerId = HiviewDFX::XCollie::GetInstance().SetTimer(name, TIMEOUT, nullptr, nullptr, - HiviewDFX::XCOLLIE_FLAG_LOG); -#endif // HICOLLIE_ENABLE - - auto itFunc = requestFuncMap_.find(code); - if (itFunc != requestFuncMap_.end()) { - auto requestFunc = itFunc->second; - if (requestFunc != nullptr) { - (this->*requestFunc)(data, reply); - -#ifdef HICOLLIE_ENABLE - HiviewDFX::XCollie::GetInstance().CancelTimer(timerId); -#endif // HICOLLIE_ENABLE - ReportSysCommonEventError(code, 0); - return NO_ERROR; - } - } - -#ifdef HICOLLIE_ENABLE - HiviewDFX::XCollie::GetInstance().CancelTimer(timerId); -#endif // HICOLLIE_ENABLE - - return IPCObjectStub::OnRemoteRequest(code, data, reply, option); // when code invalid -} - -void AccessTokenManagerStub::DeleteTokenInfoInner(MessageParcel& data, MessageParcel& reply) -{ - AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); - if (!IsPrivilegedCalling() && - (VerifyAccessToken(callingTokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - AccessTokenID tokenID = data.ReadUint32(); - if (this->GetTokenType(tokenID) != TOKEN_HAP) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PARAM_INVALID), "WriteInt32 failed."); - return; - } - int result = this->DeleteToken(tokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::GetPermissionUsedTypeInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(static_cast(PermUsedTypeEnum::INVALID_USED_TYPE)), - "WriteInt32 failed."); - return; - } - uint32_t tokenID; - if (!data.ReadUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read tokenID."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(static_cast(PermUsedTypeEnum::INVALID_USED_TYPE)), - "WriteInt32 failed."); - return; - } - std::string permissionName; - if (!data.ReadString(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read permissionName."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32( - static_cast(PermUsedTypeEnum::INVALID_USED_TYPE)), "WriteInt32 failed."); - return; - } - PermUsedTypeEnum result = this->GetPermissionUsedType(tokenID, permissionName); - int32_t type = static_cast(result); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(type), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::VerifyAccessTokenInner(MessageParcel& data, MessageParcel& reply) -{ - AccessTokenID tokenID = data.ReadUint32(); - std::string permissionName = data.ReadString(); - int result = this->VerifyAccessToken(tokenID, permissionName); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::VerifyAccessTokenWithListInner(MessageParcel& data, MessageParcel& reply) -{ - AccessTokenID tokenID; - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadUint32(tokenID), "ReadUint32 failed."); - - std::vector permissionList; - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadStringVector(&permissionList), "ReadStringVector failed."); - - std::vector permStateList; - this->VerifyAccessToken(tokenID, permissionList, permStateList); - - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32Vector(permStateList), "WriteInt32Vector failed."); -} - -void AccessTokenManagerStub::GetDefPermissionInner(MessageParcel& data, MessageParcel& reply) -{ - std::string permissionName = data.ReadString(); - PermissionDefParcel permissionDefParcel; - int result = this->GetDefPermission(permissionName, permissionDefParcel); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteParcelable(&permissionDefParcel), "Write PermissionDefParcel fail."); -} - -void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, MessageParcel& reply) -{ - unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - if (!IsPrivilegedCalling() && - VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - - AccessTokenID tokenID = data.ReadUint32(); - int isSystemGrant = data.ReadInt32(); - std::vector permList; - - int result = this->GetReqPermissions(tokenID, permList, isSystemGrant); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - LOGD(ATM_DOMAIN, ATM_TAG, "PermList size: %{public}zu", permList.size()); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(permList.size()), "WriteInt32 failed."); - for (const auto& permDef : permList) { - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&permDef), "WriteParcelable fail."); - } -} - -void AccessTokenManagerStub::GetSelfPermissionsStateInner(MessageParcel& data, MessageParcel& reply) -{ - std::vector permList; - uint32_t size = 0; - if (!data.ReadUint32(size)) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_OPER), "WriteInt32 failed."); - return; - } - LOGD(ATM_DOMAIN, ATM_TAG, "PermList size read from client data is %{public}d.", size); - if (size > MAX_PERMISSION_SIZE) { - LOGE(ATM_DOMAIN, ATM_TAG, "PermList size %{public}d is invalid", size); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_OPER), "WriteInt32 failed."); - return; - } - for (uint32_t i = 0; i < size; i++) { - sptr permissionParcel = data.ReadParcelable(); - if (permissionParcel != nullptr) { - permList.emplace_back(*permissionParcel); - } - } - PermissionGrantInfoParcel infoParcel; - PermissionOper result = this->GetSelfPermissionsState(permList, infoParcel); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(permList.size()), "WriteUint32 failed."); - for (const auto& perm : permList) { - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&perm), "WriteParcelable failed."); - } - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&infoParcel), "WriteParcelable failed."); -} - -void AccessTokenManagerStub::GetPermissionsStatusInner(MessageParcel& data, MessageParcel& reply) -{ - unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - if (!IsPrivilegedCalling() && - VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - - AccessTokenID tokenID = data.ReadUint32(); - std::vector permList; - uint32_t size = 0; - if (!data.ReadUint32(size)) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_OPER), "WriteInt32 failed."); - return; - } - LOGD(ATM_DOMAIN, ATM_TAG, "PermList size read from client data is %{public}d.", size); - if (size > MAX_PERMISSION_SIZE) { - LOGE(ATM_DOMAIN, ATM_TAG, "PermList size %{public}d is oversize", size); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_OPER), "WriteInt32 failed."); - return; - } - for (uint32_t i = 0; i < size; i++) { - sptr permissionParcel = data.ReadParcelable(); - if (permissionParcel != nullptr) { - permList.emplace_back(*permissionParcel); - } - } - int32_t result = this->GetPermissionsStatus(tokenID, permList); - - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(permList.size()), "WriteUint32 failed."); - for (const auto& perm : permList) { - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&perm), "WriteParcelable failed."); - } -} - -void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, MessageParcel& reply) -{ - unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - AccessTokenID tokenID = data.ReadUint32(); - std::string permissionName = data.ReadString(); - if (!IsPrivilegedCalling() && - VerifyAccessToken(callingTokenID, GRANT_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED && - VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED && - VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - uint32_t flag; - int result = this->GetPermissionFlag(tokenID, permissionName, flag); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(flag), "WriteUint32 failed."); -} - -void AccessTokenManagerStub::SetPermissionRequestToggleStatusInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - - std::string permissionName = data.ReadString(); - uint32_t status = data.ReadUint32(); - int32_t userID = data.ReadInt32(); - if (!IsPrivilegedCalling() && VerifyAccessToken(callingTokenID, DISABLE_PERMISSION_DIALOG) == PERMISSION_DENIED) { - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, "CALLER_TOKENID", - callingTokenID, "PERMISSION_NAME", permissionName, "INTERFACE", "SetToggleStatus"); - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - int32_t result = this->SetPermissionRequestToggleStatus(permissionName, status, userID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::GetPermissionRequestToggleStatusInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - - std::string permissionName = data.ReadString(); - int32_t userID = data.ReadInt32(); - if (!IsShellProcessCalling() && !IsPrivilegedCalling() && - VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, "CALLER_TOKENID", - callingTokenID, "PERMISSION_NAME", permissionName, "INTERFACE", "GetToggleStatus"); - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - uint32_t status; - int32_t result = this->GetPermissionRequestToggleStatus(permissionName, status, userID); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(status), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::RequestAppPermOnSettingInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsSystemAppCalling()) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - - AccessTokenID tokenID; - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadUint32(tokenID), "ReadUint32 failed."); - - int result = this->RequestAppPermOnSetting(tokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessageParcel& reply) -{ - unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - AccessTokenID tokenID = data.ReadUint32(); - std::string permissionName = data.ReadString(); - uint32_t flag = data.ReadUint32(); - if (!IsPrivilegedCalling() && - VerifyAccessToken(callingTokenID, GRANT_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, - "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName); - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - int result = this->GrantPermission(tokenID, permissionName, flag); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::RevokePermissionInner(MessageParcel& data, MessageParcel& reply) -{ - unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - AccessTokenID tokenID = data.ReadUint32(); - std::string permissionName = data.ReadString(); - uint32_t flag = data.ReadUint32(); - if (!IsPrivilegedCalling() && - VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, - "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName); - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - int result = this->RevokePermission(tokenID, permissionName, flag); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::GrantPermissionForSpecifiedTimeInner(MessageParcel& data, MessageParcel& reply) -{ - unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - AccessTokenID tokenID = data.ReadUint32(); - std::string permissionName = data.ReadString(); - uint32_t onceTime = data.ReadUint32(); - if (!IsPrivilegedCalling() && - VerifyAccessToken(callingTokenID, GRANT_SHORT_TERM_WRITE_MEDIAVIDEO) == PERMISSION_DENIED) { - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, - "CALLER_TOKENID", callingTokenID, "PERMISSION_NAME", permissionName); - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - int result = this->GrantPermissionForSpecifiedTime(tokenID, permissionName, onceTime); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::ClearUserGrantedPermissionStateInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if (!IsPrivilegedCalling() && - VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR, - "CALLER_TOKENID", callingTokenID); - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - AccessTokenID tokenID = data.ReadUint32(); - int result = this->ClearUserGrantedPermissionState(tokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::AllocHapTokenInner(MessageParcel& data, MessageParcel& reply) -{ - AccessTokenIDEx res = {0}; - AccessTokenID tokenID = IPCSkeleton::GetCallingTokenID(); - if (!IsPrivilegedCalling() && - (VerifyAccessToken(tokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", tokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - - sptr hapInfoParcel = data.ReadParcelable(); - sptr hapPolicyParcel = data.ReadParcelable(); - if (hapInfoParcel == nullptr || hapPolicyParcel == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read hapPolicyParcel or hapInfoParcel fail"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - res = this->AllocHapToken(*hapInfoParcel, *hapPolicyParcel); - reply.WriteUint64(res.tokenIDEx); -} - -void AccessTokenManagerStub::InitHapTokenInner(MessageParcel& data, MessageParcel& reply) -{ - AccessTokenID tokenID = IPCSkeleton::GetCallingTokenID(); - if (!IsPrivilegedCalling() && - (VerifyAccessToken(tokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", tokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - - sptr hapInfoParcel = data.ReadParcelable(); - sptr hapPolicyParcel = data.ReadParcelable(); - if (hapInfoParcel == nullptr || hapPolicyParcel == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read hapPolicyParcel or hapInfoParcel fail"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - int32_t res; - AccessTokenIDEx fullTokenId = { 0 }; - HapInfoCheckResult result; - res = this->InitHapToken(*hapInfoParcel, *hapPolicyParcel, fullTokenId, result); - if (!reply.WriteInt32(res)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInt32 fail"); - } - - if (res != RET_SUCCESS) { - if (!result.permCheckResult.permissionName.empty()) { - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteString(result.permCheckResult.permissionName), "WriteString failed."); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(result.permCheckResult.rule), "WriteInt32 failed."); - } - LOGE(ATM_DOMAIN, ATM_TAG, "Res error %{public}d.", res); - return; - } - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint64(fullTokenId.tokenIDEx), "WriteUint64 failed."); -} - -void AccessTokenManagerStub::GetTokenTypeInner(MessageParcel& data, MessageParcel& reply) -{ - AccessTokenID tokenID = data.ReadUint32(); - int result = this->GetTokenType(tokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::GetHapTokenIDInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_TOKENID), "WriteInt32 failed."); - return; - } - int userID = data.ReadInt32(); - std::string bundleName = data.ReadString(); - int instIndex = data.ReadInt32(); - AccessTokenIDEx tokenIdEx = this->GetHapTokenID(userID, bundleName, instIndex); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint64(tokenIdEx.tokenIDEx), "WriteUint64 failed."); -} - -void AccessTokenManagerStub::AllocLocalTokenIDInner(MessageParcel& data, MessageParcel& reply) -{ - if ((!IsNativeProcessCalling()) && !IsPrivilegedCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_TOKENID), "WriteInt32 failed."); - return; - } - std::string remoteDeviceID = data.ReadString(); - AccessTokenID remoteTokenID = data.ReadUint32(); - AccessTokenID result = this->AllocLocalTokenID(remoteDeviceID, remoteTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(result), "WriteUint32 failed."); -} - -void AccessTokenManagerStub::UpdateHapTokenInner(MessageParcel& data, MessageParcel& reply) -{ - AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); - if (!IsPrivilegedCalling() && - (VerifyAccessToken(callingTokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - UpdateHapInfoParams info; - AccessTokenID tokenID = data.ReadUint32(); - info.isSystemApp = data.ReadBool(); - info.appIDDesc = data.ReadString(); - info.apiVersion = data.ReadInt32(); - info.appDistributionType = data.ReadString(); - AccessTokenIDEx tokenIdEx; - tokenIdEx.tokenIdExStruct.tokenID = tokenID; - sptr policyParcel = data.ReadParcelable(); - if (policyParcel == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "PolicyParcel read faild"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - HapInfoCheckResult resultInfo; - int32_t result = this->UpdateHapToken(tokenIdEx, info, *policyParcel, resultInfo); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteUint32(tokenIdEx.tokenIdExStruct.tokenAttr), "WriteUint32 failed."); - if (result != RET_SUCCESS) { - if (!resultInfo.permCheckResult.permissionName.empty()) { - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteString(resultInfo.permCheckResult.permissionName), "WriteString failed."); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(resultInfo.permCheckResult.rule), "WriteInt32 failed."); - } - LOGE(ATM_DOMAIN, ATM_TAG, "Res error %{public}d", result); - return; - } -} - -void AccessTokenManagerStub::GetTokenIDByUserIDInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsNativeProcessCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - std::unordered_set tokenIdList; - int32_t userID = 0; - if (!data.ReadInt32(userID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read userId."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - int32_t result = this->GetTokenIDByUserID(userID, tokenIdList); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(tokenIdList.size()), "WriteUint32 failed."); - for (const auto& tokenId : tokenIdList) { - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(tokenId), "WriteUint32 failed."); - } -} - -void AccessTokenManagerStub::GetHapTokenInfoInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - HapTokenInfoParcel hapTokenInfoParcel; - AccessTokenID tokenID = data.ReadUint32(); - int result = this->GetHapTokenInfo(tokenID, hapTokenInfoParcel); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&hapTokenInfoParcel), "Write parcel failed."); -} - -void AccessTokenManagerStub::GetHapTokenInfoExtensionInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - HapTokenInfoParcel hapTokenInfoParcel; - std::string appID; - AccessTokenID tokenID = data.ReadUint32(); - int result = this->GetHapTokenInfoExtension(tokenID, hapTokenInfoParcel, appID); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&hapTokenInfoParcel), "Write parcel failed."); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteString(appID), "Write string failed."); -} - -void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d).", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - AccessTokenID tokenID = data.ReadUint32(); - NativeTokenInfoParcel nativeTokenInfoParcel; - int result = this->GetNativeTokenInfo(tokenID, nativeTokenInfoParcel); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&nativeTokenInfoParcel), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::RegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if ((this->GetTokenType(callingTokenID) == TOKEN_HAP) && (!IsSystemAppCalling())) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - if (VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingTokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - sptr scopeParcel = data.ReadParcelable(); - if (scopeParcel == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read scopeParcel fail"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - sptr callback = data.ReadRemoteObject(); - if (callback == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read callback fail"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - int32_t result = this->RegisterPermStateChangeCallback(*scopeParcel, callback); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::UnRegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); - if ((this->GetTokenType(callingToken) == TOKEN_HAP) && (!IsSystemAppCalling())) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - sptr callback = data.ReadRemoteObject(); - if (callback == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read callback fail"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - int32_t result = this->UnRegisterPermStateChangeCallback(callback); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::RegisterSelfPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID(); - if (this->GetTokenType(callingTokenID) != TOKEN_HAP) { - LOGE(ATM_DOMAIN, ATM_TAG, "TokenID is not hap."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PARAM_INVALID), "WriteInt32 failed."); - return; - } - sptr scopeParcel = data.ReadParcelable(); - if (scopeParcel == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read scopeParcel fail"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - sptr callback = data.ReadRemoteObject(); - if (callback == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read callback fail"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - int32_t result = this->RegisterSelfPermStateChangeCallback(*scopeParcel, callback); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::UnRegisterSelfPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); - if (this->GetTokenType(callingToken) != TOKEN_HAP) { - LOGE(ATM_DOMAIN, ATM_TAG, "TokenID is not hap."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PARAM_INVALID), "WriteInt32 failed."); - return; - } - sptr callback = data.ReadRemoteObject(); - if (callback == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read callback fail"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - int32_t result = this->UnRegisterSelfPermStateChangeCallback(callback); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -#ifndef ATM_BUILD_VARIANT_USER_ENABLE -void AccessTokenManagerStub::ReloadNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsPrivilegedCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteUint32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - int32_t result = this->ReloadNativeTokenInfo(); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} -#endif - -void AccessTokenManagerStub::GetNativeTokenIdInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(INVALID_TOKENID), "WriteUint32 failed."); - return; - } - std::string processName; - if (!data.ReadString(processName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "ReadString fail, processName=%{public}s", processName.c_str()); - return; - } - AccessTokenID result = this->GetNativeTokenId(processName); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::GetKernelPermissionsInner(MessageParcel& data, MessageParcel& reply) -{ - auto callingToken = IPCSkeleton::GetCallingTokenID(); - if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteUint32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteUint32 failed."); - return; - } - - AccessTokenID tokenID; - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadUint32(tokenID), "ReadUint32 failed."); - std::vector kernelPermList; - int32_t result = this->GetKernelPermissions(tokenID, kernelPermList); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(kernelPermList.size()), "WriteUint32 failed."); - for (const auto& perm : kernelPermList) { - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteString(perm.permissionName), "WriteString failed."); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteString(perm.value), "WriteString failed."); - } -} - -void AccessTokenManagerStub::GetReqPermissionByNameInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteUint32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteUint32 failed."); - return; - } - - AccessTokenID tokenID; - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadUint32(tokenID), "ReadUint32 failed."); - std::string permissionName; - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, data.ReadString(permissionName), "ReadUint32 failed."); - std::string resultValue; - int32_t result = this->GetReqPermissionByName(tokenID, permissionName, resultValue); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteString(resultValue), "WriteString failed."); -} - -#ifdef TOKEN_SYNC_ENABLE -void AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsAccessTokenCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - AccessTokenID tokenID = data.ReadUint32(); - HapTokenInfoForSyncParcel hapTokenParcel; - - int result = this->GetHapTokenInfoFromRemote(tokenID, hapTokenParcel); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&hapTokenParcel), "WriteParcelable failed."); -} - -void AccessTokenManagerStub::SetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsAccessTokenCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - std::string deviceID = data.ReadString(); - sptr hapTokenParcel = data.ReadParcelable(); - if (hapTokenParcel == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "HapTokenParcel read faild"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - int result = this->SetRemoteHapTokenInfo(deviceID, *hapTokenParcel); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::DeleteRemoteTokenInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsAccessTokenCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - std::string deviceID = data.ReadString(); - AccessTokenID tokenID = data.ReadUint32(); - - int result = this->DeleteRemoteToken(deviceID, tokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::GetRemoteNativeTokenIDInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsAccessTokenCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(INVALID_TOKENID), "WriteInt32 failed."); - return; - } - std::string deviceID = data.ReadString(); - AccessTokenID tokenID = data.ReadUint32(); - - AccessTokenID result = this->GetRemoteNativeTokenID(deviceID, tokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::DeleteRemoteDeviceTokensInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsAccessTokenCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - std::string deviceID = data.ReadString(); - - int result = this->DeleteRemoteDeviceTokens(deviceID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::RegisterTokenSyncCallbackInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsAccessTokenCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied, tokenID=%{public}d", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - - sptr callback = data.ReadRemoteObject(); - if (callback == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Callback read failed."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - int32_t result = this->RegisterTokenSyncCallback(callback); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::UnRegisterTokenSyncCallbackInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsAccessTokenCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied, tokenID=%{public}d", IPCSkeleton::GetCallingTokenID()); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - - int32_t result = this->UnRegisterTokenSyncCallback(); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); -} -#endif - -void AccessTokenManagerStub::GetVersionInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); - if ((this->GetTokenType(callingToken) == TOKEN_HAP) && (!IsSystemAppCalling())) { - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_NOT_SYSTEM_APP), "WriteInt32 failed."); - return; - } - uint32_t version; - int32_t result = this->GetVersion(version); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); - if (result != RET_SUCCESS) { - return; - } - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(version), "WriteUint32 failed."); -} - -void AccessTokenManagerStub::DumpTokenInfoInner(MessageParcel& data, MessageParcel& reply) -{ - if (!IsShellProcessCalling()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", IPCSkeleton::GetCallingTokenID()); - reply.WriteString(""); - return; - } - sptr infoParcel = data.ReadParcelable(); - if (infoParcel == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read infoParcel fail"); - reply.WriteString("read infoParcel fail"); - return; - } - std::string dumpInfo = ""; - this->DumpTokenInfo(*infoParcel, dumpInfo); - if (!reply.SetDataCapacity(DUMP_CAPACITY_SIZE)) { - LOGW(ATM_DOMAIN, ATM_TAG, "SetDataCapacity failed"); - } - if (!reply.WriteString(dumpInfo)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteString failed"); - } -} - -void AccessTokenManagerStub::SetPermDialogCapInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); - if (VerifyAccessToken(callingToken, DISABLE_PERMISSION_DIALOG) == PERMISSION_DENIED) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - - sptr hapBaseInfoParcel = data.ReadParcelable(); - if (hapBaseInfoParcel == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read hapBaseInfoParcel fail"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - bool enable = data.ReadBool(); - int32_t res = this->SetPermDialogCap(*hapBaseInfoParcel, enable); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(res), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::GetPermissionManagerInfoInner(MessageParcel& data, MessageParcel& reply) -{ - PermissionGrantInfoParcel infoParcel; - this->GetPermissionManagerInfo(infoParcel); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&infoParcel), "WriteParcelable failed."); -} - -void AccessTokenManagerStub::InitUserPolicyInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); - if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - std::vector userList; - std::vector permList; - uint32_t userSize = data.ReadUint32(); - uint32_t permSize = data.ReadUint32(); - if ((userSize > MAX_USER_POLICY_SIZE) || (permSize > MAX_USER_POLICY_SIZE)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Size %{public}u is invalid", userSize); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_OVERSIZE), "WriteParcelable failed."); - return; - } - for (uint32_t i = 0; i < userSize; i++) { - UserState userInfo; - if (!data.ReadInt32(userInfo.userId)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read userId."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - if (!data.ReadBool(userInfo.isActive)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read isActive."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - userList.emplace_back(userInfo); - } - for (uint32_t i = 0; i < permSize; i++) { - std::string permission; - if (!data.ReadString(permission)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read permission."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - permList.emplace_back(permission); - } - int32_t res = this->InitUserPolicy(userList, permList); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(res), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::UpdateUserPolicyInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); - if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - std::vector userList; - uint32_t userSize = data.ReadUint32(); - if (userSize > MAX_USER_POLICY_SIZE) { - LOGE(ATM_DOMAIN, ATM_TAG, "Size %{public}u is invalid", userSize); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(AccessTokenError::ERR_OVERSIZE), "WriteInt32 failed."); - return; - } - for (uint32_t i = 0; i < userSize; i++) { - UserState userInfo; - if (!data.ReadInt32(userInfo.userId)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read userId."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - if (!data.ReadBool(userInfo.isActive)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to read isActive."); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - userList.emplace_back(userInfo); - } - int32_t res = this->UpdateUserPolicy(userList); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(res), "WriteInt32 failed."); -} - -void AccessTokenManagerStub::ClearUserPolicyInner(MessageParcel& data, MessageParcel& reply) -{ - uint32_t callingToken = IPCSkeleton::GetCallingTokenID(); - if (VerifyAccessToken(callingToken, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", callingToken); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - - int32_t res = this->ClearUserPolicy(); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(res), "WriteInt32 failed."); -} - -bool AccessTokenManagerStub::IsPrivilegedCalling() const -{ - // shell process is root in debug mode. -#ifndef ATM_BUILD_VARIANT_USER_ENABLE - int32_t callingUid = IPCSkeleton::GetCallingUid(); - return callingUid == ROOT_UID; -#else - return false; -#endif -} - -bool AccessTokenManagerStub::IsAccessTokenCalling() -{ - uint32_t tokenCaller = IPCSkeleton::GetCallingTokenID(); - if (tokenSyncId_ == 0) { - tokenSyncId_ = this->GetNativeTokenId("token_sync_service"); - } - return tokenCaller == tokenSyncId_; -} - -bool AccessTokenManagerStub::IsNativeProcessCalling() -{ - AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); - return this->GetTokenType(tokenCaller) == TOKEN_NATIVE; -} - -bool AccessTokenManagerStub::IsShellProcessCalling() -{ - AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); - return this->GetTokenType(tokenCaller) == TOKEN_SHELL; -} - -bool AccessTokenManagerStub::IsSystemAppCalling() const -{ - uint64_t fullTokenId = IPCSkeleton::GetCallingFullTokenID(); - return TokenIdKit::IsSystemAppByFullTokenID(fullTokenId); -} - -#ifdef TOKEN_SYNC_ENABLE -void AccessTokenManagerStub::SetTokenSyncFuncInMap() -{ - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_HAP_TOKEN_FROM_REMOTE)] = - &AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::SET_REMOTE_HAP_TOKEN_INFO)] = - &AccessTokenManagerStub::SetRemoteHapTokenInfoInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::DELETE_REMOTE_TOKEN_INFO)] = - &AccessTokenManagerStub::DeleteRemoteTokenInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::DELETE_REMOTE_DEVICE_TOKEN)] = - &AccessTokenManagerStub::DeleteRemoteDeviceTokensInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_NATIVE_REMOTE_TOKEN)] = - &AccessTokenManagerStub::GetRemoteNativeTokenIDInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::REGISTER_TOKEN_SYNC_CALLBACK)] = - &AccessTokenManagerStub::RegisterTokenSyncCallbackInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::UNREGISTER_TOKEN_SYNC_CALLBACK)] = - &AccessTokenManagerStub::UnRegisterTokenSyncCallbackInner; -} -#endif - -void AccessTokenManagerStub::SetLocalTokenOpFuncInMap() -{ - requestFuncMap_[static_cast(AccessTokenInterfaceCode::ALLOC_TOKEN_HAP)] = - &AccessTokenManagerStub::AllocHapTokenInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::INIT_TOKEN_HAP)] = - &AccessTokenManagerStub::InitHapTokenInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::TOKEN_DELETE)] = - &AccessTokenManagerStub::DeleteTokenInfoInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_TOKEN_TYPE)] = - &AccessTokenManagerStub::GetTokenTypeInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_HAP_TOKEN_ID)] = - &AccessTokenManagerStub::GetHapTokenIDInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::ALLOC_LOCAL_TOKEN_ID)] = - &AccessTokenManagerStub::AllocLocalTokenIDInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_NATIVE_TOKENINFO)] = - &AccessTokenManagerStub::GetNativeTokenInfoInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_TOKEN_ID_BY_USER_ID)] = - &AccessTokenManagerStub::GetTokenIDByUserIDInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_HAP_TOKENINFO)] = - &AccessTokenManagerStub::GetHapTokenInfoInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::UPDATE_HAP_TOKEN)] = - &AccessTokenManagerStub::UpdateHapTokenInner; -#ifndef ATM_BUILD_VARIANT_USER_ENABLE - requestFuncMap_[static_cast(AccessTokenInterfaceCode::RELOAD_NATIVE_TOKEN_INFO)] = - &AccessTokenManagerStub::ReloadNativeTokenInfoInner; -#endif - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_NATIVE_TOKEN_ID)] = - &AccessTokenManagerStub::GetNativeTokenIdInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::SET_PERM_DIALOG_CAPABILITY)] = - &AccessTokenManagerStub::SetPermDialogCapInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_PERMISSION_MANAGER_INFO)] = - &AccessTokenManagerStub::GetPermissionManagerInfoInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::INIT_USER_POLICY)] = - &AccessTokenManagerStub::InitUserPolicyInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::UPDATE_USER_POLICY)] = - &AccessTokenManagerStub::UpdateUserPolicyInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::CLEAR_USER_POLICY)] = - &AccessTokenManagerStub::ClearUserPolicyInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_HAP_TOKENINFO_EXT)] = - &AccessTokenManagerStub::GetHapTokenInfoExtensionInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_KERNEL_PERMISSIONS)] = - &AccessTokenManagerStub::GetKernelPermissionsInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_PERMISSION_BY_NAME)] = - &AccessTokenManagerStub::GetReqPermissionByNameInner; -} - -void AccessTokenManagerStub::SetPermissionOpFuncInMap() -{ - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_USER_GRANTED_PERMISSION_USED_TYPE)] = - &AccessTokenManagerStub::GetPermissionUsedTypeInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN)] = - &AccessTokenManagerStub::VerifyAccessTokenInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN_WITH_LIST)] = - &AccessTokenManagerStub::VerifyAccessTokenWithListInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_DEF_PERMISSION)] = - &AccessTokenManagerStub::GetDefPermissionInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_REQ_PERMISSIONS)] = - &AccessTokenManagerStub::GetReqPermissionsInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_PERMISSION_FLAG)] = - &AccessTokenManagerStub::GetPermissionFlagInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GRANT_PERMISSION)] = - &AccessTokenManagerStub::GrantPermissionInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::REVOKE_PERMISSION)] = - &AccessTokenManagerStub::RevokePermissionInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GRANT_PERMISSION_FOR_SPECIFIEDTIME)] = - &AccessTokenManagerStub::GrantPermissionForSpecifiedTimeInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::CLEAR_USER_GRANT_PERMISSION)] = - &AccessTokenManagerStub::ClearUserGrantedPermissionStateInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_PERMISSION_OPER_STATE)] = - &AccessTokenManagerStub::GetSelfPermissionsStateInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_PERMISSIONS_STATUS)] = - &AccessTokenManagerStub::GetPermissionsStatusInner; - requestFuncMap_[ - static_cast(AccessTokenInterfaceCode::REGISTER_PERM_STATE_CHANGE_CALLBACK)] = - &AccessTokenManagerStub::RegisterPermStateChangeCallbackInner; - requestFuncMap_[ - static_cast(AccessTokenInterfaceCode::UNREGISTER_PERM_STATE_CHANGE_CALLBACK)] = - &AccessTokenManagerStub::UnRegisterPermStateChangeCallbackInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::DUMP_TOKENINFO)] = - &AccessTokenManagerStub::DumpTokenInfoInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_VERSION)] = - &AccessTokenManagerStub::GetVersionInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::SET_PERMISSION_REQUEST_TOGGLE_STATUS)] = - &AccessTokenManagerStub::SetPermissionRequestToggleStatusInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_PERMISSION_REQUEST_TOGGLE_STATUS)] = - &AccessTokenManagerStub::GetPermissionRequestToggleStatusInner; - requestFuncMap_[ - static_cast(AccessTokenInterfaceCode::REGISTER_SELF_PERM_STATE_CHANGE_CALLBACK)] = - &AccessTokenManagerStub::RegisterSelfPermStateChangeCallbackInner; - requestFuncMap_[ - static_cast(AccessTokenInterfaceCode::UNREGISTER_SELF_PERM_STATE_CHANGE_CALLBACK)] = - &AccessTokenManagerStub::UnRegisterSelfPermStateChangeCallbackInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::REQUEST_APP_PERM_ON_SETTING)] = - &AccessTokenManagerStub::RequestAppPermOnSettingInner; -} - -AccessTokenManagerStub::AccessTokenManagerStub() -{ - SetPermissionOpFuncInMap(); - SetLocalTokenOpFuncInMap(); -#ifdef TOKEN_SYNC_ENABLE - SetTokenSyncFuncInMap(); -#endif -} - -AccessTokenManagerStub::~AccessTokenManagerStub() -{ - requestFuncMap_.clear(); -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS diff --git a/services/accesstokenmanager/test/coverage/BUILD.gn b/services/accesstokenmanager/test/coverage/BUILD.gn index 15c858e9c..19e90844c 100644 --- a/services/accesstokenmanager/test/coverage/BUILD.gn +++ b/services/accesstokenmanager/test/coverage/BUILD.gn @@ -36,7 +36,6 @@ accesstoken_manager_service_source = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp", @@ -88,7 +87,10 @@ ohos_unittest("libaccesstoken_manager_service_coverage_test") { cflags_cc = [ "-DHILOG_ENABLE" ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", @@ -99,6 +101,7 @@ ohos_unittest("libaccesstoken_manager_service_coverage_test") { "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", "${access_token_path}/services/common:accesstoken_service_common", ] diff --git a/services/accesstokenmanager/test/mock/BUILD.gn b/services/accesstokenmanager/test/mock/BUILD.gn index f52d369b6..306bad286 100644 --- a/services/accesstokenmanager/test/mock/BUILD.gn +++ b/services/accesstokenmanager/test/mock/BUILD.gn @@ -36,7 +36,6 @@ accesstoken_manager_service_source = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp", @@ -89,7 +88,10 @@ ohos_unittest("libpermission_manager_mock_test") { cflags_cc = [ "-DHILOG_ENABLE" ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", @@ -100,6 +102,7 @@ ohos_unittest("libpermission_manager_mock_test") { "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", "${access_token_path}/services/common:accesstoken_service_common", ] diff --git a/services/accesstokenmanager/test/unittest/BUILD.gn b/services/accesstokenmanager/test/unittest/BUILD.gn index 812c0a2a1..f2866ef0d 100644 --- a/services/accesstokenmanager/test/unittest/BUILD.gn +++ b/services/accesstokenmanager/test/unittest/BUILD.gn @@ -36,7 +36,6 @@ accesstoken_manager_service_source = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp", @@ -102,7 +101,10 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") { sources += [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/dlp_permission_set_manager.cpp" ] } - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", @@ -113,6 +115,7 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") { "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", "${access_token_path}/services/common:accesstoken_service_common", ] diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index 0c7fb6a31..a519fd132 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -35,6 +35,7 @@ #include "permission_validator.h" #include "string_ex.h" #include "token_setproc.h" +#include "system_ability_definition.h" using namespace testing::ext; using namespace OHOS; @@ -48,6 +49,7 @@ static constexpr int USER_ID = 100; static constexpr int INST_INDEX = 0; static constexpr int32_t MAX_EXTENDED_MAP_SIZE = 512; static constexpr int32_t MAX_VALUE_LENGTH = 1024; +static AccessTokenID g_selfTokenId = 0; static PermissionDef g_infoManagerTestPermDef1 = { .permissionName = "open the door", .bundleName = "accesstoken_test", @@ -107,6 +109,7 @@ static PermissionStatus g_permState = { }; #ifdef TOKEN_SYNC_ENABLE +static uint32_t tokenSyncId_ = 0; static const int32_t FAKE_SYNC_RET = 0xabcdef; class TokenSyncCallbackMock : public TokenSyncCallbackStub { public: @@ -122,12 +125,14 @@ public: void AccessTokenInfoManagerTest::SetUpTestCase() { + g_selfTokenId = GetSelfTokenID(); AccessTokenInfoManager::GetInstance().Init(); } void AccessTokenInfoManagerTest::TearDownTestCase() { sleep(3); // delay 3 minutes + SetSelfTokenID(g_selfTokenId); } void AccessTokenInfoManagerTest::SetUp() @@ -387,9 +392,10 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken001, TestSize.Level1) HapPolicyParcel hapPolicyParcel; hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL; hapPolicyParcel.hapPolicy.domain = "test.domain"; - AccessTokenIDEx tokenIdEx; - HapInfoCheckResult result; - ASSERT_EQ(ERR_PARAM_INVALID, atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, tokenIdEx, result)); + uint64_t fullTokenId; + HapInfoCheckResultIdl result; + ASSERT_EQ(ERR_PARAM_INVALID, + atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, fullTokenId, result)); } /** @@ -413,10 +419,10 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken002, TestSize.Level1) HapPolicyParcel hapPolicyParcel; hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL; hapPolicyParcel.hapPolicy.domain = "test.domain"; - AccessTokenIDEx tokenIdEx; - HapInfoCheckResult result; + uint64_t fullTokenId; + HapInfoCheckResultIdl result; ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED, - atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, tokenIdEx, result)); + atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, fullTokenId, result)); } /** @@ -454,18 +460,29 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken003, TestSize.Level1) .permList = {}, .permStateList = { permissionStateA, permissionStateB } }; - AccessTokenIDEx fullTokenId = {0}; + uint64_t fullTokenId;; + HapInfoCheckResultIdl resultInfoIdl; HapInfoCheckResult result; - ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED, atManagerService_->InitHapToken(info, policy, fullTokenId, result)); + ASSERT_EQ(0, + atManagerService_->InitHapToken(info, policy, fullTokenId, resultInfoIdl)); + + PermissionInfoCheckResult permCheckResult; + permCheckResult.permissionName = resultInfoIdl.permissionName; + int32_t rule = static_cast(resultInfoIdl.rule); + permCheckResult.rule = PermissionRulesEnum(rule); + result.permCheckResult = permCheckResult; ASSERT_EQ(result.permCheckResult.permissionName, "ohos.permission.GET_ALL_APP_ACCOUNTS"); ASSERT_EQ(result.permCheckResult.rule, PERMISSION_ACL_RULE); permissionStateA.permissionName = "ohos.permission.ENTERPRISE_MANAGE_SETTINGS"; policy.hapPolicy.aclRequestedList = { "ohos.permission.ENTERPRISE_MANAGE_SETTINGS" }; policy.hapPolicy.permStateList = { permissionStateA, permissionStateB }; - ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED, atManagerService_->InitHapToken(info, policy, fullTokenId, result)); - ASSERT_EQ(result.permCheckResult.permissionName, "ohos.permission.ENTERPRISE_MANAGE_SETTINGS"); - ASSERT_EQ(result.permCheckResult.rule, PERMISSION_EDM_RULE); + ASSERT_EQ(0, + atManagerService_->InitHapToken(info, policy, fullTokenId, resultInfoIdl)); + + ASSERT_EQ(resultInfoIdl.permissionName, "ohos.permission.ENTERPRISE_MANAGE_SETTINGS"); + rule = static_cast(resultInfoIdl.rule); + ASSERT_EQ(PermissionRulesEnum(rule), PERMISSION_EDM_RULE); } static void GetHapParams(HapInfoParams& infoParams, HapPolicy& policyParams) @@ -514,8 +531,8 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken004, TestSize.Level1) HapPolicyParcel policy; GetHapParams(info.hapInfoParameter, policy.hapPolicy); - AccessTokenIDEx fullTokenId; - HapInfoCheckResult result; + uint64_t fullTokenId;; + HapInfoCheckResultIdl result; int32_t ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result); ASSERT_EQ(RET_SUCCESS, ret); @@ -529,12 +546,14 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken004, TestSize.Level1) std::to_string(MAX_EXTENDED_MAP_SIZE - 1); ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result); ASSERT_EQ(RET_SUCCESS, ret); + AccessTokenIDEx tokenIDEx = {fullTokenId}; + AccessTokenID tokenID = tokenIDEx.tokenIdExStruct.tokenID; policy.hapPolicy.aclExtendedMap[std::to_string(MAX_EXTENDED_MAP_SIZE)] = std::to_string(MAX_EXTENDED_MAP_SIZE); ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result); ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret); - AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID; + ret = atManagerService_->DeleteToken(tokenID); EXPECT_EQ(RET_SUCCESS, ret); } @@ -551,8 +570,8 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken005, TestSize.Level1) HapPolicyParcel policy; GetHapParams(info.hapInfoParameter, policy.hapPolicy); - AccessTokenIDEx fullTokenId; - HapInfoCheckResult result; + uint64_t fullTokenId; + HapInfoCheckResultIdl result; policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = ""; int32_t ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result); ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret); @@ -566,12 +585,13 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken005, TestSize.Level1) policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue; ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result); ASSERT_EQ(RET_SUCCESS, ret); + AccessTokenIDEx tokenIDEx = {fullTokenId}; + AccessTokenID tokenID = tokenIDEx.tokenIdExStruct.tokenID; testValue.push_back('1'); policy.hapPolicy.aclExtendedMap["ohos.permission.ACCESS_CERT_MANAGER"] = testValue; ret = atManagerService_->InitHapToken(info, policy, fullTokenId, result); ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret); - AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID; ret = atManagerService_->DeleteToken(tokenID); EXPECT_EQ(RET_SUCCESS, ret); @@ -588,14 +608,14 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken006, TestSize.Level1) HapInfoParcel info; HapPolicyParcel policy; GetHapParams(info.hapInfoParameter, policy.hapPolicy); - AccessTokenIDEx fullTokenId; - HapInfoCheckResult result; + uint64_t fullTokenId; + HapInfoCheckResultIdl result; TestPrepareKernelPermissionStatus(policy.hapPolicy); ASSERT_EQ(RET_SUCCESS, atManagerService_->InitHapToken(info, policy, fullTokenId, result)); - AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID; + AccessTokenID tokenID = static_cast(fullTokenId); - std::vector kernelPermList; + std::vector kernelPermList; EXPECT_EQ(RET_SUCCESS, atManagerService_->GetKernelPermissions(tokenID, kernelPermList)); EXPECT_EQ(1, kernelPermList.size()); @@ -624,15 +644,15 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken007, TestSize.Level1) HapInfoParcel info; HapPolicyParcel policy; GetHapParams(info.hapInfoParameter, policy.hapPolicy); - AccessTokenIDEx fullTokenId; - HapInfoCheckResult result; + uint64_t fullTokenId; + HapInfoCheckResultIdl result; TestPrepareKernelPermissionStatus(policy.hapPolicy); policy.hapPolicy.aclExtendedMap.erase("ohos.permission.KERNEL_ATM_SELF_USE"); ASSERT_EQ(RET_SUCCESS, atManagerService_->InitHapToken(info, policy, fullTokenId, result)); - AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID; + AccessTokenID tokenID = static_cast(fullTokenId); - std::vector kernelPermList; + std::vector kernelPermList; EXPECT_EQ(RET_SUCCESS, atManagerService_->GetKernelPermissions(tokenID, kernelPermList)); EXPECT_EQ(1, kernelPermList.size()); @@ -850,15 +870,15 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken004, TestSize.Level1) HapInfoParcel info; HapPolicyParcel policy; GetHapParams(info.hapInfoParameter, policy.hapPolicy); - AccessTokenIDEx fullTokenId; - HapInfoCheckResult result; + uint64_t fullTokenId; + HapInfoCheckResultIdl result; TestPrepareKernelPermissionStatus(policy.hapPolicy); ASSERT_EQ(RET_SUCCESS, atManagerService_->InitHapToken(info, policy, fullTokenId, result)); - AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID; + AccessTokenID tokenID = static_cast(fullTokenId); policy.hapPolicy.aclExtendedMap["ohos.permission.KERNEL_ATM_SELF_USE"] = "1"; // modified value - UpdateHapInfoParams updateInfoParams = { + UpdateHapInfoParamsIdl updateInfoParams = { .appIDDesc = "AccessTokenTestAppID", .apiVersion = DEFAULT_API_VERSION, .isSystemApp = true, @@ -866,7 +886,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken004, TestSize.Level1) }; EXPECT_EQ(RET_SUCCESS, atManagerService_->UpdateHapToken(fullTokenId, updateInfoParams, policy, result)); - std::vector kernelPermList; + std::vector kernelPermList; EXPECT_EQ(RET_SUCCESS, atManagerService_->GetKernelPermissions(tokenID, kernelPermList)); EXPECT_EQ(1, kernelPermList.size()); @@ -1117,6 +1137,15 @@ HWTEST_F(AccessTokenInfoManagerTest, NotifyTokenSyncTask001, TestSize.Level1) TokenModifyNotifier::GetInstance().modifiedTokenList_ = modifiedTokenList; // recovery } +void setPermission() +{ + setuid(0); + if (tokenSyncId_ == 0) { + tokenSyncId_ = AccessTokenInfoManager::GetInstance().GetNativeTokenId("token_sync_service"); + } + SetSelfTokenID(tokenSyncId_); +} + /** * @tc.name: RegisterTokenSyncCallback001 * @tc.desc: TokenModifyNotifier::RegisterTokenSyncCallback function test @@ -1125,7 +1154,7 @@ HWTEST_F(AccessTokenInfoManagerTest, NotifyTokenSyncTask001, TestSize.Level1) */ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Level1) { - setuid(3020); + setPermission(); sptr callback = new (std::nothrow) TokenSyncCallbackMock(); ASSERT_NE(nullptr, callback); EXPECT_EQ(RET_SUCCESS, @@ -1133,6 +1162,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Leve EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_); EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackDeathRecipient_); + setuid(3020); EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_)).WillOnce(testing::Return(FAKE_SYNC_RET)); EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_->GetRemoteHapTokenInfo("", 0)); @@ -1143,6 +1173,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Leve EXPECT_CALL(*callback, UpdateRemoteHapTokenInfo(testing::_)).WillOnce(testing::Return(FAKE_SYNC_RET)); EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_->UpdateRemoteHapTokenInfo(tokenInfo)); + setPermission(); EXPECT_EQ(RET_SUCCESS, atManagerService_->UnRegisterTokenSyncCallback()); EXPECT_EQ(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_); @@ -1158,12 +1189,13 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Leve */ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Level1) { - setuid(3020); + setPermission(); sptr callback = new (std::nothrow) TokenSyncCallbackMock(); ASSERT_NE(nullptr, callback); EXPECT_EQ(RET_SUCCESS, atManagerService_->RegisterTokenSyncCallback(callback->AsObject())); EXPECT_NE(nullptr, TokenModifyNotifier::GetInstance().tokenSyncCallbackObject_); + setuid(3020); EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_)) .WillOnce(testing::Return(FAKE_SYNC_RET)); EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance().GetRemoteHapTokenInfo("", 0)); @@ -1199,6 +1231,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Leve TokenModifyNotifier::GetInstance().modifiedTokenList_ = modifiedTokenList; // recovery TokenModifyNotifier::GetInstance().deleteTokenList_ = deleteTokenList; + setPermission(); EXPECT_EQ(RET_SUCCESS, atManagerService_->UnRegisterTokenSyncCallback()); setuid(0); @@ -1212,10 +1245,11 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Leve */ HWTEST_F(AccessTokenInfoManagerTest, GetRemoteHapTokenInfo001, TestSize.Level1) { - setuid(3020); + setPermission(); sptr callback = new (std::nothrow) TokenSyncCallbackMock(); ASSERT_NE(nullptr, callback); EXPECT_EQ(RET_SUCCESS, atManagerService_->RegisterTokenSyncCallback(callback->AsObject())); + setuid(3020); EXPECT_CALL(*callback, GetRemoteHapTokenInfo(testing::_, testing::_)) .WillOnce(testing::Return(FAKE_SYNC_RET)); EXPECT_EQ(FAKE_SYNC_RET, TokenModifyNotifier::GetInstance() @@ -1225,6 +1259,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetRemoteHapTokenInfo001, TestSize.Level1) .WillOnce(testing::Return(TOKEN_SYNC_OPENSOURCE_DEVICE)); EXPECT_EQ(TOKEN_SYNC_IPC_ERROR, TokenModifyNotifier::GetInstance() .GetRemoteHapTokenInfo("invalid_id", 0)); // this is a test input + setPermission(); EXPECT_EQ(RET_SUCCESS, atManagerService_->UnRegisterTokenSyncCallback()); setuid(0); @@ -2081,8 +2116,9 @@ HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level1) hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL; hapPolicyParcel.hapPolicy.domain = "test.domain"; - AccessTokenIDEx tokenIDEx = atManagerService_->AllocHapToken(hapinfoParcel, hapPolicyParcel); - ASSERT_EQ(INVALID_TOKENID, tokenIDEx.tokenIDEx); + uint64_t tokenIDEx; + atManagerService_->AllocHapToken(hapinfoParcel, hapPolicyParcel, tokenIDEx); + ASSERT_EQ(INVALID_TOKENID, tokenIDEx); } /** @@ -2132,34 +2168,6 @@ HWTEST_F(AccessTokenInfoManagerTest, Dlopen002, TestSize.Level1) } #endif -/** - * @tc.name: OnRemoteRequest001 - * @tc.desc: Test OnRemoteRequest - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(AccessTokenInfoManagerTest, OnRemoteRequest001, TestSize.Level1) -{ - uint32_t code = 0; - MessageParcel data; - MessageParcel reply; - MessageOption option; - data.WriteInterfaceToken(u"this is a test interface"); - EXPECT_EQ(ERROR_IPC_REQUEST_FAIL, atManagerService_->OnRemoteRequest(code, data, reply, option)); - - std::map oldMap = atManagerService_->requestFuncMap_; - atManagerService_->requestFuncMap_.clear(); - atManagerService_->requestFuncMap_[1] = nullptr; - - data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); - EXPECT_NE(NO_ERROR, atManagerService_->OnRemoteRequest(code, data, reply, option)); - - data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); - EXPECT_NE(NO_ERROR, atManagerService_->OnRemoteRequest(1, data, reply, option)); - - atManagerService_->requestFuncMap_ = oldMap; -} - /** * @tc.name: VerifyNativeAccessToken001 * @tc.desc: AccessTokenInfoManagerTest::VerifyNativeAccessToken function test @@ -2367,4 +2375,4 @@ HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus002, TestSi } } // namespace AccessToken } // namespace Security -} // namespace OHOS +} // namespace OHOS \ No newline at end of file diff --git a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni index e48ac73d9..c0406e4aa 100644 --- a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni +++ b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -56,6 +56,7 @@ access_token_deps = [ "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", "${access_token_path}/services/accesstokenmanager:access_token.rc", "${access_token_path}/services/accesstokenmanager/etc:param_files", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", "${access_token_path}/services/common:accesstoken_service_common", "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils", ] @@ -100,7 +101,6 @@ access_token_sources = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp", diff --git a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/BUILD.gn index 72c33dd15..0f649acb5 100644 --- a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("AllocHapTokenStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp index 15da22d9a..0125f79fb 100644 --- a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023-2024 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -24,7 +24,7 @@ #undef private #include "accesstoken_manager_service.h" #include "hap_info_parcel.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -93,7 +93,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::ALLOC_TOKEN_HAP); + IAccessTokenManagerIpcCode::COMMAND_ALLOC_HAP_TOKEN); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/BUILD.gn index 16c34223e..935dc5a39 100644 --- a/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("AllocLocalTokenIDStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/alloclocaltokenidstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/alloclocaltokenidstub_fuzzer.cpp index afca023e1..79e4f2c43 100644 --- a/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/alloclocaltokenidstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/alloclocaltokenidstub_fuzzer/alloclocaltokenidstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -48,7 +48,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::ALLOC_LOCAL_TOKEN_ID); + IAccessTokenManagerIpcCode::COMMAND_ALLOC_LOCAL_TOKEN_I_D); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/BUILD.gn index 8e0863d3b..c7a63b3a1 100644 --- a/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("ClearUserGrantedPermissionStateStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/clearusergrantedpermissionstatestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/clearusergrantedpermissionstatestub_fuzzer.cpp index 74b20b953..6d0865fe8 100644 --- a/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/clearusergrantedpermissionstatestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/clearusergrantedpermissionstatestub_fuzzer/clearusergrantedpermissionstatestub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -46,7 +46,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::CLEAR_USER_GRANT_PERMISSION); + IAccessTokenManagerIpcCode::COMMAND_CLEAR_USER_GRANTED_PERMISSION_STATE); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/BUILD.gn index 03a4a1ceb..8c7329171 100644 --- a/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("DeleteRemoteDeviceTokensStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp index cd02f2da0..ac5977c12 100644 --- a/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp @@ -23,7 +23,7 @@ #include "accesstoken_info_manager.h" #include "accesstoken_kit.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "token_setproc.h" using namespace std; @@ -50,7 +50,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::DELETE_REMOTE_DEVICE_TOKEN); + IAccessTokenManagerIpcCode::COMMAND_DELETE_REMOTE_DEVICE_TOKENS); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/BUILD.gn index 9985da7f8..f3b5fd118 100644 --- a/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("DeleteRemoteTokenStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp index 86ef252ac..b9f55622a 100644 --- a/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #include "accesstoken_info_manager.h" #include "accesstoken_kit.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "token_setproc.h" using namespace std; @@ -54,7 +54,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::DELETE_REMOTE_TOKEN_INFO); + IAccessTokenManagerIpcCode::COMMAND_DELETE_REMOTE_TOKEN); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/BUILD.gn index f64cc370e..5063db50f 100644 --- a/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("DeleteTokenStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/deletetokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/deletetokenstub_fuzzer.cpp index 2048eeedc..80d797a4f 100644 --- a/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/deletetokenstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/deletetokenstub_fuzzer/deletetokenstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -47,7 +47,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::TOKEN_DELETE); + IAccessTokenManagerIpcCode::COMMAND_DELETE_TOKEN); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/BUILD.gn index c2446867e..b06825841 100644 --- a/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("DumpTokenInfoStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp index b60d73996..96e30a502 100644 --- a/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -43,7 +43,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::DUMP_TOKENINFO); + IAccessTokenManagerIpcCode::COMMAND_DUMP_TOKEN_INFO); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/BUILD.gn index ded95af83..3cd1c415b 100644 --- a/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetDefPermissionStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/getdefpermissionstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/getdefpermissionstub_fuzzer.cpp index f16a57366..5be9fb45e 100644 --- a/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/getdefpermissionstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getdefpermissionstub_fuzzer/getdefpermissionstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "permission_def_parcel.h" using namespace std; @@ -45,7 +45,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_DEF_PERMISSION); + IAccessTokenManagerIpcCode::COMMAND_GET_DEF_PERMISSION); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/BUILD.gn index feff7b531..5f964f2ef 100644 --- a/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetHapTokenIDStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/gethaptokenidstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/gethaptokenidstub_fuzzer.cpp index c2e0560ee..39c8c5fff 100644 --- a/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/gethaptokenidstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/gethaptokenidstub_fuzzer/gethaptokenidstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #include "accesstoken_fuzzdata.h" #undef private #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -51,7 +51,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_HAP_TOKEN_ID); + IAccessTokenManagerIpcCode::COMMAND_GET_HAP_TOKEN_I_D); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/BUILD.gn index 96c90b59d..1fb85c364 100644 --- a/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetHapTokenInfoExtStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/gethaptokeninfoextstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/gethaptokeninfoextstub_fuzzer.cpp index 2f2c8dfc7..1f6b07eb3 100644 --- a/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/gethaptokeninfoextstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/gethaptokeninfoextstub_fuzzer/gethaptokeninfoextstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -24,7 +24,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "permission_def_parcel.h" #include "accesstoken_kit.h" #include "access_token.h" @@ -134,7 +134,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_HAP_TOKENINFO_EXT); + IAccessTokenManagerIpcCode::COMMAND_GET_HAP_TOKEN_INFO_EXTENSION); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/BUILD.gn index 6cebda6d4..534f9be56 100644 --- a/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetHapTokenInfoFromRemoteStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp index 747adab6e..98b432e1a 100644 --- a/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #include "accesstoken_info_manager.h" #include "accesstoken_kit.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "token_setproc.h" using namespace std; @@ -49,7 +49,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_HAP_TOKEN_FROM_REMOTE); + IAccessTokenManagerIpcCode::COMMAND_GET_HAP_TOKEN_INFO_FROM_REMOTE); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/BUILD.gn index 3780e4e29..5b17d73eb 100644 --- a/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetHapTokenInfoStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/gethaptokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/gethaptokeninfostub_fuzzer.cpp index 234dcdd9c..9f05b6060 100644 --- a/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/gethaptokeninfostub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/gethaptokeninfostub_fuzzer/gethaptokeninfostub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "permission_def_parcel.h" using namespace std; @@ -48,7 +48,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_HAP_TOKENINFO); + IAccessTokenManagerIpcCode::COMMAND_GET_HAP_TOKEN_INFO); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/BUILD.gn index 5a0763a72..9bbe0f010 100644 --- a/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetKernelPermissionsStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/getkernelpermissionsstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/getkernelpermissionsstub_fuzzer.cpp index 5d18288f5..06c8c603e 100644 --- a/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/getkernelpermissionsstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getkernelpermissionsstub_fuzzer/getkernelpermissionsstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -42,7 +42,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(AccessTokenInterfaceCode::GET_KERNEL_PERMISSIONS); + uint32_t code = static_cast(IAccessTokenManagerIpcCode::COMMAND_GET_KERNEL_PERMISSIONS); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/BUILD.gn index 88f5a33e3..e03846b15 100644 --- a/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetNativeTokenIdStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/getnativetokenidstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/getnativetokenidstub_fuzzer.cpp index a6ba9c6ec..96f13c6c9 100644 --- a/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/getnativetokenidstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getnativetokenidstub_fuzzer/getnativetokenidstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "permission_def_parcel.h" using namespace std; @@ -48,7 +48,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_NATIVE_TOKEN_ID); + IAccessTokenManagerIpcCode::COMMAND_GET_NATIVE_TOKEN_ID); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/BUILD.gn index bf1c570cd..69a27a830 100644 --- a/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetNativeTokenInfoStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/getnativetokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/getnativetokeninfostub_fuzzer.cpp index aae9deef4..505057e1e 100644 --- a/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/getnativetokeninfostub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getnativetokeninfostub_fuzzer/getnativetokeninfostub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -45,7 +45,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_NATIVE_TOKENINFO); + IAccessTokenManagerIpcCode::COMMAND_GET_NATIVE_TOKEN_INFO); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/BUILD.gn index bd20c6515..c0950cccd 100644 --- a/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetPermissionFlagStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/getpermissionflagstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/getpermissionflagstub_fuzzer.cpp index 1a568a539..cc4c7fc5d 100644 --- a/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/getpermissionflagstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getpermissionflagstub_fuzzer/getpermissionflagstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -46,7 +46,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_PERMISSION_FLAG); + IAccessTokenManagerIpcCode::COMMAND_GET_PERMISSION_FLAG); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/BUILD.gn index 07a60bedb..ac30fc2f5 100644 --- a/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetPermissionRequestToggleStatusStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/getpermissionrequesttogglestatusstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/getpermissionrequesttogglestatusstub_fuzzer.cpp index 841934814..10b12bce5 100644 --- a/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/getpermissionrequesttogglestatusstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getpermissionrequesttogglestatusstub_fuzzer/getpermissionrequesttogglestatusstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -46,7 +46,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_PERMISSION_REQUEST_TOGGLE_STATUS); + IAccessTokenManagerIpcCode::COMMAND_GET_PERMISSION_REQUEST_TOGGLE_STATUS); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/BUILD.gn index 389e032db..efc48f2c8 100644 --- a/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -34,7 +34,10 @@ ohos_fuzztest("GetPermissionsStatusStubFuzzTest") { deps = access_token_deps deps += [ "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared" ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/getpermissionsstatusstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/getpermissionsstatusstub_fuzzer.cpp index 472fcc480..3f61fc13f 100644 --- a/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/getpermissionsstatusstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getpermissionsstatusstub_fuzzer/getpermissionsstatusstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -24,7 +24,7 @@ #include "access_token.h" #include "accesstoken_kit.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "nativetoken_kit.h" #include "securec.h" #include "token_setproc.h" @@ -120,7 +120,7 @@ size_t g_baseFuzzPos = 0; } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_PERMISSIONS_STATUS); + IAccessTokenManagerIpcCode::COMMAND_GET_PERMISSIONS_STATUS); MessageParcel reply; MessageOption option; bool enable = ((size % CONSTANTS_NUMBER_TWO) == 0); diff --git a/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/BUILD.gn index 81e50ab0a..9e050c961 100644 --- a/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetPermissionUsedTypeStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/getpermissionusedtypestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/getpermissionusedtypestub_fuzzer.cpp index 5c8a672de..46d926281 100644 --- a/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/getpermissionusedtypestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getpermissionusedtypestub_fuzzer/getpermissionusedtypestub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -24,7 +24,7 @@ #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" #include "hap_info_parcel.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -52,7 +52,7 @@ bool GetPermissionUsedTypeStubFuzzTest(const uint8_t* data, size_t size) } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_USER_GRANTED_PERMISSION_USED_TYPE); + IAccessTokenManagerIpcCode::COMMAND_GET_PERMISSION_USED_TYPE); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/BUILD.gn index d3ce3d6fc..0dfb959a6 100644 --- a/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetRemoteNativeTokenIDStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp index 2b8239078..1fb794568 100644 --- a/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #include "accesstoken_info_manager.h" #include "accesstoken_kit.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "token_setproc.h" using namespace std; @@ -54,7 +54,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_NATIVE_REMOTE_TOKEN); + IAccessTokenManagerIpcCode::COMMAND_GET_REMOTE_NATIVE_TOKEN_I_D); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/BUILD.gn index f2de773f0..197b8f6b2 100644 --- a/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetReqPermissionByNameStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/getreqpermissionbynamestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/getreqpermissionbynamestub_fuzzer.cpp index d9f021801..e0da7247c 100644 --- a/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/getreqpermissionbynamestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getreqpermissionbynamestub_fuzzer/getreqpermissionbynamestub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -42,7 +42,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(AccessTokenInterfaceCode::GET_PERMISSION_BY_NAME); + uint32_t code = static_cast(IAccessTokenManagerIpcCode::COMMAND_GET_REQ_PERMISSION_BY_NAME); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/BUILD.gn index 225390f68..0c3f1c41f 100644 --- a/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetReqPermissionsStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/getreqpermissionsstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/getreqpermissionsstub_fuzzer.cpp index d8db10cb1..022a9113e 100644 --- a/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/getreqpermissionsstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getreqpermissionsstub_fuzzer/getreqpermissionsstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "permission_def_parcel.h" using namespace std; @@ -47,7 +47,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_REQ_PERMISSIONS); + IAccessTokenManagerIpcCode::COMMAND_GET_REQ_PERMISSIONS); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/BUILD.gn index 6e0b50f04..064c9261c 100644 --- a/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetSelfPermissionsStateStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/getselfpermissionsstatestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/getselfpermissionsstatestub_fuzzer.cpp index bb35c40c4..a767372a2 100644 --- a/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/getselfpermissionsstatestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getselfpermissionsstatestub_fuzzer/getselfpermissionsstatestub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS; @@ -51,7 +51,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_PERMISSION_OPER_STATE); + IAccessTokenManagerIpcCode::COMMAND_GET_SELF_PERMISSIONS_STATE); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/BUILD.gn index e3bcbfced..78d02583e 100644 --- a/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/BUILD.gn @@ -32,7 +32,10 @@ ohos_fuzztest("GetTokenIDByUserIDStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/gettokenidbyuseridstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/gettokenidbyuseridstub_fuzzer.cpp index 3345a3bd2..a3b3cc411 100644 --- a/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/gettokenidbyuseridstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/gettokenidbyuseridstub_fuzzer/gettokenidbyuseridstub_fuzzer.cpp @@ -18,7 +18,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -41,7 +41,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_TOKEN_ID_BY_USER_ID); + IAccessTokenManagerIpcCode::COMMAND_GET_TOKEN_I_D_BY_USER_I_D); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/BUILD.gn index 1a167b063..e19e8f3d0 100644 --- a/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GetTokenTypeStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/gettokentypestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/gettokentypestub_fuzzer.cpp index f98c2ddc8..7a21b62dd 100644 --- a/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/gettokentypestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/gettokentypestub_fuzzer/gettokentypestub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -42,7 +42,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GET_TOKEN_TYPE); + IAccessTokenManagerIpcCode::COMMAND_GET_TOKEN_TYPE); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/BUILD.gn index 5416997fc..1f4268915 100644 --- a/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GrantPermissionForSpecifiedTimeStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp index 73e4bb695..ae92c9001 100644 --- a/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -24,7 +24,7 @@ #undef private #include "accesstoken_manager_service.h" #include "hap_info_parcel.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -49,7 +49,7 @@ namespace OHOS { return false; } uint32_t code = static_cast( - AccessTokenInterfaceCode::GRANT_PERMISSION_FOR_SPECIFIEDTIME); + IAccessTokenManagerIpcCode::COMMAND_ALLOC_HAP_TOKEN); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/BUILD.gn index c8b6142db..65dfeeeef 100644 --- a/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("GrantPermissionStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp index f7f3dff30..34aa2513d 100644 --- a/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -26,7 +26,7 @@ #include "accesstoken_info_manager.h" #include "accesstoken_kit.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "token_setproc.h" using namespace std; @@ -65,7 +65,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::GRANT_PERMISSION); + IAccessTokenManagerIpcCode::COMMAND_GRANT_PERMISSION); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/BUILD.gn index 5b707634a..4b1e8c6f2 100644 --- a/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("InitHapTokenStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/inithaptokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/inithaptokenstub_fuzzer.cpp index 13fa49d2a..ea023f93c 100644 --- a/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/inithaptokenstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/inithaptokenstub_fuzzer/inithaptokenstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -24,7 +24,7 @@ #undef private #include "accesstoken_manager_service.h" #include "hap_info_parcel.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -93,7 +93,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::INIT_TOKEN_HAP); + IAccessTokenManagerIpcCode::COMMAND_INIT_HAP_TOKEN); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/BUILD.gn index ac370e147..33e4bf96f 100644 --- a/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/BUILD.gn @@ -34,7 +34,10 @@ ohos_fuzztest("InitUserPolicyStubFuzzTest") { deps = access_token_deps deps += [ "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared" ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/inituserpolicystub_fuzzer.cpp b/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/inituserpolicystub_fuzzer.cpp index 1184c309a..f4b01a42c 100644 --- a/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/inituserpolicystub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/inituserpolicystub_fuzzer/inituserpolicystub_fuzzer.cpp @@ -23,7 +23,7 @@ #include "accesstoken_fuzzdata.h" #include "accesstoken_kit.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "nativetoken_kit.h" #include "token_setproc.h" @@ -93,7 +93,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::INIT_USER_POLICY); + IAccessTokenManagerIpcCode::COMMAND_INIT_USER_POLICY); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/BUILD.gn index 155806b69..11a3e6545 100644 --- a/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("RegisterPermStateChangeCallbackStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/registerpermstatechangecallbackstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/registerpermstatechangecallbackstub_fuzzer.cpp index 251cfd7d9..b37d7b402 100644 --- a/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/registerpermstatechangecallbackstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/registerpermstatechangecallbackstub_fuzzer/registerpermstatechangecallbackstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -22,7 +22,7 @@ #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_client.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -77,7 +77,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::REGISTER_PERM_STATE_CHANGE_CALLBACK); + IAccessTokenManagerIpcCode::COMMAND_REGISTER_PERM_STATE_CHANGE_CALLBACK); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/BUILD.gn index cdb19e0af..63c5b686e 100644 --- a/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/BUILD.gn @@ -34,7 +34,10 @@ ohos_fuzztest("RegisterSelfPermStateChangeCallbackStubFuzzTest") { deps = access_token_deps deps += [ "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared" ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/registerselfpermstatechangecallbackstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/registerselfpermstatechangecallbackstub_fuzzer.cpp index 946e7fa59..4d35d90e5 100644 --- a/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/registerselfpermstatechangecallbackstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/registerselfpermstatechangecallbackstub_fuzzer/registerselfpermstatechangecallbackstub_fuzzer.cpp @@ -26,7 +26,7 @@ #include "accesstoken_kit.h" #include "accesstoken_manager_client.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "token_setproc.h" using namespace std; @@ -110,7 +110,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::REGISTER_SELF_PERM_STATE_CHANGE_CALLBACK); + IAccessTokenManagerIpcCode::COMMAND_REGISTER_SELF_PERM_STATE_CHANGE_CALLBACK); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/BUILD.gn index 7972f3712..9e06d8b29 100644 --- a/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("RequestAppPermOnSettingStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/requestapppermonsettingstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/requestapppermonsettingstub_fuzzer.cpp index 4c65417af..bcd22753e 100644 --- a/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/requestapppermonsettingstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/requestapppermonsettingstub_fuzzer/requestapppermonsettingstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -42,7 +42,7 @@ namespace OHOS { return false; } - uint32_t code = static_cast(AccessTokenInterfaceCode::REQUEST_APP_PERM_ON_SETTING); + uint32_t code = static_cast(IAccessTokenManagerIpcCode::COMMAND_REQUEST_APP_PERM_ON_SETTING); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/BUILD.gn index de933d784..5e81544fc 100644 --- a/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("RevokePermissionStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/revokepermissionstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/revokepermissionstub_fuzzer.cpp index aab7e2a75..30d69e7df 100644 --- a/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/revokepermissionstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/revokepermissionstub_fuzzer/revokepermissionstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -48,7 +48,7 @@ namespace OHOS { return false; } uint32_t code = static_cast( - AccessTokenInterfaceCode::REVOKE_PERMISSION); + IAccessTokenManagerIpcCode::COMMAND_REVOKE_PERMISSION); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/BUILD.gn index 81f75417d..c240203ea 100644 --- a/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("SetPermDialogCapFuzzTest") { deps = access_token_deps deps += [ "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared" ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/setpermdialogcap_fuzzer.cpp b/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/setpermdialogcap_fuzzer.cpp index 153e3bbd2..994193a1a 100644 --- a/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/setpermdialogcap_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/setpermdialogcap_fuzzer/setpermdialogcap_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #include "accesstoken_fuzzdata.h" #include "accesstoken_kit.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "nativetoken_kit.h" #include "securec.h" #include "token_setproc.h" @@ -72,7 +72,7 @@ namespace OHOS { if (!datas.WriteParcelable(&baseInfoParcel)) { return false; } - uint32_t code = static_cast(AccessTokenInterfaceCode::SET_PERM_DIALOG_CAPABILITY); + uint32_t code = static_cast(IAccessTokenManagerIpcCode::COMMAND_SET_PERM_DIALOG_CAP); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/BUILD.gn index 7a7623c5f..2bf1efcd2 100644 --- a/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("SetPermissionRequestToggleStatusStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/setpermissionrequesttogglestatusstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/setpermissionrequesttogglestatusstub_fuzzer.cpp index c2934d016..7e98d5860 100644 --- a/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/setpermissionrequesttogglestatusstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/setpermissionrequesttogglestatusstub_fuzzer/setpermissionrequesttogglestatusstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -23,7 +23,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -49,7 +49,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::SET_PERMISSION_REQUEST_TOGGLE_STATUS); + IAccessTokenManagerIpcCode::COMMAND_SET_PERMISSION_REQUEST_TOGGLE_STATUS); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/BUILD.gn index 35fa2dfe5..66b3dfb04 100644 --- a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("SetRemoteHapTokenInfoStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp index 8cda4c996..db20383d4 100644 --- a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -24,7 +24,7 @@ #include "accesstoken_info_manager.h" #include "accesstoken_kit.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "permission_state_full.h" #include "token_setproc.h" @@ -88,7 +88,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::SET_REMOTE_HAP_TOKEN_INFO); + IAccessTokenManagerIpcCode::COMMAND_SET_REMOTE_HAP_TOKEN_INFO); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/BUILD.gn index 7b73bb9b5..31a7c5de2 100644 --- a/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("UpdateHapTokenStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp index 939f5f390..e9763360a 100644 --- a/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -80,7 +80,7 @@ namespace OHOS { if (!datas.WriteParcelable(&hapPolicyParcel)) { return false; } - uint32_t code = static_cast(AccessTokenInterfaceCode::UPDATE_HAP_TOKEN); + uint32_t code = static_cast(IAccessTokenManagerIpcCode::COMMAND_UPDATE_HAP_TOKEN); MessageParcel reply; MessageOption option; bool enable = ((size % CONSTANTS_NUMBER_TWO) == 0); diff --git a/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/BUILD.gn index 3d21d687f..3a5c06574 100644 --- a/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/BUILD.gn @@ -34,7 +34,10 @@ ohos_fuzztest("UpdateUserPolicyStubFuzzTest") { deps = access_token_deps deps += [ "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared" ] - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/updateuserpolicystub_fuzzer.cpp b/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/updateuserpolicystub_fuzzer.cpp index c0a8edc5d..0714eab49 100644 --- a/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/updateuserpolicystub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/updateuserpolicystub_fuzzer/updateuserpolicystub_fuzzer.cpp @@ -23,7 +23,7 @@ #include "accesstoken_fuzzdata.h" #include "accesstoken_kit.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" #include "nativetoken_kit.h" #include "token_setproc.h" @@ -85,7 +85,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::UPDATE_USER_POLICY); + IAccessTokenManagerIpcCode::COMMAND_UPDATE_USER_POLICY); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/BUILD.gn index 3187a41a1..47672fbf1 100644 --- a/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("VerifyAccessTokenStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/verifyaccesstokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/verifyaccesstokenstub_fuzzer.cpp index d0c514595..7575cc237 100644 --- a/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/verifyaccesstokenstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/verifyaccesstokenstub_fuzzer/verifyaccesstokenstub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -44,7 +44,7 @@ namespace OHOS { } uint32_t code = static_cast( - AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN); + IAccessTokenManagerIpcCode::COMMAND_VERIFY_ACCESS_TOKEN); MessageParcel reply; MessageOption option; diff --git a/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/BUILD.gn index 1d6648b8f..c134bd809 100644 --- a/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -33,7 +33,10 @@ ohos_fuzztest("VerifyAccessTokenWithListStubFuzzTest") { deps = access_token_deps - configs = [ "${access_token_path}/config:coverage_flags" ] + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] external_deps = access_token_external_deps diff --git a/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/verifyaccesstokenwithliststub_fuzzer.cpp b/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/verifyaccesstokenwithliststub_fuzzer.cpp index af153efff..b6ddf6902 100644 --- a/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/verifyaccesstokenwithliststub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/verifyaccesstokenwithliststub_fuzzer/verifyaccesstokenwithliststub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +21,7 @@ #undef private #include "accesstoken_fuzzdata.h" #include "accesstoken_manager_service.h" -#include "i_accesstoken_manager.h" +#include "iaccess_token_manager.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -48,7 +48,8 @@ namespace OHOS { return false; } - uint32_t code = static_cast(AccessTokenInterfaceCode::VERIFY_ACCESSTOKEN_WITH_LIST); + uint32_t code = static_cast( + IAccessTokenManagerIpcCode::COMMAND_VERIFY_ACCESS_TOKEN_IN_UNSIGNED_INT_IN_LIST_STRING_OUT_LIST_INT); MessageParcel reply; MessageOption option; -- Gitee From a6fca9a307c3f043b7bec8185f8522683e4e0d6e Mon Sep 17 00:00:00 2001 From: bigtea Date: Sat, 29 Mar 2025 14:41:52 +0800 Subject: [PATCH 027/103] Fix verify accesstoken hisysevent Signed-off-by: bigtea --- frameworks/js/napi/accesstoken/src/napi_atmanager.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp index 3eda63f2c..fb96bff4c 100644 --- a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp +++ b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp @@ -614,9 +614,8 @@ napi_value NapiAtManager::VerifyAccessTokenSync(napi_env env, napi_callback_info return nullptr; } if (syncContext->tokenId != static_cast(selfTokenId)) { - int32_t cnt = g_cnt; + int32_t cnt = g_cnt.fetch_add(1); if (!AccessTokenKit::IsSystemAppByFullTokenID(selfTokenId) && cnt % REPORT_CNT == 0) { - g_cnt.fetch_add(1); AccessTokenID selfToken = static_cast(selfTokenId); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "VERIFY_ACCESS_TOKEN_EVENT", HiviewDFX::HiSysEvent::EventType::STATISTIC, "EVENT_CODE", VERIFY_TOKENID_INCONSISTENCY, -- Gitee From b2a3fe2a4eaec458173c91f7ad6a3cbf9c5859bc Mon Sep 17 00:00:00 2001 From: xia-bubai Date: Mon, 31 Mar 2025 11:23:05 +0800 Subject: [PATCH 028/103] fix warning Signed-off-by: xia-bubai Change-Id: I966c24a4fd8c8c4c679714edbddfcb5649e404c2 --- .../accesstoken/src/hap_policy_parcel.cpp | 53 +++++++++++-------- .../PermissionsTest/grant_permission_test.cpp | 5 ++ .../include/token/accesstoken_info_manager.h | 1 + .../main/cpp/src/database/data_translator.cpp | 7 --- .../src/token/accesstoken_info_manager.cpp | 22 ++++---- .../cpp/src/token/hap_token_info_inner.cpp | 4 +- 6 files changed, 51 insertions(+), 41 deletions(-) diff --git a/frameworks/accesstoken/src/hap_policy_parcel.cpp b/frameworks/accesstoken/src/hap_policy_parcel.cpp index d98620676..b80c7044f 100644 --- a/frameworks/accesstoken/src/hap_policy_parcel.cpp +++ b/frameworks/accesstoken/src/hap_policy_parcel.cpp @@ -75,6 +75,35 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const return true; } +static bool ReadLeftHapPolicyParcel(Parcel& in, HapPolicyParcel* hapPolicyParcel) +{ + uint32_t infoSize; + RETURN_IF_FALSE(in.ReadUint32(infoSize)); + RETURN_IF_FALSE((infoSize <= MAX_PERMLIST_SIZE)); + for (uint32_t i = 0; i < infoSize; i++) { + PreAuthorizationInfo info; + RETURN_IF_FALSE(in.ReadString(info.permissionName)); + RETURN_IF_FALSE(in.ReadBool(info.userCancelable)); + hapPolicyParcel->hapPolicy.preAuthorizationInfo.emplace_back(info); + } + int32_t checkIgnore; + RETURN_IF_FALSE(in.ReadInt32(checkIgnore)); + hapPolicyParcel->hapPolicy.checkIgnore = HapPolicyCheckIgnore(checkIgnore); + + uint32_t extSize; + RETURN_IF_FALSE(in.ReadUint32(extSize)); + RETURN_IF_FALSE((extSize <= MAX_ACL_MAP_SIZE)); + for (uint32_t i = 0; i < extSize; i++) { + std::string perm; + std::string value; + RETURN_IF_FALSE(in.ReadString(perm)); + RETURN_IF_FALSE(in.ReadString(value)); + hapPolicyParcel->hapPolicy.aclExtendedMap[perm] = value; + } + + return true; +} + HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in) { auto* hapPolicyParcel = new (std::nothrow) HapPolicyParcel(); @@ -114,29 +143,7 @@ HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(in.ReadString(acl), hapPolicyParcel); hapPolicyParcel->hapPolicy.aclRequestedList.emplace_back(acl); } - uint32_t infoSize; - RELEASE_IF_FALSE(in.ReadUint32(infoSize), hapPolicyParcel); - RELEASE_IF_FALSE((infoSize <= MAX_PERMLIST_SIZE), hapPolicyParcel); - for (uint32_t i = 0; i < infoSize; i++) { - PreAuthorizationInfo info; - RELEASE_IF_FALSE(in.ReadString(info.permissionName), hapPolicyParcel); - RELEASE_IF_FALSE(in.ReadBool(info.userCancelable), hapPolicyParcel); - hapPolicyParcel->hapPolicy.preAuthorizationInfo.emplace_back(info); - } - int32_t checkIgnore; - RELEASE_IF_FALSE(in.ReadInt32(checkIgnore), hapPolicyParcel); - hapPolicyParcel->hapPolicy.checkIgnore = HapPolicyCheckIgnore(checkIgnore); - - uint32_t extSize; - RELEASE_IF_FALSE(in.ReadUint32(extSize), hapPolicyParcel); - RELEASE_IF_FALSE((extSize <= MAX_ACL_MAP_SIZE), hapPolicyParcel); - for (uint32_t i = 0; i < extSize; i++) { - std::string perm; - std::string value; - RELEASE_IF_FALSE(in.ReadString(perm), hapPolicyParcel); - RELEASE_IF_FALSE(in.ReadString(value), hapPolicyParcel); - hapPolicyParcel->hapPolicy.aclExtendedMap[perm] = value; - } + RELEASE_IF_FALSE(ReadLeftHapPolicyParcel(in, hapPolicyParcel), hapPolicyParcel); return hapPolicyParcel; } } // namespace AccessToken diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp index 6cf38323b..423483b30 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_test.cpp @@ -279,6 +279,11 @@ HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest003, TestSize.Level0) */ HWTEST_F(GrantPermissionTest, GrantPermissionSpecsTest004, TestSize.Level0) { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GrantPermissionSpecsTest004", reqPerm, true); + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; int ret = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.SECURE_PASTE", PERMISSION_COMPONENT_SET); diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index e2819047c..6b328c568 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -139,6 +139,7 @@ private: void NativeTokenToString(AccessTokenID tokenID, std::string& info); int32_t CheckHapInfoParam(const HapInfoParams& info, const HapPolicy& policy); void UpdateHapToKernel(AccessTokenID tokenID, int32_t userId); + std::shared_ptr GetHapTokenInfoInnerFromDb(AccessTokenID id); bool hasInited_; std::atomic_int32_t dumpTaskNum_; diff --git a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp index b5845c9be..582841fd7 100644 --- a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp @@ -133,13 +133,6 @@ int32_t DataTranslator::TranslationIntoExtendedPermission( return ERR_PARAM_INVALID; } perm.value = inGenericValues.GetString(TokenFiledConst::FIELD_VALUE); - if (perm.value.empty()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Extended Permission value is empty"); - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK", - HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR, - "ERROR_REASON", "extended value empty"); - return ERR_PARAM_INVALID; - } return RET_SUCCESS; } diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 49d0e91b8..bd2050aa3 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -265,16 +265,8 @@ int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr AccessTokenInfoManager::GetHapTokenInfoInner(AccessTokenID id) +std::shared_ptr AccessTokenInfoManager::GetHapTokenInfoInnerFromDb(AccessTokenID id) { - { - Utils::UniqueReadGuard infoGuard(this->hapTokenInfoLock_); - auto iter = hapTokenInfoMap_.find(id); - if (iter != hapTokenInfoMap_.end()) { - return iter->second; - } - } - Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); GenericValues conditionValue; conditionValue.Put(TokenFiledConst::FIELD_TOKEN_ID, static_cast(id)); @@ -319,6 +311,18 @@ std::shared_ptr AccessTokenInfoManager::GetHapTokenInfoInner( return hap; } +std::shared_ptr AccessTokenInfoManager::GetHapTokenInfoInner(AccessTokenID id) +{ + { + Utils::UniqueReadGuard infoGuard(this->hapTokenInfoLock_); + auto iter = hapTokenInfoMap_.find(id); + if (iter != hapTokenInfoMap_.end()) { + return iter->second; + } + } + return GetHapTokenInfoInnerFromDb(id); +} + int32_t AccessTokenInfoManager::GetHapTokenDlpType(AccessTokenID id) { Utils::UniqueReadGuard infoGuard(this->hapTokenInfoLock_); diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 7133f2a21..5892bc2ed 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -460,9 +460,9 @@ void HapTokenInfoInner::PermStateFullToString(const PermissionStatus& state, std info.append(R"( "grantStatus": ")" + std::to_string(state.grantStatus) + R"(")" + ",\n"); info.append(R"( "grantFlag": ")" + std::to_string(state.grantFlag) + R"(")" + ",\n"); std::string value; - (void)PermissionDataBrief::GetInstance().GetReqPermissionByName( + int32_t ret = PermissionDataBrief::GetInstance().GetReqPermissionByName( tokenInfoBasic_.tokenID, state.permissionName, value, false); - if (!value.empty()) { + if (ret == RET_SUCCESS) { info.append(R"( "value": ")" + value + R"(")" + ",\n"); } info.append(R"( })"); -- Gitee From 42f111784e49e172e4aa90adb375bd8ebd606271 Mon Sep 17 00:00:00 2001 From: roshanliu Date: Mon, 31 Mar 2025 11:34:36 +0800 Subject: [PATCH 029/103] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: roshanliu --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 644e9cb05..8b56cd9b3 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6366,7 +6366,7 @@ "name": "ohos.permission.ACCESS_CALENDARDATA_FOR_BROKER", "grantMode": "system_grant", "availableLevel": "system_core", - "availableType": "SERVICE", + "availableType": "SYSTEM", "since": 17, "deprecated": "", "provisionEnable": true, -- Gitee From ca3414a0f7bd02c1ea66e1da3a4e1d62eaef0f70 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=A8=E4=B8=96=E7=90=A6=5Fhw?= <670097973@qq.com> Date: Mon, 31 Mar 2025 15:07:23 +0800 Subject: [PATCH 030/103] add trace manager permission MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 杨世琦_hw <670097973@qq.com> --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 644e9cb05..1c7c69b3e 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6391,6 +6391,16 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.HIVIEW_TRACE_MANAGE", + "grantMode": "system_grant", + "availableLevel": "system_core", + "availableType": "SERVICE", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false } ] } \ No newline at end of file -- Gitee From 08fbc4e313d912ff68ca803639cad9d3427c898f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=87=91=E6=96=B9=E9=91=AB?= Date: Tue, 1 Apr 2025 12:48:01 +0000 Subject: [PATCH 031/103] =?UTF-8?q?=E5=BC=80=E5=8F=91=E8=80=85=E5=85=B3?= =?UTF-8?q?=E6=80=80=E6=A8=A1=E5=BC=8F=E6=96=B0=E5=A2=9E=E6=9D=83=E9=99=90?= =?UTF-8?q?=20=E5=BC=80=E5=8F=91=E8=80=85=E5=85=B3=E6=80=80=E6=A8=A1?= =?UTF-8?q?=E5=BC=8F=E6=96=B0=E5=A2=9E=E6=9D=83=E9=99=90ohos.permission.UN?= =?UTF-8?q?LOCK=5FDEVELOPER=5FMODE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 金方鑫 --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index f59ac40cf..5d100e7b8 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -1120,6 +1120,16 @@ "provisionEnable": true, "distributedSceneEnable": true }, + { + "name": "ohos.permission.UNLOCK_DEVELOPER_MODE", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 9, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": true + }, { "name": "ohos.permission.ACCESS_CERT_MANAGER_INTERNAL", "grantMode": "system_grant", -- Gitee From 0207748c2e03cc8f7441496b596ffd4a571db310 Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Wed, 2 Apr 2025 10:45:24 +0800 Subject: [PATCH 032/103] =?UTF-8?q?TDD=E7=94=A8=E4=BE=8B=E8=A7=84=E8=8C=83?= =?UTF-8?q?=E5=8C=96=E6=95=B4=E6=94=B9-=E5=AD=90=E7=B3=BB=E7=BB=9F250402?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: I387537e4b0f6c65f94724f0598ad56c2b8eff18e --- frameworks/test/unittest/BUILD.gn | 2 +- interfaces/inner_api/el5filekeymanager/test/BUILD.gn | 2 +- interfaces/innerkits/accesstoken/test/unittest/BUILD.gn | 4 ++-- interfaces/innerkits/analysis_model/test/BUILD.gn | 2 +- interfaces/innerkits/nativetoken/test/BUILD.gn | 4 ++-- interfaces/innerkits/privacy/test/BUILD.gn | 4 ++-- interfaces/innerkits/token_callback/test/BUILD.gn | 2 +- interfaces/innerkits/token_setproc/test/BUILD.gn | 2 +- interfaces/innerkits/tokensync/test/BUILD.gn | 2 +- services/accesstokenmanager/test/coverage/BUILD.gn | 2 +- services/accesstokenmanager/test/mock/BUILD.gn | 2 +- services/accesstokenmanager/test/unittest/BUILD.gn | 2 +- services/common/database/test/BUILD.gn | 2 +- services/common/window_manager/test/BUILD.gn | 2 +- services/el5filekeymanager/test/BUILD.gn | 6 +++--- services/privacymanager/test/coverage/BUILD.gn | 2 +- services/privacymanager/test/tool/BUILD.gn | 2 +- services/privacymanager/test/unittest/BUILD.gn | 2 +- services/tokensyncmanager/test/coverage/BUILD.gn | 2 +- services/tokensyncmanager/test/unittest/BUILD.gn | 2 +- 20 files changed, 25 insertions(+), 25 deletions(-) diff --git a/frameworks/test/unittest/BUILD.gn b/frameworks/test/unittest/BUILD.gn index 36b40804c..2d749d265 100644 --- a/frameworks/test/unittest/BUILD.gn +++ b/frameworks/test/unittest/BUILD.gn @@ -25,7 +25,7 @@ config("accesstoken_test_config") { } ohos_unittest("libaccesstoken_framework_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/interfaces/inner_api/el5filekeymanager/test/BUILD.gn b/interfaces/inner_api/el5filekeymanager/test/BUILD.gn index e2ee9d40d..764d38de9 100644 --- a/interfaces/inner_api/el5filekeymanager/test/BUILD.gn +++ b/interfaces/inner_api/el5filekeymanager/test/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../access_token.gni") ohos_unittest("el5_filekey_manager_kit_unittest") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = "access_token/access_token" sanitize = { diff --git a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn index 39bdcaf01..c8267ecdb 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../../access_token.gni") ohos_unittest("libaccesstoken_sdk_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { @@ -117,7 +117,7 @@ ohos_unittest("libaccesstoken_sdk_test") { } ohos_unittest("accesstoken_mock_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/interfaces/innerkits/analysis_model/test/BUILD.gn b/interfaces/innerkits/analysis_model/test/BUILD.gn index 365f5497e..265879a60 100644 --- a/interfaces/innerkits/analysis_model/test/BUILD.gn +++ b/interfaces/innerkits/analysis_model/test/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../access_token.gni") ohos_unittest("lib_code_signature_analysis_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/interfaces/innerkits/nativetoken/test/BUILD.gn b/interfaces/innerkits/nativetoken/test/BUILD.gn index 641453b0a..683d5e331 100644 --- a/interfaces/innerkits/nativetoken/test/BUILD.gn +++ b/interfaces/innerkits/nativetoken/test/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../access_token.gni") ohos_unittest("libnativetoken_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { @@ -44,7 +44,7 @@ ohos_unittest("libnativetoken_test") { } ohos_unittest("libnativetoken_mock_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/interfaces/innerkits/privacy/test/BUILD.gn b/interfaces/innerkits/privacy/test/BUILD.gn index d8f958779..9e90dbb65 100644 --- a/interfaces/innerkits/privacy/test/BUILD.gn +++ b/interfaces/innerkits/privacy/test/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../access_token.gni") ohos_unittest("libprivacy_sdk_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { @@ -78,7 +78,7 @@ ohos_unittest("libprivacy_sdk_test") { } ohos_unittest("libprivacy_mock_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/interfaces/innerkits/token_callback/test/BUILD.gn b/interfaces/innerkits/token_callback/test/BUILD.gn index d2df573b8..cc3575eba 100644 --- a/interfaces/innerkits/token_callback/test/BUILD.gn +++ b/interfaces/innerkits/token_callback/test/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../access_token.gni") ohos_unittest("libtoken_callback_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/interfaces/innerkits/token_setproc/test/BUILD.gn b/interfaces/innerkits/token_setproc/test/BUILD.gn index 4a3e2da04..64b76e889 100644 --- a/interfaces/innerkits/token_setproc/test/BUILD.gn +++ b/interfaces/innerkits/token_setproc/test/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../access_token.gni") ohos_unittest("libtoken_setproc_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/interfaces/innerkits/tokensync/test/BUILD.gn b/interfaces/innerkits/tokensync/test/BUILD.gn index 1e8f9fdb6..d3b60728e 100644 --- a/interfaces/innerkits/tokensync/test/BUILD.gn +++ b/interfaces/innerkits/tokensync/test/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../access_token.gni") ohos_unittest("libtokensync_sdk_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/services/accesstokenmanager/test/coverage/BUILD.gn b/services/accesstokenmanager/test/coverage/BUILD.gn index 19e90844c..ecc13840b 100644 --- a/services/accesstokenmanager/test/coverage/BUILD.gn +++ b/services/accesstokenmanager/test/coverage/BUILD.gn @@ -42,7 +42,7 @@ accesstoken_manager_service_source = [ ] ohos_unittest("libaccesstoken_manager_service_coverage_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/services/accesstokenmanager/test/mock/BUILD.gn b/services/accesstokenmanager/test/mock/BUILD.gn index 306bad286..4accc53c0 100644 --- a/services/accesstokenmanager/test/mock/BUILD.gn +++ b/services/accesstokenmanager/test/mock/BUILD.gn @@ -42,7 +42,7 @@ accesstoken_manager_service_source = [ ] ohos_unittest("libpermission_manager_mock_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/services/accesstokenmanager/test/unittest/BUILD.gn b/services/accesstokenmanager/test/unittest/BUILD.gn index f2866ef0d..1074f025e 100644 --- a/services/accesstokenmanager/test/unittest/BUILD.gn +++ b/services/accesstokenmanager/test/unittest/BUILD.gn @@ -42,7 +42,7 @@ accesstoken_manager_service_source = [ ] ohos_unittest("libaccesstoken_manager_service_standard_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/services/common/database/test/BUILD.gn b/services/common/database/test/BUILD.gn index 0984317f1..9e8e5ff50 100644 --- a/services/common/database/test/BUILD.gn +++ b/services/common/database/test/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../access_token.gni") ohos_unittest("libdatabase_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/services/common/window_manager/test/BUILD.gn b/services/common/window_manager/test/BUILD.gn index a2da39146..b47965458 100644 --- a/services/common/window_manager/test/BUILD.gn +++ b/services/common/window_manager/test/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../access_token.gni") ohos_unittest("libwindow_manager_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/services/el5filekeymanager/test/BUILD.gn b/services/el5filekeymanager/test/BUILD.gn index f5e1cc9fd..9e94d9b2e 100644 --- a/services/el5filekeymanager/test/BUILD.gn +++ b/services/el5filekeymanager/test/BUILD.gn @@ -16,7 +16,7 @@ import("../../../access_token.gni") if (is_standard_system && ability_base_enable == true) { ohos_unittest("el5_filekey_manager_service_mock_unittest") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = "access_token/access_token" sanitize = { @@ -83,7 +83,7 @@ if (is_standard_system && ability_base_enable == true) { } ohos_unittest("el5_filekey_manager_service_unittest") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = "access_token/access_token" sanitize = { @@ -146,7 +146,7 @@ if (is_standard_system && ability_base_enable == true) { } ohos_unittest("el5_filekey_manager_stub_unittest") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = "access_token/access_token" sanitize = { diff --git a/services/privacymanager/test/coverage/BUILD.gn b/services/privacymanager/test/coverage/BUILD.gn index 79a2a8f51..bebe39ff1 100644 --- a/services/privacymanager/test/coverage/BUILD.gn +++ b/services/privacymanager/test/coverage/BUILD.gn @@ -16,7 +16,7 @@ import("../../../../access_token.gni") if (is_standard_system && ability_base_enable == true) { ohos_unittest("libprivacy_manager_service_coverage_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/services/privacymanager/test/tool/BUILD.gn b/services/privacymanager/test/tool/BUILD.gn index 9c31d167c..753773f3b 100644 --- a/services/privacymanager/test/tool/BUILD.gn +++ b/services/privacymanager/test/tool/BUILD.gn @@ -15,7 +15,7 @@ import("//base/security/access_token/access_token.gni") import("//build/test.gni") ohos_unittest("CreateCameraWindowTest") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/services/privacymanager/test/unittest/BUILD.gn b/services/privacymanager/test/unittest/BUILD.gn index 09e69fde2..48ea15a50 100644 --- a/services/privacymanager/test/unittest/BUILD.gn +++ b/services/privacymanager/test/unittest/BUILD.gn @@ -16,7 +16,7 @@ import("../../../../access_token.gni") if (is_standard_system && ability_base_enable == true) { ohos_unittest("libprivacy_manager_service_standard_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/services/tokensyncmanager/test/coverage/BUILD.gn b/services/tokensyncmanager/test/coverage/BUILD.gn index 363745110..952bc5e6a 100644 --- a/services/tokensyncmanager/test/coverage/BUILD.gn +++ b/services/tokensyncmanager/test/coverage/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../access_token.gni") ohos_unittest("libtoken_sync_service_coverage_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { diff --git a/services/tokensyncmanager/test/unittest/BUILD.gn b/services/tokensyncmanager/test/unittest/BUILD.gn index 7cd426c7b..f347b2b3c 100644 --- a/services/tokensyncmanager/test/unittest/BUILD.gn +++ b/services/tokensyncmanager/test/unittest/BUILD.gn @@ -15,7 +15,7 @@ import("//build/test.gni") import("../../../../access_token.gni") ohos_unittest("libtoken_sync_service_standard_test") { - subsystem_name = "security" + subsystem_name = "accesscontrol" part_name = "access_token" module_out_path = part_name + "/" + part_name sanitize = { -- Gitee From 880d26a64dfc8cb9465e578c37e1461ff7bee27d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=87=91=E6=96=B9=E9=91=AB?= Date: Mon, 7 Apr 2025 04:04:39 +0000 Subject: [PATCH 033/103] update services/accesstokenmanager/permission_definitions.json. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 金方鑫 --- .../permission_definitions.json | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 5d100e7b8..548b3bad3 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -1120,16 +1120,6 @@ "provisionEnable": true, "distributedSceneEnable": true }, - { - "name": "ohos.permission.UNLOCK_DEVELOPER_MODE", - "grantMode": "system_grant", - "availableLevel": "system_basic", - "availableType": "SYSTEM", - "since": 9, - "deprecated": "", - "provisionEnable": true, - "distributedSceneEnable": true - }, { "name": "ohos.permission.ACCESS_CERT_MANAGER_INTERNAL", "grantMode": "system_grant", @@ -6352,6 +6342,16 @@ "provisionEnable": true, "distributedSceneEnable": false }, + { + "name": "ohos.permission.UNLOCK_DEVELOPER_MODE", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 18, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false + }, { "name": "ohos.permission.CONNECT_DISTRIBUTED_EXTENSION", "grantMode": "system_grant", -- Gitee From 30b25dfaae2e009cd8934dc1e453b394cadf394b Mon Sep 17 00:00:00 2001 From: luyifan <842825214@qq.com> Date: Mon, 31 Mar 2025 11:04:38 +0800 Subject: [PATCH 034/103] Move permissions to API17: DISABLE_GOTPLT_RO_PROTECTION Signed-off-by: luyifan<842825214@qq.com> --- services/accesstokenmanager/permission_definitions.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 4e1843262..87e4107c7 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6016,7 +6016,7 @@ "grantMode": "system_grant", "availableLevel": "system_basic", "availableType": "NORMAL", - "since": 16, + "since": 17, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false, @@ -6303,4 +6303,4 @@ "distributedSceneEnable": true } ] -} \ No newline at end of file +} -- Gitee From 6b4c909c9a10bba798129ba8e31e78bce62de692 Mon Sep 17 00:00:00 2001 From: bigtea Date: Tue, 8 Apr 2025 09:31:09 +0800 Subject: [PATCH 035/103] Add tdd Signed-off-by: bigtea --- BUILD.gn | 1 + services/common/json_parse/test/BUILD.gn | 74 ++++ .../test/unittest/cjson_utils_test.cpp | 315 ++++++++++++++++++ .../test/unittest/json_parse_loader_test.cpp | 106 ++++++ .../{ => test}/unittest/json_parse_test.cpp | 0 ...ermission_record_manager_coverage_test.cpp | 129 +++++++ .../unittest/privacy_manager_service_test.cpp | 93 +++++- 7 files changed, 717 insertions(+), 1 deletion(-) create mode 100644 services/common/json_parse/test/BUILD.gn create mode 100644 services/common/json_parse/test/unittest/cjson_utils_test.cpp create mode 100644 services/common/json_parse/test/unittest/json_parse_loader_test.cpp rename services/common/json_parse/{ => test}/unittest/json_parse_test.cpp (100%) diff --git a/BUILD.gn b/BUILD.gn index 1d7cc5cdf..da01e9973 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -29,6 +29,7 @@ group("accesstoken_build_module_test") { "interfaces/innerkits/token_setproc/test:unittest", "services/accesstokenmanager/test:unittest", "services/common/database/test:unittest", + "services/common/json_parse/test:unittest" ] if (ability_base_enable == true) { deps += [ diff --git a/services/common/json_parse/test/BUILD.gn b/services/common/json_parse/test/BUILD.gn new file mode 100644 index 000000000..bf583367b --- /dev/null +++ b/services/common/json_parse/test/BUILD.gn @@ -0,0 +1,74 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") +import("../../../../access_token.gni") + +config("accesstoken_json_parse_config") { + visibility = [ ":*" ] + include_dirs = [ "include" ] +} + +ohos_unittest("libjsonparse_test") { + subsystem_name = "accesscontrol" + part_name = "access_token" + module_out_path = part_name + "/" + part_name + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + branch_protector_ret = "pac_ret" + + include_dirs = [ + "${access_token_path}/frameworks/common/include", + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", + "${access_token_path}/services/common/json_parse/include", + ] + + sources = [ + "${access_token_path}/services/common/json_parse/src/cjson_utils.cpp", + "${access_token_path}/services/common/json_parse/src/json_parse_loader.cpp", + "unittest/cjson_utils_test.cpp", + "unittest/json_parse_loader_test.cpp", + ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + configs = [ + "${access_token_path}/config:access_token_compile_flags", + "${access_token_path}/config:coverage_flags", + ] + public_configs = [ ":accesstoken_json_parse_config" ] + + deps = [ + "${access_token_path}/frameworks/common:accesstoken_common_cxx", + ] + + external_deps = [ + "cJSON:cjson", + "c_utils:utils", + "hilog:libhilog", + "ipc:ipc_single", + ] + + if (customization_config_policy_enable) { + cflags_cc += [ "-DCUSTOMIZATION_CONFIG_POLICY_ENABLE" ] + external_deps += [ "config_policy:configpolicy_util" ] + } +} + +group("unittest") { + testonly = true + deps = [ ":libjsonparse_test" ] +} diff --git a/services/common/json_parse/test/unittest/cjson_utils_test.cpp b/services/common/json_parse/test/unittest/cjson_utils_test.cpp new file mode 100644 index 000000000..b87787688 --- /dev/null +++ b/services/common/json_parse/test/unittest/cjson_utils_test.cpp @@ -0,0 +1,315 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include "cjson_utils.h" + +using namespace testing::ext; + +namespace OHOS { +namespace Security { +namespace AccessToken { + +class CJsonUtilsTest : public testing::Test { +public: + static void SetUpTestCase(); + static void TearDownTestCase(); + + void SetUp(); + void TearDown(); +}; + +void CJsonUtilsTest::SetUpTestCase() {} +void CJsonUtilsTest::TearDownTestCase() {} +void CJsonUtilsTest::SetUp() {} +void CJsonUtilsTest::TearDown() {} + +/* + * @tc.name: CreateJsonFromString + * @tc.desc: CreateJsonFromString + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level1) +{ + std::string test; + EXPECT_EQ(nullptr, CreateJsonFromString(test)); +} + +/* + * @tc.name: PackJsonToString + * @tc.desc: PackJsonToString + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, PackJsonToStringTest001, TestSize.Level1) +{ + std::string res = PackJsonToString(nullptr); + EXPECT_EQ(res.size(), 0); + + FreeJsonString(nullptr); +} + +/* + * @tc.name: GetObjFromJson + * @tc.desc: GetObjFromJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, GetObjFromJsonTest001, TestSize.Level1) +{ + std::string test; + EXPECT_EQ(nullptr, GetObjFromJson(nullptr, test)); + + test = "test1"; + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0")); + EXPECT_EQ(nullptr, GetObjFromJson(jsonInner, test)); + + test = "test0"; + EXPECT_EQ(nullptr, GetObjFromJson(jsonInner, test)); +} + +/* + * @tc.name: GetArrayFromJson + * @tc.desc: GetArrayFromJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, GetArrayFromJsonTest001, TestSize.Level1) +{ + std::string test; + EXPECT_EQ(nullptr, GetArrayFromJson(nullptr, test)); + + test = "test1"; + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0")); + EXPECT_EQ(nullptr, GetArrayFromJson(jsonInner, test)); + + test = "test0"; + EXPECT_EQ(nullptr, GetArrayFromJson(jsonInner, test)); +} + +/* + * @tc.name: GetStringFromJson + * @tc.desc: GetStringFromJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, GetStringFromJsonTest001, TestSize.Level1) +{ + std::string test; + std::string res; + EXPECT_EQ(false, GetStringFromJson(nullptr, test, res)); + + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0")); + EXPECT_EQ(false, GetStringFromJson(jsonInner.get(), test, res)); + + test = "test1"; + EXPECT_EQ(false, GetStringFromJson(jsonInner.get(), test, res)); + + CJsonUnique jsonArray = CreateJsonArray(); + ASSERT_EQ(true, AddObjToJson(jsonArray, "test1", jsonInner)); + EXPECT_EQ(false, GetStringFromJson(jsonArray.get(), test, res)); +} + +/* + * @tc.name: GetIntFromJson + * @tc.desc: GetIntFromJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, GetIntFromJsonTest001, TestSize.Level1) +{ + std::string test; + int32_t res; + EXPECT_EQ(false, GetIntFromJson(nullptr, test, res)); + + test = "test1"; + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "abc")); + EXPECT_EQ(false, GetIntFromJson(jsonInner, test, res)); + + test = "test0"; + EXPECT_EQ(false, GetIntFromJson(jsonInner, test, res)); +} + +/* + * @tc.name: GetUnsignedIntFromJson + * @tc.desc: GetUnsignedIntFromJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, GetUnsignedIntFromJsonTest001, TestSize.Level1) +{ + std::string test; + uint32_t res; + EXPECT_EQ(false, GetUnsignedIntFromJson(nullptr, test, res)); + + test = "test1"; + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "abc")); + EXPECT_EQ(false, GetUnsignedIntFromJson(jsonInner, test, res)); + + test = "test0"; + EXPECT_EQ(false, GetUnsignedIntFromJson(jsonInner, test, res)); +} + +/* + * @tc.name: GetBoolFromJson + * @tc.desc: GetBoolFromJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest001, TestSize.Level1) +{ + std::string test; + bool res; + EXPECT_EQ(false, GetBoolFromJson(nullptr, test, res)); + + test = "test1"; + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0")); + EXPECT_EQ(false, GetBoolFromJson(jsonInner, test, res)); + + test = "test0"; + EXPECT_EQ(false, GetBoolFromJson(jsonInner, test, res)); +} + +/* + * @tc.name: GetBoolFromJson + * @tc.desc: GetBoolFromJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest002, TestSize.Level1) +{ + std::string test = "test1"; + bool res; + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddBoolToJson(jsonInner, test, true)); + + EXPECT_EQ(true, GetBoolFromJson(jsonInner, test, res)); + EXPECT_EQ(res, true); +} + +/* + * @tc.name: AddObjToJson + * @tc.desc: AddObjToJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, AddObjToJsonTest001, TestSize.Level1) +{ + ASSERT_EQ(false, AddObjToJson(nullptr, "", nullptr)); + std::string test = "test1"; + ASSERT_EQ(false, AddObjToJson(nullptr, test, nullptr)); + + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0")); + ASSERT_EQ(true, AddStringToJson(jsonInner, "test1", "1")); + + CJsonUnique jsonArray = CreateJsonArray(); + ASSERT_EQ(true, AddObjToJson(jsonArray, "test1", jsonInner)); + ASSERT_EQ(true, AddObjToJson(jsonArray, "test1", jsonInner)); +} + +/* + * @tc.name: AddObjToArray + * @tc.desc: AddObjToArray + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, AddObjToArrayTest001, TestSize.Level1) +{ + ASSERT_EQ(false, AddObjToArray(nullptr, nullptr)); + + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(false, AddObjToArray(nullptr, jsonInner.get())); +} + +/* + * @tc.name: AddStringToJson + * @tc.desc: AddStringToJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level1) +{ + ASSERT_EQ(false, AddStringToJson(nullptr, "", "")); + ASSERT_EQ(false, AddStringToJson(nullptr, "test0", "test0")); + + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "test0")); + // twice + ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "test0")); +} + +/* + * @tc.name: AddBoolToJson + * @tc.desc: AddBoolToJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level1) +{ + ASSERT_EQ(false, AddBoolToJson(nullptr, "", true)); + ASSERT_EQ(false, AddBoolToJson(nullptr, "test0", true)); + + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddBoolToJson(jsonInner, "test0", true)); + // twice + ASSERT_EQ(true, AddBoolToJson(jsonInner, "test0", true)); +} + +/* + * @tc.name: AddIntToJson + * @tc.desc: AddIntToJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level1) +{ + ASSERT_EQ(false, AddIntToJson(nullptr, "", 0)); + ASSERT_EQ(false, AddIntToJson(nullptr, "test0", 0)); + + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddIntToJson(jsonInner, "test0", 0)); + // twice + ASSERT_EQ(true, AddIntToJson(jsonInner, "test0", 0)); +} + +/* + * @tc.name: AddUnsignedIntToJson + * @tc.desc: AddUnsignedIntToJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, AddUnsignedIntToJsonTest001, TestSize.Level1) +{ + ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "", 0)); + ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "test0", 0)); + + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "test0", 0)); + // twice + ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "test0", 0)); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/common/json_parse/test/unittest/json_parse_loader_test.cpp b/services/common/json_parse/test/unittest/json_parse_loader_test.cpp new file mode 100644 index 000000000..5f90945fb --- /dev/null +++ b/services/common/json_parse/test/unittest/json_parse_loader_test.cpp @@ -0,0 +1,106 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include + +#define private public +#include "json_parse_loader.h" +#undef private + +using namespace testing::ext; + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +constexpr const char* TEST_FILE_PATH = "/data/test/abcdefg.txt"; +} + +class JsonParseLoaderTest : public testing::Test { +public: + static void SetUpTestCase(); + static void TearDownTestCase(); + + void SetUp(); + void TearDown(); +}; + +void JsonParseLoaderTest::SetUpTestCase() {} +void JsonParseLoaderTest::TearDownTestCase() {} +void JsonParseLoaderTest::SetUp() {} +void JsonParseLoaderTest::TearDown() {} + +/* + * @tc.name: IsDirExsit + * @tc.desc: IsDirExsit + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(JsonParseLoaderTest, IsDirExsitTest001, TestSize.Level1) +{ + ConfigPolicLoader loader; + EXPECT_FALSE(loader.IsDirExsit("")); + int32_t fd = open(TEST_FILE_PATH, O_RDWR | O_CREAT); + EXPECT_NE(-1, fd); + + EXPECT_FALSE(loader.IsDirExsit(TEST_FILE_PATH)); +} + +#ifdef CUSTOMIZATION_CONFIG_POLICY_ENABLE +/* + * @tc.name: GetConfigValueFromFile + * @tc.desc: GetConfigValueFromFile + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(JsonParseLoaderTest, GetConfigValueFromFileTest001, TestSize.Level1) +{ + ConfigPolicLoader loader; + AccessTokenConfigValue config; + EXPECT_FALSE(loader.GetConfigValueFromFile(ServiceType::ACCESSTOKEN_SERVICE, "", config)); +} +#endif // CUSTOMIZATION_CONFIG_POLICY_ENABLE + +/* + * @tc.name: ParserNativeRawData + * @tc.desc: ParserNativeRawData + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(JsonParseLoaderTest, ParserNativeRawDataTest001, TestSize.Level1) +{ + ConfigPolicLoader loader; + std::vector tokenInfos; + EXPECT_FALSE(loader.ParserNativeRawData("", tokenInfos)); +} + +/* + * @tc.name: ParserDlpPermsRawData + * @tc.desc: ParserDlpPermsRawData + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(JsonParseLoaderTest, ParserDlpPermsRawDataTest001, TestSize.Level1) +{ + ConfigPolicLoader loader; + std::vector dlpPerms; + EXPECT_FALSE(loader.ParserDlpPermsRawData("", dlpPerms)); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/common/json_parse/unittest/json_parse_test.cpp b/services/common/json_parse/test/unittest/json_parse_test.cpp similarity index 100% rename from services/common/json_parse/unittest/json_parse_test.cpp rename to services/common/json_parse/test/unittest/json_parse_test.cpp diff --git a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp index 883515ea2..b23457fed 100644 --- a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp +++ b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp @@ -35,6 +35,7 @@ #include "state_change_callback.h" #include "time_util.h" #include "token_setproc.h" +#include "on_permission_used_record_callback_stub.h" using namespace testing; using namespace testing::ext; @@ -56,6 +57,7 @@ static constexpr int32_t PERMISSION_USED_TYPE_VALUE = 1; static constexpr int32_t PERMISSION_USED_TYPE_WITH_PICKER_TYPE_VALUE = 3; static constexpr uint32_t RANDOM_TOKENID = 123; static constexpr int32_t TEST_USER_ID_11 = 11; +static constexpr int32_t INVALID_CODE = 9999; static PermissionStateFull g_testState1 = { .permissionName = "ohos.permission.CAMERA", .isGeneral = true, @@ -476,6 +478,9 @@ HWTEST_F(PermissionRecordManagerTest, OnApplicationStateChanged001, TestSize.Lev appStateData.accessTokenId = tokenId; observer.OnAppStopped(appStateData); + appStateData.state = INVALID_CODE; + observer.OnAppStopped(appStateData); + usleep(500000); // 500000us = 0.5s ASSERT_EQ(PERM_ACTIVE_IN_BACKGROUND, callbackPtr->type_); @@ -857,6 +862,130 @@ HWTEST_F(PermissionRecordManagerTest, GetRecords004, TestSize.Level1) EXPECT_EQ(ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().GetPermissionUsedRecords(request, result)); } +/** + * @tc.name: GetRecords005 + * @tc.desc: test ERR_PARAM_INVALID + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PermissionRecordManagerTest, GetRecords005, TestSize.Level1) +{ + PermissionRecordManager::GetInstance().UpdatePermRecImmediately(); + + AddPermParamInfo info; + + PermissionRecord result; + EXPECT_EQ(ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().GetPermissionRecord(info, result)); + + PermissionRecordManager::GetInstance().ExecuteDeletePermissionRecordTask(); +} + +/** + * @tc.name: SetPermissionUsedRecordToggleStatus001 + * @tc.desc: test ERR_PARAM_INVALID + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PermissionRecordManagerTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1) +{ + MockNativeToken mock("privacy_service"); + + EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(0, false)); + EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(0, true)); + EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(0, true)); + + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + GeneratePermissionRecord(tokenID); + + EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(1, false)); + EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(1, true)); + EXPECT_EQ(Constant::SUCCESS, + PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(105, false)); + EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(105, true)); +} + +/** + * @tc.name: GetPermissionUsedRecordToggleStatus001 + * @tc.desc: test ERR_PARAM_INVALID + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level1) +{ + bool res = true; + EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().GetPermissionUsedRecordToggleStatus(0, res)); + EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().GetPermissionUsedRecordToggleStatus(0, res)); + EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(106, res)); + EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus(106, res)); + + PermissionRecordManager::GetInstance().UpdatePermUsedRecToggleStatusMapFromDb(); +} + +class TestUsedRecordCallback : public OnPermissionUsedRecordCallbackStub { +public: + TestUsedRecordCallback() = default; + virtual ~TestUsedRecordCallback() = default; + void OnQueried(ErrCode code, PermissionUsedResult& result) {} +}; + +/** + * @tc.name: GetPermissionUsedRecordsAsync001 + * @tc.desc: test + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordsAsync001, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + PermissionUsedRequest request; + request.tokenId = tokenID; + request.isRemote = false; + request.flag = PermissionUsageFlag::FLAG_PERMISSION_USAGE_SUMMARY_IN_SCREEN_LOCKED; + + OHOS::sptr cb(new TestUsedRecordCallback()); + EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().GetPermissionUsedRecordsAsync(request, cb)); +} + +/** + * @tc.name: GetLockScreenStatus001 + * @tc.desc: test + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PermissionRecordManagerTest, GetLockScreenStatus001, TestSize.Level1) +{ + EXPECT_NE(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().GetLockScreenStatus(true)); +} + +/** + * @tc.name: SetHapWithFGReminder001 + * @tc.desc: test + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PermissionRecordManagerTest, SetHapWithFGReminder001, TestSize.Level1) +{ + EXPECT_NE(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().SetHapWithFGReminder(123, true)); + + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( + g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + EXPECT_NE(PrivacyError::ERR_PARAM_INVALID, + PermissionRecordManager::GetInstance().SetHapWithFGReminder(tokenID, true)); + EXPECT_NE(PrivacyError::ERR_PARAM_INVALID, + PermissionRecordManager::GetInstance().SetHapWithFGReminder(tokenID, false)); +} + /** * @tc.name: GetRecordsFromLocalDBTest001 * @tc.desc: test GetRecordsFromLocalDB: token = 0 diff --git a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp index a0839f50f..24060de25 100644 --- a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp +++ b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp @@ -22,12 +22,12 @@ #include "on_permission_used_record_callback_stub.h" #define private public #include "permission_record_manager.h" +#include "privacy_manager_service.h" #undef private #include "perm_active_status_change_callback_stub.h" #include "perm_active_status_change_callback.h" #include "privacy_error.h" #include "privacy_field_const.h" -#include "privacy_manager_service.h" #include "privacy_test_common.h" #include "proxy_death_callback_stub.h" #include "state_change_callback.h" @@ -46,6 +46,9 @@ constexpr const char* CAMERA_PERMISSION_NAME = "ohos.permission.CAMERA"; constexpr const char* MICROPHONE_PERMISSION_NAME = "ohos.permission.MICROPHONE"; constexpr const char* LOCATION_PERMISSION_NAME = "ohos.permission.LOCATION"; static const uint32_t PERM_LIST_SIZE_MAX = 1024; +static constexpr int32_t COMMON_EVENT_SERVICE_ID = 3299; +static constexpr int32_t SCREENLOCK_SERVICE_ID = 3704; +static constexpr int32_t INVALID_CODE = 999; static PermissionStateFull g_testState = { .permissionName = "ohos.permission.CAMERA", .isGeneral = true, @@ -471,6 +474,24 @@ HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner002, ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret); } +/** + * @tc.name: SetPermissionUsedRecordToggleStatusInner003 + * @tc.desc: SetPermissionUsedRecordToggleStatusInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner003, TestSize.Level1) +{ + int32_t userID = 1; + bool status = true; + + std::vector reqPerm; + MockHapToken mock("SetPermissionUsedRecordToggleStatusInner003", reqPerm, true); // set self tokenID to system app + + int32_t ret = privacyManagerService_->SetPermissionUsedRecordToggleStatus(userID, status); + ASSERT_EQ(RET_SUCCESS, ret); +} + /** * @tc.name: GetPermissionUsedRecordToggleStatusInner001 * @tc.desc: GetPermissionUsedRecordToggleStatusInner test. @@ -504,6 +525,24 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner002, ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, ret); } +/** + * @tc.name: GetPermissionUsedRecordToggleStatusInner003 + * @tc.desc: GetPermissionUsedRecordToggleStatusInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner003, TestSize.Level1) +{ + int32_t userID = 1; + bool status = true; + + std::vector reqPerm; + MockHapToken mock("GetPermissionUsedRecordToggleStatusInner003", reqPerm, true); // set self tokenID to system app + + int32_t ret = privacyManagerService_->GetPermissionUsedRecordToggleStatus(userID, status); + ASSERT_EQ(RET_SUCCESS, ret); +} + /** * @tc.name: StartUsingPermissionInner001 * @tc.desc: StartUsingPermissionInner test. @@ -749,6 +788,21 @@ HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner003, TestSiz ASSERT_EQ(PrivacyError::ERR_NOT_SYSTEM_APP, privacyManagerService_->RemovePermissionUsedRecords(tokenID)); } +/** + * @tc.name: RemovePermissionUsedRecordsInner004 + * @tc.desc: RemovePermissionUsedRecordsInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner004, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + + std::vector reqPerm = {"ohos.permission.PERMISSION_USED_STATS"}; + MockHapToken mock("RemovePermissionUsedRecordsInner004", reqPerm, true); // set self tokenID to system app + ASSERT_EQ(RET_SUCCESS, privacyManagerService_->RemovePermissionUsedRecords(tokenID)); +} + /** * @tc.name: GetPermissionUsedRecordsInner001 * @tc.desc: GetPermissionUsedRecordsInner test. @@ -1110,6 +1164,25 @@ HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner001, TestSize.Level1) EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret); } +/** + * @tc.name: SetMutePolicyInner002 + * @tc.desc: SetMutePolicyInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner002, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + uint32_t policyType = 0; + uint32_t callerType = 0; + bool isMute = false; + + MockNativeToken mock("camera_service"); + + int32_t ret = privacyManagerService_->SetMutePolicy(policyType, callerType, isMute, tokenID); + EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret); +} + /** * @tc.name: SetHapWithFGReminderInner001 * @tc.desc: SetHapWithFGReminderInner test. @@ -1128,6 +1201,24 @@ HWTEST_F(PrivacyManagerServiceTest, SetHapWithFGReminderInner001, TestSize.Level int32_t ret = privacyManagerService_->SetHapWithFGReminder(tokenID, isAllowed); EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret); } + +/** + * @tc.name: GetProxyDeathHandle001 + * @tc.desc: GetProxyDeathHandle test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, GetProxyDeathHandle001, TestSize.Level1) +{ + auto handler1 = privacyManagerService_->GetProxyDeathHandler(); + ASSERT_NE(nullptr, handler1); + auto handler2 = privacyManagerService_->GetProxyDeathHandler(); + ASSERT_NE(nullptr, handler2); + + privacyManagerService_->OnAddSystemAbility(COMMON_EVENT_SERVICE_ID, "123"); + privacyManagerService_->OnAddSystemAbility(SCREENLOCK_SERVICE_ID, "123"); + privacyManagerService_->OnAddSystemAbility(INVALID_CODE, "123"); +} } // namespace AccessToken } // namespace Security } // namespace OHOS -- Gitee From 75aa6bfdfcf12390b4a728247208ca4e2729dc45 Mon Sep 17 00:00:00 2001 From: bigtea Date: Sat, 22 Mar 2025 17:50:45 +0800 Subject: [PATCH 036/103] Add access_token dfx event after idl Signed-off-by: bigtea --- hisysevent.yaml | 22 ++++ .../accesstoken/include/hap_token_info.h | 4 +- .../main/cpp/include/dfx/hisysevent_adapter.h | 10 ++ .../include/permission/permission_manager.h | 2 + .../service/accesstoken_manager_service.h | 2 + .../main/cpp/src/database/access_token_db.cpp | 25 ++-- .../main/cpp/src/dfx/hisysevent_adapter.cpp | 3 +- .../src/permission/permission_data_brief.cpp | 8 +- .../cpp/src/permission/permission_manager.cpp | 53 ++++++--- .../permission/temp_permission_observer.cpp | 4 +- .../service/accesstoken_manager_service.cpp | 109 +++++++++++++++--- .../src/token/accesstoken_info_manager.cpp | 42 +++---- .../cpp/src/token/hap_token_info_inner.cpp | 2 + 13 files changed, 217 insertions(+), 69 deletions(-) diff --git a/hisysevent.yaml b/hisysevent.yaml index 9db48c4d2..3b4f5f5ec 100644 --- a/hisysevent.yaml +++ b/hisysevent.yaml @@ -69,6 +69,9 @@ DEL_HAP: USERID: {type: INT32, desc: user id} BUNDLENAME: {type: STRING, desc: bundle name} INSTINDEX: {type: INT32, desc: inst index} + SCENE_CODE: {type: INT32, desc: scene code} + ERROR_CODE: {type: INT32, desc: error code} + DURATION: {type: INT64, desc: duration} PERM_DIALOG_STATUS_INFO: __BASE: {type: STATISTIC, level: MINOR, desc: status information of permission dialog} @@ -93,6 +96,11 @@ UPDATE_PERMISSION: PERMISSION_NAME: {type: STRING, desc: permission name} PERMISSION_FLAG: {type: UINT32, desc: permission flag} GRANTED_FLAG: {type: BOOL, desc: grant or revoke} + SCENE_CODE: {type: INT32, desc: scene code} + ERROR_CODE: {type: INT32, desc: error code} + USERID: {type: INT32, desc: user id} + BUNDLENAME: {type: STRING, desc: bundle name} + INSTINDEX: {type: INT32, desc: inst index} UPDATE_HAP: __BASE: {type: STATISTIC, level: MINOR, tag: usability, desc: update hap to device} @@ -100,6 +108,14 @@ UPDATE_HAP: USERID: {type: INT32, desc: user id} BUNDLENAME: {type: STRING, desc: bundle name} INSTINDEX: {type: INT32, desc: inst index} + SCENE_CODE: {type: INT32, desc: scene code} + ERROR_CODE: {type: INT32, desc: error code} + TOKENIDEX: {type: UINT64, desc: tokenIDEx} + PERM_INFO: {type: STRING, desc: perm info} + ACL_INFO: {type: STRING, desc: acl info} + PREAUTH_INFO: {type: STRING, desc: pre-auth info} + EXTEND_INFO: {type: STRING, desc: extend info} + DURATION: {type: INT64, desc: duration} CLEAR_USER_PERMISSION_STATE: __BASE: {type: BEHAVIOR, level: MINOR, desc: clear user permission state} @@ -136,3 +152,9 @@ VERIFY_ACCESS_TOKEN_EVENT: SELF_TOKENID: {type: UINT32, desc: self tokenID} CONTEXT_TOKENID: {type: UINT32, desc: context tokenID} +ACCESSTOKEN_EXCEPTION: + __BASE: {type: FAULT, level: CRITICAL, desc: accesstoken exception} + SCENE_CODE: {type: INT32, desc: scene code} + ERROR_CODE: {type: INT32, desc: error code} + ERROR_MSG: {type: STRING, desc: error reason} + diff --git a/interfaces/innerkits/accesstoken/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h index 5e80c3ced..0292fc395 100644 --- a/interfaces/innerkits/accesstoken/include/hap_token_info.h +++ b/interfaces/innerkits/accesstoken/include/hap_token_info.h @@ -96,12 +96,12 @@ public: class HapTokenInfo final { public: char ver; - int userID; + int userID = 0; std::string bundleName; /** which version of the SDK is used to develop this hap */ int32_t apiVersion; /** instance index */ - int instIndex; + int instIndex = 0; /** * dlp type, for details about the valid values, * see the definition of HapDlpType in the access_token.h file. diff --git a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h b/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h index be526063a..9b527e347 100644 --- a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h +++ b/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h @@ -34,6 +34,16 @@ enum UpdatePermStatusErrorCode { DLP_CHECK_FAILED = 1, UPDATE_PERMISSION_STATUS_FAILED = 2, }; +enum CommonSceneCode { + AT_COMMOM_START = 0, + AT_COMMON_FINISH = 1, +}; +struct AccessTokenDfxInfo { + std::string permInfo; + std::string aclInfo; + std::string preauthInfo; + std::string extendInfo; +}; void ReportSysEventPerformance(); void ReportSysEventServiceStart(int32_t pid, uint32_t hapSize, uint32_t nativeSize, uint32_t permDefSize); void ReportSysEventServiceStartError(SceneCode scene, const std::string& errMsg, int32_t errCode); diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h index e0b4eb58c..14cd8a00a 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h @@ -67,6 +67,8 @@ public: const std::string& bundleName, const std::string& abilityName); int32_t CheckAndUpdatePermission(AccessTokenID tokenID, const std::string& permissionName, bool isGranted, uint32_t flag); + int32_t CheckAndUpdatePermissionInner(AccessTokenID tokenID, const std::string& permissionName, + bool isGranted, uint32_t flag); int32_t UpdatePermission(AccessTokenID tokenID, const std::string& permissionName, bool isGranted, uint32_t flag, bool needKill); int32_t GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag); diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index c90a9a26b..ecbb2c431 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -129,6 +129,8 @@ private: bool Initialize(); void AccessTokenServiceParamSet() const; PermissionOper GetPermissionsState(AccessTokenID tokenID, std::vector& reqPermList); + int32_t UpdateHapTokenCore(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, + const HapPolicyParcel& policyParcel, HapInfoCheckResultIdl& resultInfoIdl); ServiceRunningState state_; std::string grantBundleName_; std::string grantAbilityName_; diff --git a/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp b/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp index b1c4631b9..6a85638f8 100644 --- a/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp @@ -244,6 +244,7 @@ int32_t AccessTokenDb::Modify(const AtmDataType type, const GenericValues& modif std::string tableName; AccessTokenDbUtil::GetTableNameByType(type, tableName); if (tableName.empty()) { + LOGC(ATM_DOMAIN, ATM_TAG, "Get table name failed, type=%{public}d!", static_cast(type)); return AccessTokenError::ERR_PARAM_INVALID; } @@ -251,6 +252,7 @@ int32_t AccessTokenDb::Modify(const AtmDataType type, const GenericValues& modif AccessTokenDbUtil::ToRdbValueBucket(modifyValue, bucket); if (bucket.IsEmpty()) { + LOGC(ATM_DOMAIN, ATM_TAG, "To rdb value bucket failed!"); return AccessTokenError::ERR_PARAM_INVALID; } @@ -262,7 +264,7 @@ int32_t AccessTokenDb::Modify(const AtmDataType type, const GenericValues& modif OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); auto db = GetRdb(); if (db == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "db is nullptr."); + LOGC(ATM_DOMAIN, ATM_TAG, "db is nullptr."); return AccessTokenError::ERR_DATABASE_OPERATE_FAILED; } @@ -272,6 +274,7 @@ int32_t AccessTokenDb::Modify(const AtmDataType type, const GenericValues& modif tableName.c_str(), res); int32_t result = RestoreAndUpdateIfCorrupt(res, changedRows, bucket, predicates, db); if (result != NativeRdb::E_OK) { + LOGC(ATM_DOMAIN, ATM_TAG, "Failed to restore and update, result is %{public}d.", result); return result; } } @@ -298,19 +301,19 @@ int32_t AccessTokenDb::RestoreAndQueryIfCorrupt(const NativeRdb::RdbPredicates& LOGW(ATM_DOMAIN, ATM_TAG, "Detech database corrupt, restore from backup!"); res = db->Restore(""); if (res != NativeRdb::E_OK) { - LOGE(ATM_DOMAIN, ATM_TAG, "Db restore failed, res is %{public}d.", res); + LOGC(ATM_DOMAIN, ATM_TAG, "Db restore failed, res is %{public}d.", res); return res; } LOGI(ATM_DOMAIN, ATM_TAG, "Database restore success, try query again!"); queryResultSet = db->Query(predicates, columns); if (queryResultSet == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to find records from table %{public}s again.", + LOGC(ATM_DOMAIN, ATM_TAG, "Failed to find records from table %{public}s again.", predicates.GetTableName().c_str()); return AccessTokenError::ERR_DATABASE_OPERATE_FAILED; } } else { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to get result count."); + LOGC(ATM_DOMAIN, ATM_TAG, "Failed to get result count."); return AccessTokenError::ERR_DATABASE_OPERATE_FAILED; } } @@ -337,19 +340,20 @@ int32_t AccessTokenDb::Find(AtmDataType type, const GenericValues& conditionValu OHOS::Utils::UniqueReadGuard lock(this->rwLock_); auto db = GetRdb(); if (db == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "db is nullptr."); + LOGC(ATM_DOMAIN, ATM_TAG, "db is nullptr."); return AccessTokenError::ERR_DATABASE_OPERATE_FAILED; } auto queryResultSet = db->Query(predicates, columns); if (queryResultSet == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to find records from table %{public}s.", + LOGC(ATM_DOMAIN, ATM_TAG, "Failed to find records from table %{public}s.", tableName.c_str()); return AccessTokenError::ERR_DATABASE_OPERATE_FAILED; } int32_t res = RestoreAndQueryIfCorrupt(predicates, columns, queryResultSet, db); if (res != 0) { + LOGC(ATM_DOMAIN, ATM_TAG, "Restore and query failed!"); return res; } @@ -382,14 +386,14 @@ int32_t AccessTokenDb::RestoreAndCommitIfCorrupt(const int32_t resultCode, LOGW(ATM_DOMAIN, ATM_TAG, "Detech database corrupt, restore from backup!"); int32_t res = db->Restore(""); if (res != NativeRdb::E_OK) { - LOGE(ATM_DOMAIN, ATM_TAG, "Db restore failed, res is %{public}d.", res); + LOGC(ATM_DOMAIN, ATM_TAG, "Db restore failed, res is %{public}d.", res); return res; } LOGI(ATM_DOMAIN, ATM_TAG, "Database restore success, try commit again!"); res = db->Commit(); if (res != NativeRdb::E_OK) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to Commit again, res is %{public}d.", res); + LOGC(ATM_DOMAIN, ATM_TAG, "Failed to Commit again, res is %{public}d.", res); return res; } @@ -406,7 +410,7 @@ int32_t AccessTokenDb::DeleteAndInsertValues( OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); std::shared_ptr db = GetRdb(); if (db == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "db is nullptr."); + LOGC(ATM_DOMAIN, ATM_TAG, "db is nullptr."); return AccessTokenError::ERR_DATABASE_OPERATE_FAILED; } @@ -418,6 +422,7 @@ int32_t AccessTokenDb::DeleteAndInsertValues( res = RemoveValues(delDataTypes[i], delValues[i]); if (res != 0) { db->RollBack(); + LOGC(ATM_DOMAIN, ATM_TAG, "Remove values failed, res is %{public}d.", res); return res; } } @@ -427,6 +432,7 @@ int32_t AccessTokenDb::DeleteAndInsertValues( res = AddValues(addDataTypes[i], addValues[i]); if (res != 0) { db->RollBack(); + LOGC(ATM_DOMAIN, ATM_TAG, "Add values failed, res is %{public}d.", res); return res; } } @@ -436,6 +442,7 @@ int32_t AccessTokenDb::DeleteAndInsertValues( LOGE(ATM_DOMAIN, ATM_TAG, "Failed to commit, res is %{public}d.", res); int32_t result = RestoreAndCommitIfCorrupt(res, db); if (result != NativeRdb::E_OK) { + LOGC(ATM_DOMAIN, ATM_TAG, "Failed to restore and commit, result is %{public}d.", result); return result; } } diff --git a/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp b/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp index 19ce1ffbb..4511527a9 100644 --- a/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp +++ b/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp @@ -63,12 +63,13 @@ void ReportSysCommonEventError(int32_t ipcCode, int32_t errCode) if (GetThreadErrorMsgLen() == 0) { return; } - int32_t ret = HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "ACCESSTOKEN_SERVICE_START_ERROR", + int32_t ret = HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "ACCESSTOKEN_EXCEPTION", HiviewDFX::HiSysEvent::EventType::FAULT, "SCENE_CODE", ipcCode, "ERROR_CODE", errCode, "ERROR_MSG", GetThreadErrorMsg()); if (ret != 0) { LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write hisysevent write, ret %{public}d.", ret); } + ClearThreadErrorMsg(); } } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp index 3c76de837..f9f9ca828 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp @@ -411,7 +411,7 @@ int32_t PermissionDataBrief::UpdatePermStateList( { auto iterPermData = requestedPermData_.find(tokenId); if (iterPermData == requestedPermData_.end()) { - LOGE(ATM_DOMAIN, ATM_TAG, "TokenID %{public}d is not exist.", tokenId); + LOGC(ATM_DOMAIN, ATM_TAG, "TokenID %{public}d is not exist.", tokenId); return ERR_TOKEN_INVALID; } std::vector& permBriefDatalist = requestedPermData_[tokenId]; @@ -420,12 +420,12 @@ int32_t PermissionDataBrief::UpdatePermStateList( return opCode == permData.permCode; }); if (iter == permBriefDatalist.end()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission not request!"); + LOGC(ATM_DOMAIN, ATM_TAG, "Permission not request!"); return AccessTokenError::ERR_PARAM_INVALID; } if ((static_cast(iter->flag) & PERMISSION_SYSTEM_FIXED) == PERMISSION_SYSTEM_FIXED) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission fixed by system!"); + LOGC(ATM_DOMAIN, ATM_TAG, "Permission fixed by system!"); return AccessTokenError::ERR_PARAM_INVALID; } iter->status = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED; @@ -450,7 +450,7 @@ int32_t PermissionDataBrief::UpdateSecCompGrantedPermList(AccessTokenID tokenId, if (status == PERMISSION_GRANTED) { return RET_SUCCESS; } else { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission has been revoked by user."); + LOGC(ATM_DOMAIN, ATM_TAG, "Permission has been revoked by user."); return ERR_PERMISSION_DENIED; } } else { diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index 30d1882b3..e8f12d457 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -32,6 +32,7 @@ #ifdef SUPPORT_SANDBOX_APP #include "dlp_permission_set_manager.h" #endif +#include "iaccess_token_manager.h" #include "ipc_skeleton.h" #include "hisysevent_adapter.h" #include "parameter.h" @@ -345,7 +346,7 @@ int32_t PermissionManager::UpdateTokenPermissionState( { std::shared_ptr infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(id); if (infoPtr == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "tokenInfo is null, tokenId=%{public}u", id); + LOGC(ATM_DOMAIN, ATM_TAG, "tokenInfo is null, tokenId=%{public}u", id); return AccessTokenError::ERR_TOKENID_NOT_EXIST; } @@ -359,6 +360,7 @@ int32_t PermissionManager::UpdateTokenPermissionState( bool statusChanged = false; ret = infoPtr->UpdatePermissionStatus(permission, isGranted, flag, statusChanged); if (ret != RET_SUCCESS) { + LOGC(ATM_DOMAIN, ATM_TAG, "Update info perm status failed, ret is %{public}d", ret); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION_STATUS_ERROR", HiviewDFX::HiSysEvent::EventType::FAULT, "ERROR_CODE", UPDATE_PERMISSION_STATUS_FAILED, "TOKENID", id, "PERM", permission, "BUNDLE_NAME", infoPtr->GetBundleName(), "INT_VAL1", ret, @@ -389,12 +391,12 @@ int32_t PermissionManager::UpdateTokenPermissionStateCheck(const std::shared_ptr AccessTokenID id, const std::string& permission, bool isGranted, uint32_t flag) { if (infoPtr->IsRemote()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Remote token can not update"); + LOGC(ATM_DOMAIN, ATM_TAG, "Remote token can not update"); return AccessTokenError::ERR_IDENTITY_CHECK_FAILED; } if ((flag == PERMISSION_ALLOW_THIS_TIME) && isGranted) { if (!TempPermissionObserver::GetInstance().IsAllowGrantTempPermission(id, permission)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Id:%{public}d fail to grant permission:%{public}s", id, permission.c_str()); + LOGC(ATM_DOMAIN, ATM_TAG, "Id:%{public}d fail to grant permission:%{public}s", id, permission.c_str()); return ERR_IDENTITY_CHECK_FAILED; } } @@ -404,7 +406,7 @@ int32_t PermissionManager::UpdateTokenPermissionStateCheck(const std::shared_ptr if (hapDlpType != DLP_COMMON) { int32_t permDlpMode = DlpPermissionSetManager::GetInstance().GetPermDlpMode(permission); if (!DlpPermissionSetManager::GetInstance().IsPermDlpModeAvailableToDlpHap(hapDlpType, permDlpMode)) { - LOGD(ATM_DOMAIN, ATM_TAG, "%{public}s cannot to be granted to %{public}u", permission.c_str(), id); + LOGC(ATM_DOMAIN, ATM_TAG, "%{public}s cannot to be granted to %{public}u", permission.c_str(), id); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION_STATUS_ERROR", HiviewDFX::HiSysEvent::EventType::FAULT, "ERROR_CODE", DLP_CHECK_FAILED, "TOKENID", id, "PERM", permission, "BUNDLE_NAME", infoPtr->GetBundleName(), "INT_VAL1", hapDlpType, "INT_VAL2", permDlpMode); @@ -420,6 +422,8 @@ int32_t PermissionManager::UpdatePermission(AccessTokenID tokenID, const std::st { int32_t ret = UpdateTokenPermissionState(tokenID, permissionName, isGranted, flag, needKill); if (ret != RET_SUCCESS) { + LOGC(ATM_DOMAIN, ATM_TAG, "Update permission %{public}u %{public}s failed, ret is %{public}d", tokenID, + permissionName.c_str(), ret); return ret; } @@ -432,10 +436,6 @@ int32_t PermissionManager::UpdatePermission(AccessTokenID tokenID, const std::st } #endif - // DFX - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION", - HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "TOKENID", tokenID, "PERMISSION_NAME", - permissionName, "PERMISSION_FLAG", flag, "GRANTED_FLAG", isGranted); return RET_SUCCESS; } @@ -443,15 +443,15 @@ int32_t PermissionManager::CheckAndUpdatePermission(AccessTokenID tokenID, const bool isGranted, uint32_t flag) { if (!PermissionValidator::IsPermissionNameValid(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "permissionName: %{public}s, Invalid params!", permissionName.c_str()); + LOGC(ATM_DOMAIN, ATM_TAG, "permissionName: %{public}s, Invalid params!", permissionName.c_str()); return AccessTokenError::ERR_PARAM_INVALID; } if (!IsDefinedPermission(permissionName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "No definition for permission: %{public}s!", permissionName.c_str()); + LOGC(ATM_DOMAIN, ATM_TAG, "No definition for permission: %{public}s!", permissionName.c_str()); return AccessTokenError::ERR_PERMISSION_NOT_EXIST; } if (!PermissionValidator::IsPermissionFlagValid(flag)) { - LOGE(ATM_DOMAIN, ATM_TAG, "flag: %{public}d, Invalid params!", flag); + LOGC(ATM_DOMAIN, ATM_TAG, "flag: %{public}d, Invalid params!", flag); return AccessTokenError::ERR_PARAM_INVALID; } bool needKill = false; @@ -465,18 +465,45 @@ int32_t PermissionManager::CheckAndUpdatePermission(AccessTokenID tokenID, const return UpdatePermission(tokenID, permissionName, isGranted, flag, needKill); } +int32_t PermissionManager::CheckAndUpdatePermissionInner(AccessTokenID tokenID, const std::string& permissionName, + bool isGranted, uint32_t flag) +{ + HapTokenInfo hapInfo; + AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapInfo); + ClearThreadErrorMsg(); + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION", + HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "SCENE_CODE", CommonSceneCode::AT_COMMOM_START, + "TOKENID", tokenID, "USERID", hapInfo.userID, "BUNDLENAME", hapInfo.bundleName, "INSTINDEX", hapInfo.instIndex, + "PERMISSION_NAME", permissionName, "PERMISSION_FLAG", flag, "GRANTED_FLAG", isGranted); + + int32_t ret = CheckAndUpdatePermission(tokenID, permissionName, isGranted, flag); + + uint32_t newFlag = flag; + if (ret == RET_SUCCESS && GetPermissionFlag(tokenID, permissionName, flag) == RET_SUCCESS) { + flag = newFlag; + } + + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION", + HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "SCENE_CODE", CommonSceneCode::AT_COMMON_FINISH, + "TOKENID", tokenID, "PERMISSION_NAME", permissionName, "PERMISSION_FLAG", flag, "GRANTED_FLAG", isGranted, + "ERROR_CODE", ret); + ReportSysCommonEventError(static_cast(isGranted ? IAccessTokenManagerIpcCode::COMMAND_GRANT_PERMISSION : + IAccessTokenManagerIpcCode::COMMAND_REVOKE_PERMISSION), ret); + return ret; +} + int32_t PermissionManager::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) { LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}u, permissionName: %{public}s, flag: %{public}d", tokenID, permissionName.c_str(), flag); - return CheckAndUpdatePermission(tokenID, permissionName, true, flag); + return CheckAndUpdatePermissionInner(tokenID, permissionName, true, flag); } int32_t PermissionManager::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) { LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}u, permissionName: %{public}s, flag: %{public}d", tokenID, permissionName.c_str(), flag); - return CheckAndUpdatePermission(tokenID, permissionName, false, flag); + return CheckAndUpdatePermissionInner(tokenID, permissionName, false, flag); } int32_t PermissionManager::GrantPermissionForSpecifiedTime( diff --git a/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp b/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp index ccb878ac6..d965600c0 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp @@ -425,12 +425,12 @@ bool TempPermissionObserver::IsAllowGrantTempPermission(AccessTokenID tokenID, c { HapTokenInfo tokenInfo; if (AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, tokenInfo) != RET_SUCCESS) { - LOGE(ATM_DOMAIN, ATM_TAG, "Invalid tokenId(%{public}d)", tokenID); + LOGC(ATM_DOMAIN, ATM_TAG, "Invalid tokenId(%{public}d)", tokenID); return false; } auto iterator = std::find(g_tempPermission.begin(), g_tempPermission.end(), permissionName); if (iterator == g_tempPermission.end()) { - LOGW(ATM_DOMAIN, ATM_TAG, "Permission is not available to temp grant: %{public}s!", permissionName.c_str()); + LOGC(ATM_DOMAIN, ATM_TAG, "Permission is not available to temp grant: %{public}s!", permissionName.c_str()); return false; } return CheckPermissionState(tokenID, permissionName, tokenInfo.bundleName); diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 353ad782c..092e41cdb 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -24,6 +24,7 @@ #include "accesstoken_dfx_define.h" #include "accesstoken_id_manager.h" #include "accesstoken_info_manager.h" +#include "accesstoken_service_ipc_interface_code.h" #include "constant_common.h" #include "data_validator.h" #include "hap_token_info.h" @@ -45,6 +46,7 @@ #include "short_grant_manager.h" #include "string_ex.h" #include "system_ability_definition.h" +#include "time_util.h" #include "token_field_const.h" #ifdef TOKEN_SYNC_ENABLE #include "token_modify_notifier.h" @@ -666,8 +668,25 @@ int AccessTokenManagerService::DeleteToken(AccessTokenID tokenID) if (this->GetTokenType(tokenID) != TOKEN_HAP) { return AccessTokenError::ERR_PARAM_INVALID; } + + int64_t beginTime = TimeUtil::GetCurrentTimestamp(); + + HapTokenInfo hapInfo; + AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapInfo); + ClearThreadErrorMsg(); + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "DEL_HAP", + HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMOM_START, + "TOKENID", tokenID, "USERID", hapInfo.userID, "BUNDLENAME", hapInfo.bundleName, "INSTINDEX", hapInfo.instIndex); + // only support hap token deletion - return AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenID); + int32_t ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenID); + + int64_t endTime = TimeUtil::GetCurrentTimestamp(); + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "DEL_HAP", + HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMON_FINISH, + "TOKENID", tokenID, "DURATION", endTime - beginTime, "ERROR_CODE", ret); + ReportSysCommonEventError(static_cast(IAccessTokenManagerIpcCode::COMMAND_DELETE_TOKEN), ret); + return ret; } int AccessTokenManagerService::GetTokenType(AccessTokenID tokenID) @@ -715,6 +734,56 @@ int32_t AccessTokenManagerService::AllocLocalTokenID( return ERR_OK; } +int32_t AccessTokenManagerService::UpdateHapTokenCore(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, + const HapPolicyParcel& policyParcel, HapInfoCheckResultIdl& resultInfoIdl) +{ + std::vector InitializedList; + resultInfoIdl.realResult = ERR_OK; + HapInfoCheckResult permCheckResult; + if (!PermissionManager::GetInstance().InitPermissionList( + info.appDistributionType, policyParcel.hapPolicy, InitializedList, permCheckResult)) { + resultInfoIdl.realResult = ERROR; + resultInfoIdl.permissionName = permCheckResult.permCheckResult.permissionName; + int32_t rule = permCheckResult.permCheckResult.rule; + resultInfoIdl.rule = static_cast(rule); + LOGC(ATM_DOMAIN, ATM_TAG, "InitPermissionList failed, tokenId=%{public}u.", tokenIdEx.tokenIdExStruct.tokenID); + ReportSysCommonEventError(static_cast(IAccessTokenManagerIpcCode::COMMAND_UPDATE_HAP_TOKEN), + ERR_PERM_REQUEST_CFG_FAILED); + return ERR_OK; + } + + int32_t ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenIdEx, info, + InitializedList, policyParcel.hapPolicy); + return ret; +} + +static void DumpEventInfo(const HapPolicy& policy, AccessTokenDfxInfo& dfxInfo) +{ + dfxInfo.permInfo = std::to_string(policy.permStateList.size()) + " : ["; + for (const auto& permState : policy.permStateList) { + dfxInfo.permInfo.append(permState.permissionName + ", "); + } + dfxInfo.permInfo.append("]"); + + dfxInfo.aclInfo = std::to_string(policy.aclRequestedList.size()) + " : ["; + for (const auto& perm : policy.aclRequestedList) { + dfxInfo.aclInfo.append(perm + ", "); + } + dfxInfo.aclInfo.append("]"); + + dfxInfo.preauthInfo = std::to_string(policy.preAuthorizationInfo.size()) + " : ["; + for (const auto& preAuthInfo : policy.preAuthorizationInfo) { + dfxInfo.preauthInfo.append(preAuthInfo.permissionName + ", "); + } + dfxInfo.preauthInfo.append("]"); + + dfxInfo.extendInfo = std::to_string(policy.aclExtendedMap.size()) + " : {"; + for (const auto& aclExtend : policy.aclExtendedMap) { + dfxInfo.extendInfo.append(aclExtend.first + ": " + aclExtend.second + ", "); + } + dfxInfo.extendInfo.append("}"); +} + int32_t AccessTokenManagerService::UpdateHapToken(uint64_t& fullTokenId, const UpdateHapInfoParamsIdl& infoIdl, const HapPolicyParcel& policyParcel, HapInfoCheckResultIdl& resultInfoIdl) { @@ -732,23 +801,33 @@ int32_t AccessTokenManagerService::UpdateHapToken(uint64_t& fullTokenId, const U info.apiVersion = infoIdl.apiVersion; info.isSystemApp = infoIdl.isSystemApp; info.appDistributionType = infoIdl.appDistributionType; - std::vector InitializedList; - resultInfoIdl.realResult = ERR_OK; - HapInfoCheckResult permCheckResult; - if (!PermissionManager::GetInstance().InitPermissionList( - info.appDistributionType, policyParcel.hapPolicy, InitializedList, permCheckResult)) { - resultInfoIdl.realResult = ERROR; - resultInfoIdl.permissionName = permCheckResult.permCheckResult.permissionName; - int32_t rule = permCheckResult.permCheckResult.rule; - resultInfoIdl.rule = static_cast(rule); - return ERR_OK; - } - int32_t ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenIdEx, info, - InitializedList, policyParcel.hapPolicy); + int64_t beginTime = TimeUtil::GetCurrentTimestamp(); + HapTokenInfo hapInfo; + AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapInfo); + ClearThreadErrorMsg(); + + AccessTokenDfxInfo dfxInfo; + DumpEventInfo(policyParcel.hapPolicy, dfxInfo); + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_HAP", + HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMOM_START, + "TOKENID", tokenIdEx.tokenIdExStruct.tokenID, "TOKENIDEX", tokenIdEx.tokenIDEx, + "USERID", hapInfo.userID, "BUNDLENAME", hapInfo.bundleName, "INSTINDEX", hapInfo.instIndex, + "PERM_INFO", dfxInfo.permInfo, "ACL_INFO", dfxInfo.aclInfo, "PREAUTH_INFO", dfxInfo.preauthInfo, + "EXTEND_INFO", dfxInfo.extendInfo); + + int32_t ret = UpdateHapTokenCore(tokenIdEx, info, policyParcel, resultInfoIdl); fullTokenId = tokenIdEx.tokenIDEx; + + int64_t endTime = TimeUtil::GetCurrentTimestamp(); + HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_HAP", + HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMON_FINISH, + "TOKENID", tokenIdEx.tokenIdExStruct.tokenID, "TOKENIDEX", tokenIdEx.tokenIDEx, + "DURATION", endTime - beginTime, "ERROR_CODE", ret); + ReportSysCommonEventError(static_cast(IAccessTokenManagerIpcCode::COMMAND_UPDATE_HAP_TOKEN), ret); return ret; } + int32_t AccessTokenManagerService::GetTokenIDByUserID(int32_t userID, std::vector& tokenIds) { LOGD(ATM_DOMAIN, ATM_TAG, "UserID: %{public}d", userID); @@ -1270,7 +1349,7 @@ int32_t AccessTokenManagerService::CallbackExit(uint32_t code, int32_t result) #ifdef HICOLLIE_ENABLE HiviewDFX::XCollie::GetInstance().CancelTimer(g_timerId); #endif // HICOLLIE_ENABLE - ReportSysCommonEventError(code, 0); + ClearThreadErrorMsg(); return ERR_OK; } } // namespace AccessToken diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 3b517f9b7..0dc6bae97 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -275,14 +275,14 @@ std::shared_ptr AccessTokenInfoManager::GetHapTokenInfoInnerF std::vector hapTokenResults; int32_t ret = AccessTokenDb::GetInstance().Find(AtmDataType::ACCESSTOKEN_HAP_INFO, conditionValue, hapTokenResults); if (ret != RET_SUCCESS || hapTokenResults.empty()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from hap_token_table, err: %{public}d, " + LOGC(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from hap_token_table, err: %{public}d, " "hapSize: %{public}zu, mapSize: %{public}zu.", id, ret, hapTokenResults.size(), hapTokenInfoMap_.size()); return nullptr; } std::vector permStateRes; ret = AccessTokenDb::GetInstance().Find(AtmDataType::ACCESSTOKEN_PERMISSION_STATE, conditionValue, permStateRes); if (ret != RET_SUCCESS) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from perm_state_table, err: %{public}d, " + LOGC(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from perm_state_table, err: %{public}d, " "mapSize: %{public}zu.", id, ret, hapTokenInfoMap_.size()); return nullptr; } @@ -291,7 +291,7 @@ std::shared_ptr AccessTokenInfoManager::GetHapTokenInfoInnerF ret = AccessTokenDb::GetInstance().Find( AtmDataType::ACCESSTOKEN_PERMISSION_EXTEND_VALUE, conditionValue, extendedPermRes); if (ret != RET_SUCCESS) { // extendedPermRes may be empty - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from perm_extend_value_table, err: %{public}d, " + LOGC(ATM_DOMAIN, ATM_TAG, "Failed to find Id(%{public}u) from perm_extend_value_table, err: %{public}d, " "mapSize: %{public}zu.", id, ret, hapTokenInfoMap_.size()); return nullptr; } @@ -299,7 +299,7 @@ std::shared_ptr AccessTokenInfoManager::GetHapTokenInfoInnerF std::shared_ptr hap = std::make_shared(); ret = hap->RestoreHapTokenInfo(id, hapTokenResults[0], permStateRes, extendedPermRes); if (ret != RET_SUCCESS) { - LOGE(ATM_DOMAIN, ATM_TAG, "Id %{public}u restore failed, err: %{public}d, mapSize: %{public}zu.", + LOGC(ATM_DOMAIN, ATM_TAG, "Id %{public}u restore failed, err: %{public}d, mapSize: %{public}zu.", id, ret, hapTokenInfoMap_.size()); return nullptr; } @@ -404,7 +404,7 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) { ATokenTypeEnum type = AccessTokenIDManager::GetInstance().GetTokenIdType(id); if (type != TOKEN_HAP) { - LOGE(ATM_DOMAIN, ATM_TAG, "Token %{public}u is not hap.", id); + LOGC(ATM_DOMAIN, ATM_TAG, "Token %{public}u is not hap.", id); return ERR_PARAM_INVALID; } std::shared_ptr info; @@ -415,17 +415,17 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) AccessTokenIDManager::GetInstance().ReleaseTokenId(id); if (hapTokenInfoMap_.count(id) == 0) { - LOGE(ATM_DOMAIN, ATM_TAG, "Hap token %{public}u no exist.", id); + LOGC(ATM_DOMAIN, ATM_TAG, "Hap token %{public}u no exist.", id); return ERR_TOKENID_NOT_EXIST; } info = hapTokenInfoMap_[id]; if (info == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Hap token %{public}u is null.", id); + LOGC(ATM_DOMAIN, ATM_TAG, "Hap token %{public}u is null.", id); return ERR_TOKEN_INVALID; } if (info->IsRemote()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Remote hap token %{public}u can not delete.", id); + LOGC(ATM_DOMAIN, ATM_TAG, "Remote hap token %{public}u can not delete.", id); return ERR_IDENTITY_CHECK_FAILED; } std::string HapUniqueKey = GetHapUniqueStr(info); @@ -435,7 +435,10 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) } hapTokenInfoMap_.erase(id); } - RemoveHapTokenInfoFromDb(info); + int32_t ret = RemoveHapTokenInfoFromDb(info); + if (ret != RET_SUCCESS) { + LOGC(ATM_DOMAIN, ATM_TAG, "Remove info from db failed, ret is %{public}d", ret); + } LOGI(ATM_DOMAIN, ATM_TAG, "Remove hap token %{public}u ok!", id); PermissionStateNotify(info, id); @@ -443,10 +446,6 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) TokenModifyNotifier::GetInstance().NotifyTokenDelete(id); #endif - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "DEL_HAP", HiviewDFX::HiSysEvent::EventType::STATISTIC, - "TOKENID", info->GetTokenID(), "USERID", info->GetUserID(), "BUNDLENAME", info->GetBundleName(), - "INSTINDEX", info->GetInstIndex()); - return RET_SUCCESS; } @@ -630,17 +629,17 @@ int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const { AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; if (!DataValidator::IsAppIDDescValid(info.appIDDesc)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Token %{public}u parm format error!", tokenID); + LOGC(ATM_DOMAIN, ATM_TAG, "Token %{public}u parm format error!", tokenID); return AccessTokenError::ERR_PARAM_INVALID; } std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenID); if (infoPtr == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Token %{public}u is invalid, can not update!", tokenID); + LOGC(ATM_DOMAIN, ATM_TAG, "Token %{public}u is invalid, can not update!", tokenID); return AccessTokenError::ERR_TOKENID_NOT_EXIST; } if (infoPtr->IsRemote()) { - LOGE(ATM_DOMAIN, ATM_TAG, "Remote hap token %{public}u can not update!", tokenID); + LOGC(ATM_DOMAIN, ATM_TAG, "Remote hap token %{public}u can not update!", tokenID); return ERR_IDENTITY_CHECK_FAILED; } if (info.isSystemApp) { @@ -655,15 +654,12 @@ int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const int32_t ret = AddHapTokenInfoToDb(infoPtr, info.appIDDesc, hapPolicy, true); if (ret != RET_SUCCESS) { + LOGC(ATM_DOMAIN, ATM_TAG, "Add hap info %{public}u to db failed!", tokenID); return ret; } LOGI(ATM_DOMAIN, ATM_TAG, "Token %{public}u bundle name %{public}s user %{public}d \ inst %{public}d tokenAttr %{public}d update ok!", tokenID, infoPtr->GetBundleName().c_str(), infoPtr->GetUserID(), infoPtr->GetInstIndex(), infoPtr->GetHapInfoBasic().tokenAttr); - // DFX - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_HAP", - HiviewDFX::HiSysEvent::EventType::STATISTIC, "TOKENID", tokenID, "USERID", - infoPtr->GetUserID(), "BUNDLENAME", infoPtr->GetBundleName(), "INSTINDEX", infoPtr->GetInstIndex()); #ifdef TOKEN_SYNC_ENABLE TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID); @@ -961,11 +957,11 @@ int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptrIsRemote()) { - LOGE(ATM_DOMAIN, ATM_TAG, "It is a remote hap!"); + LOGC(ATM_DOMAIN, ATM_TAG, "It is a remote hap!"); return AccessTokenError::ERR_TOKENID_NOT_EXIST; } AccessTokenID tokenID = hapInfo->GetTokenID(); @@ -1044,7 +1040,7 @@ int AccessTokenInfoManager::RemoveHapTokenInfoFromDb(const std::shared_ptr Date: Wed, 9 Apr 2025 15:28:59 +0800 Subject: [PATCH 037/103] =?UTF-8?q?=E5=B0=86=E6=9D=83=E9=99=90CHANGE=5FDEF?= =?UTF-8?q?AULT=5FAPPLICATION=E7=9A=84api=E6=94=B9=E4=B8=BA19?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: nj1868 Change-Id: If16fcb70c3e39c3f3cf28d676085c5e02eddced8 --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index e7bbb433e..3b11eca92 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -4537,7 +4537,7 @@ "grantMode": "system_grant", "availableLevel": "system_basic", "availableType": "SYSTEM", - "since": 17, + "since": 19, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false -- Gitee From 93cfcaa2aa4208eb77bb6c6fba97b2a069ea7107 Mon Sep 17 00:00:00 2001 From: zhouyan Date: Thu, 10 Apr 2025 15:49:57 +0800 Subject: [PATCH 038/103] =?UTF-8?q?=E8=A1=A5=E5=85=85=E8=AE=BF=E9=97=AE?= =?UTF-8?q?=E6=8E=A7=E5=88=B6dfx?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: zhouyan Change-Id: Ia146bcb236b77783afc5d74cf8ff75c07339d909 --- hisysevent.yaml | 13 ++ .../main/cpp/include/dfx/hisysevent_adapter.h | 28 ++- .../permission/temp_permission_observer.h | 2 +- .../service/accesstoken_manager_service.h | 8 +- .../include/token/accesstoken_info_manager.h | 8 +- .../cpp/include/token/hap_token_info_inner.h | 1 + .../main/cpp/src/dfx/hisysevent_adapter.cpp | 28 ++- .../permission/temp_permission_observer.cpp | 12 +- .../service/accesstoken_manager_service.cpp | 159 ++++++++++++--- .../src/token/accesstoken_info_manager.cpp | 185 ++++++++++++------ .../cpp/src/token/hap_token_info_inner.cpp | 5 + .../permission_manager_coverage_test.cpp | 6 +- .../accesstoken_info_manager_test.cpp | 18 +- .../json_parse/include/json_parse_loader.h | 2 +- .../json_parse/src/json_parse_loader.cpp | 2 +- .../deleteremotedevicetokensstub_fuzzer.cpp | 6 +- .../deleteremotetokenstub_fuzzer.cpp | 6 +- .../gethaptokeninfofromremotestub_fuzzer.cpp | 6 +- .../getremotenativetokenidstub_fuzzer.cpp | 6 +- .../grantpermissionstub_fuzzer.cpp | 6 +- .../setremotehaptokeninfostub_fuzzer.cpp | 6 +- 21 files changed, 400 insertions(+), 113 deletions(-) diff --git a/hisysevent.yaml b/hisysevent.yaml index 3b4f5f5ec..c59ebc41d 100644 --- a/hisysevent.yaml +++ b/hisysevent.yaml @@ -19,6 +19,8 @@ ACCESSTOKEN_SERVICE_START: HAP_SIZE: {type: UINT32, desc: hap token size} NATIVE_SIZE: {type: UINT32, desc: native token size} PERM_DEFINITION_SIZE: {type: UINT32, desc: permission definition size} + DLP_PERMISSION_SIZE: {type: UINT32, desc: dlp permission size} + PARSE_CONFIG_FLAG: {type: UINT32, desc: parse config policy file value flag} ACCESSTOKEN_SERVICE_START_ERROR: __BASE: {type: FAULT, level: CRITICAL, desc: service startup error} @@ -58,10 +60,21 @@ PERMISSION_SYNC: ADD_HAP: __BASE: {type: STATISTIC, level: MINOR, tag: usability, desc: add a hap to device} + SCENE_CODE: {type: INT32, desc: scene code} TOKENID: {type: UINT32, desc: token id} + ORI_TOKENID: {type: UINT32, desc: original token id} + TOKENIDEX: {type: UINT64, desc: token id ex} USERID: {type: INT32, desc: user id} BUNDLENAME: {type: STRING, desc: bundle name} INSTINDEX: {type: INT32, desc: inst index} + DLP_TYPE: {type: UINT32, desc: dlp type} + IS_RESTORE: {type: BOOL, desc: is restore scene} + PERM_INFO: {type: STRING, desc: request permission list} + ACL_INFO: {type: STRING, desc: acl permission list} + PREAUTH_INFO: {type: STRING, desc: preauth permission list} + EXTEND_INFO: {type: STRING, desc: extend permission map} + DURATION: {type: UINT64, desc: time required for installing an application} + ERROR_CODE: {type: INT32, desc: error code} DEL_HAP: __BASE: {type: STATISTIC, level: MINOR, tag: usability, desc: delete a hap from device} diff --git a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h b/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h index 9b527e347..953fff70a 100644 --- a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h +++ b/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h @@ -17,6 +17,7 @@ #define ACCESSTOKEN_HISYSEVENT_ADAPTER_H #include +#include "access_token.h" namespace OHOS { namespace Security { @@ -38,16 +39,41 @@ enum CommonSceneCode { AT_COMMOM_START = 0, AT_COMMON_FINISH = 1, }; +enum AddHapSceneCode { + INSTALL_START = 0, + TOKEN_ID_CHANGE, + INIT, + MAP, + INSTALL_FINISH, +}; struct AccessTokenDfxInfo { + AddHapSceneCode sceneCode; + AccessTokenID tokenId; + AccessTokenID oriTokenId; + AccessTokenIDEx tokenIdEx; + int32_t userId; + std::string bundleName; + int32_t instIndex; + HapDlpType dlpType; + bool isRestore; std::string permInfo; std::string aclInfo; std::string preauthInfo; std::string extendInfo; + uint64_t duration; + int32_t errorCode; + int32_t pid; + uint32_t hapSize; + uint32_t nativeSize; + uint32_t permDefSize; + uint32_t dlpSize; + uint32_t parseConfigFlag; }; void ReportSysEventPerformance(); -void ReportSysEventServiceStart(int32_t pid, uint32_t hapSize, uint32_t nativeSize, uint32_t permDefSize); +void ReportSysEventServiceStart(const AccessTokenDfxInfo& info); void ReportSysEventServiceStartError(SceneCode scene, const std::string& errMsg, int32_t errCode); void ReportSysCommonEventError(int32_t ipcCode, int32_t errCode); +void ReportSysEventAddHap(const AccessTokenDfxInfo& info); } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h b/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h index c9e96dc8f..c910d555d 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h +++ b/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h @@ -120,7 +120,7 @@ private: std::shared_ptr eventHandler_; std::mutex eventHandlerLock_; #endif - int32_t cancleTimes_; + int32_t cancelTimes_; std::mutex tempPermissionMutex_; std::map> tempPermTokenMap_; diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index ecbb2c431..5ab5562ba 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -27,6 +27,7 @@ #include "access_token.h" #include "hap_token_info.h" #include "iremote_object.h" +#include "json_parse_loader.h" #include "nocopyable.h" #include "singleton.h" #include "system_ability.h" @@ -125,12 +126,17 @@ public: private: void GetValidConfigFilePathList(std::vector& pathList); bool GetConfigGrantValueFromFile(std::string& fileContent); - void GetConfigValue(); + void SetFlagIfNeed(const AccessTokenServiceConfig& atConfig, int32_t& cancelTime, uint32_t& parseConfigFlag); + void GetConfigValue(uint32_t& parseConfigFlag); bool Initialize(); void AccessTokenServiceParamSet() const; PermissionOper GetPermissionsState(AccessTokenID tokenID, std::vector& reqPermList); int32_t UpdateHapTokenCore(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, const HapPolicyParcel& policyParcel, HapInfoCheckResultIdl& resultInfoIdl); + void ReportAddHap(const HapInfoParcel& info, const HapPolicyParcel& policy); + void ReportAddHapFinish(AccessTokenIDEx fullTokenId, const HapInfoParcel& info, int64_t beginTime, + int32_t errorCode); + ServiceRunningState state_; std::string grantBundleName_; std::string grantAbilityName_; diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index 6b328c568..0242c1154 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -46,7 +46,7 @@ class AccessTokenInfoManager final { public: static AccessTokenInfoManager& GetInstance(); ~AccessTokenInfoManager(); - void Init(); + void Init(uint32_t& hapSize, uint32_t& nativeSize, uint32_t& pefDefSize, uint32_t& dlpSize); void InitNativeTokenInfos(const std::vector& tokenInfos); int32_t GetTokenIDByUserID(int32_t userID, std::unordered_set& tokenIdList); std::shared_ptr GetHapTokenInfoInner(AccessTokenID id); @@ -104,10 +104,14 @@ private: AccessTokenInfoManager(); DISALLOW_COPY_AND_MOVE(AccessTokenInfoManager); + int32_t AddHapInfoToCache(const GenericValues& tokenValue, const std::vector& permStateRes, + const std::vector& extendedPermRes); void InitHapTokenInfos(uint32_t& hapSize); - int AddHapTokenInfo(const std::shared_ptr& info); + void ReportAddHapIdChange(const std::shared_ptr& hapInfo, AccessTokenID oriTokenId); + int AddHapTokenInfo(const std::shared_ptr& info, AccessTokenID& oriTokenId); std::string GetHapUniqueStr(const std::shared_ptr& info) const; std::string GetHapUniqueStr(const int& userID, const std::string& bundleName, const int& instIndex) const; + int32_t RegisterTokenId(const HapInfoParams& info, AccessTokenID& tokenId); int AddHapTokenInfoToDb(const std::shared_ptr& hapInfo, const std::string& appId, const HapPolicy& policy, bool isUpdate); int RemoveHapTokenInfoFromDb(const std::shared_ptr& info); diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index 4b0c7ef82..e0d3ad63e 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -52,6 +52,7 @@ public: HapTokenInfo GetHapInfoBasic() const; int GetUserID() const; int GetDlpType() const; + AccessTokenAttr GetAttr() const; std::string GetBundleName() const; int GetInstIndex() const; AccessTokenID GetTokenID() const; diff --git a/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp b/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp index 4511527a9..f13756be4 100644 --- a/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp +++ b/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp @@ -39,11 +39,13 @@ void ReportSysEventPerformance() } } -void ReportSysEventServiceStart(int32_t pid, uint32_t hapSize, uint32_t nativeSize, uint32_t permDefSize) +void ReportSysEventServiceStart(const AccessTokenDfxInfo& info) { int32_t ret = HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "ACCESSTOKEN_SERVICE_START", HiviewDFX::HiSysEvent::EventType::STATISTIC, - "PID", pid, "HAP_SIZE", hapSize, "NATIVE_SIZE", nativeSize, "PERM_DEFINITION_SIZE", permDefSize); + "PID", info.pid, "HAP_SIZE", info.hapSize, "NATIVE_SIZE", info.nativeSize, + "PERM_DEFINITION_SIZE", info.permDefSize, "DLP_PERMISSION_SIZE", info.dlpSize, + "PARSE_CONFIG_FLAG", info.parseConfigFlag); if (ret != 0) { LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write hisysevent write, ret %{public}d.", ret); } @@ -71,6 +73,28 @@ void ReportSysCommonEventError(int32_t ipcCode, int32_t errCode) } ClearThreadErrorMsg(); } + +void ReportSysEventAddHap(const AccessTokenDfxInfo& info) +{ + if ((info.sceneCode != AddHapSceneCode::INSTALL_START) && + (info.sceneCode != AddHapSceneCode::TOKEN_ID_CHANGE) && + (info.sceneCode != AddHapSceneCode::INIT) && + (info.sceneCode != AddHapSceneCode::MAP) && + (info.sceneCode != AddHapSceneCode::INSTALL_FINISH)) { + return; + } + int32_t res = HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "ADD_HAP", + HiviewDFX::HiSysEvent::EventType::STATISTIC, + "SCENE_CODE", info.sceneCode, "TOKENID", info.tokenId, "ORI_TOKENID", info.oriTokenId, + "TOKENIDEX", static_cast(info.tokenIdEx.tokenIDEx), "USERID", info.userId, + "BUNDLENAME", info.bundleName, "INSTINDEX", info.instIndex, "DLP_TYPE", info.dlpType, + "IS_RESTORE", info.isRestore, "PERM_INFO", info.permInfo, "ACL_INFO", info.aclInfo, + "PREAUTH_INFO", info.preauthInfo, "EXTEND_INFO", info.extendInfo, "DURATION", info.duration, + "ERROR_CODE", info.errorCode); + if (res != 0) { + LOGE(ATM_DOMAIN, ATM_TAG, "Failed to write hisysevent write, ret %{public}d.", res); + } +} } // namespace AccessToken } // namespace Security } // namespace OHOS \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp b/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp index d965600c0..6536aa1c3 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp @@ -214,7 +214,7 @@ void PermissionAppManagerDeathCallback::NotifyAppManagerDeath() TempPermissionObserver::GetInstance().OnAppMgrRemoteDiedHandle(); } -TempPermissionObserver::TempPermissionObserver() : cancleTimes_(DEFAULT_CANCLE_MILLISECONDS) +TempPermissionObserver::TempPermissionObserver() : cancelTimes_(DEFAULT_CANCLE_MILLISECONDS) {} TempPermissionObserver::~TempPermissionObserver() @@ -633,7 +633,7 @@ bool TempPermissionObserver::DelayRevokePermission(AccessToken::AccessTokenID to TempPermissionObserver::GetInstance().RevokeAllTempPermission(tokenID); LOGI(ATM_DOMAIN, ATM_TAG, "Token: %{public}d, delay revoke permission end", tokenID); }); - eventHandler->ProxyPostTask(delayed, taskName, cancleTimes_); + eventHandler->ProxyPostTask(delayed, taskName, cancelTimes_); return true; #else LOGW(ATM_DOMAIN, ATM_TAG, "Eventhandler is not existed"); @@ -659,13 +659,13 @@ bool TempPermissionObserver::CancleTaskOfPermissionRevoking(const std::string& t #endif } -void TempPermissionObserver::SetCancelTime(int32_t cancleTime) +void TempPermissionObserver::SetCancelTime(int32_t cancelTime) { - if (cancleTime != 0) { - cancleTimes_ = cancleTime; + if (cancelTime != 0) { + cancelTimes_ = cancelTime; } - LOGI(ATM_DOMAIN, ATM_TAG, "CancleTimes_ is %{public}d.", cancleTimes_); + LOGI(ATM_DOMAIN, ATM_TAG, "CancelTimes_ is %{public}d.", cancelTimes_); } } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 092e41cdb..ccdf0fff3 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -34,7 +34,6 @@ #include "hitrace_meter.h" #endif #include "ipc_skeleton.h" -#include "json_parse_loader.h" #include "libraryloader.h" #include "memory_guard.h" #include "parameter.h" @@ -85,6 +84,13 @@ static constexpr int32_t SA_ID_ACCESSTOKEN_MANAGER_SERVICE = 3503; constexpr uint32_t TIMEOUT = 40; // 40s thread_local int32_t g_timerId = 0; #endif // HICOLLIE_ENABLE + +constexpr uint32_t BITMAP_INDEX_1 = 1; +constexpr uint32_t BITMAP_INDEX_2 = 2; +constexpr uint32_t BITMAP_INDEX_3 = 3; +constexpr uint32_t BITMAP_INDEX_4 = 4; +constexpr uint32_t BITMAP_INDEX_5 = 5; +constexpr uint32_t BITMAP_INDEX_6 = 6; } const bool REGISTER_RESULT = @@ -611,14 +617,71 @@ static void TransferHapPolicy(const HapPolicy& policyIn, HapPolicy& policyOut) policyOut.aclExtendedMap = policyIn.aclExtendedMap; } +void AccessTokenManagerService::ReportAddHap(const HapInfoParcel& info, const HapPolicyParcel& policy) +{ + AccessTokenDfxInfo dfxInfo; + dfxInfo.sceneCode = AddHapSceneCode::INSTALL_START; + dfxInfo.tokenId = info.hapInfoParameter.tokenID; + dfxInfo.userId = info.hapInfoParameter.userID; + dfxInfo.bundleName = info.hapInfoParameter.bundleName; + dfxInfo.instIndex = info.hapInfoParameter.instIndex; + dfxInfo.dlpType = static_cast(info.hapInfoParameter.dlpType); + dfxInfo.isRestore = info.hapInfoParameter.isRestore; + + dfxInfo.permInfo = std::to_string(policy.hapPolicy.permStateList.size()) + " : ["; + for (const auto& permState : policy.hapPolicy.permStateList) { + dfxInfo.permInfo.append(permState.permissionName + ", "); + } + dfxInfo.permInfo.append("]"); + + dfxInfo.aclInfo = std::to_string(policy.hapPolicy.aclRequestedList.size()) + " : ["; + for (const auto& perm : policy.hapPolicy.aclRequestedList) { + dfxInfo.aclInfo.append(perm + ", "); + } + dfxInfo.aclInfo.append("]"); + + dfxInfo.preauthInfo = std::to_string(policy.hapPolicy.preAuthorizationInfo.size()) + " : ["; + for (const auto& preAuthInfo : policy.hapPolicy.preAuthorizationInfo) { + dfxInfo.preauthInfo.append(preAuthInfo.permissionName + ", "); + } + dfxInfo.preauthInfo.append("]"); + + dfxInfo.extendInfo = std::to_string(policy.hapPolicy.aclExtendedMap.size()) + " : {"; + for (const auto& aclExtend : policy.hapPolicy.aclExtendedMap) { + dfxInfo.extendInfo.append(aclExtend.first + ": " + aclExtend.second + ", "); + } + dfxInfo.extendInfo.append("}"); + + ReportSysEventAddHap(dfxInfo); +} + +void AccessTokenManagerService::ReportAddHapFinish(AccessTokenIDEx fullTokenId, const HapInfoParcel& info, + int64_t beginTime, int32_t errorCode) +{ + int64_t endTime = TimeUtil::GetCurrentTimestamp(); + AccessTokenDfxInfo dfxInfo; + dfxInfo.sceneCode = AddHapSceneCode::INSTALL_FINISH; + dfxInfo.tokenId = fullTokenId.tokenIdExStruct.tokenID; + dfxInfo.tokenIdEx = fullTokenId; + dfxInfo.userId = info.hapInfoParameter.userID; + dfxInfo.bundleName = info.hapInfoParameter.bundleName; + dfxInfo.instIndex = info.hapInfoParameter.instIndex; + dfxInfo.duration = endTime - beginTime; + dfxInfo.errorCode = errorCode; + ReportSysEventAddHap(dfxInfo); +} + int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy, uint64_t& fullTokenId, HapInfoCheckResultIdl& resultInfoIdl) { LOGI(ATM_DOMAIN, ATM_TAG, "Init hap %{public}s.", info.hapInfoParameter.bundleName.c_str()); + int64_t beginTime = TimeUtil::GetCurrentTimestamp(); + ReportAddHap(info, policy); + AccessTokenID tokenID = IPCSkeleton::GetCallingTokenID(); if (!IsPrivilegedCalling() && (VerifyAccessToken(tokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", tokenID); + LOGC(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", tokenID); return AccessTokenError::ERR_PERMISSION_DENIED; } @@ -635,11 +698,13 @@ int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, const resultInfoIdl.permissionName = permCheckResult.permCheckResult.permissionName; int32_t rule = permCheckResult.permCheckResult.rule; resultInfoIdl.rule = static_cast(rule); + ReportAddHapFinish({0}, info, beginTime, ERR_PERM_REQUEST_CFG_FAILED); return ERR_OK; } } else { if (!PermissionManager::GetInstance().InitDlpPermissionList( info.hapInfoParameter.bundleName, info.hapInfoParameter.userID, initializedList)) { + ReportAddHapFinish({0}, info, beginTime, ERR_PERM_REQUEST_CFG_FAILED); return ERR_PERM_REQUEST_CFG_FAILED; } } @@ -649,9 +714,7 @@ int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, const int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( info.hapInfoParameter, policyCopy.hapPolicy, tokenIdEx); fullTokenId = tokenIdEx.tokenIDEx; - if (ret != RET_SUCCESS) { - return ret; - } + ReportAddHapFinish(tokenIdEx, info, beginTime, ret); return ret; } @@ -1208,8 +1271,50 @@ void AccessTokenManagerService::AccessTokenServiceParamSet() const } } -void AccessTokenManagerService::GetConfigValue() +void AccessTokenManagerService::SetFlagIfNeed(const AccessTokenServiceConfig& atConfig, + int32_t& cancelTime, uint32_t& parseConfigFlag) { + parseConfigFlag = 0; + // set value from config + if (!atConfig.grantBundleName.empty()) { + grantBundleName_ = atConfig.grantBundleName; + parseConfigFlag = 0x1; + } + if (!atConfig.grantAbilityName.empty()) { + grantAbilityName_ = atConfig.grantAbilityName; + parseConfigFlag |= 0x1 << BITMAP_INDEX_1; + } + if (!atConfig.grantServiceAbilityName.empty()) { + grantServiceAbilityName_ = atConfig.grantServiceAbilityName; + parseConfigFlag |= 0x1 << BITMAP_INDEX_2; + } + if (!atConfig.permStateAbilityName.empty()) { + permStateAbilityName_ = atConfig.permStateAbilityName; + parseConfigFlag |= 0x1 << BITMAP_INDEX_3; + } + if (!atConfig.globalSwitchAbilityName.empty()) { + globalSwitchAbilityName_ = atConfig.globalSwitchAbilityName; + parseConfigFlag |= 0x1 << BITMAP_INDEX_4; + } + if (atConfig.cancelTime != 0) { + cancelTime = atConfig.cancelTime; + parseConfigFlag |= 0x1 << BITMAP_INDEX_5; + } + if (!atConfig.applicationSettingAbilityName.empty()) { + applicationSettingAbilityName_ = atConfig.applicationSettingAbilityName; + parseConfigFlag |= 0x1 << BITMAP_INDEX_6; + } +} + +void AccessTokenManagerService::GetConfigValue(uint32_t& parseConfigFlag) +{ + grantBundleName_ = GRANT_ABILITY_BUNDLE_NAME; + grantAbilityName_ = GRANT_ABILITY_ABILITY_NAME; + grantServiceAbilityName_ = GRANT_ABILITY_ABILITY_NAME; + permStateAbilityName_ = PERMISSION_STATE_SHEET_ABILITY_NAME; + globalSwitchAbilityName_ = GLOBAL_SWITCH_SHEET_ABILITY_NAME; + int32_t cancelTime = 0; + applicationSettingAbilityName_ = APPLICATION_SETTING_ABILITY_NAME; LibraryLoader loader(CONFIG_PARSE_LIBPATH); ConfigPolicyLoaderInterface* policy = loader.GetObject(); if (policy == nullptr) { @@ -1218,30 +1323,9 @@ void AccessTokenManagerService::GetConfigValue() } AccessTokenConfigValue value; if (policy->GetConfigValue(ServiceType::ACCESSTOKEN_SERVICE, value)) { - // set value from config - grantBundleName_ = value.atConfig.grantBundleName.empty() ? - GRANT_ABILITY_BUNDLE_NAME : value.atConfig.grantBundleName; - grantAbilityName_ = value.atConfig.grantAbilityName.empty() ? - GRANT_ABILITY_ABILITY_NAME : value.atConfig.grantAbilityName; - grantServiceAbilityName_ = value.atConfig.grantServiceAbilityName.empty() ? - GRANT_ABILITY_ABILITY_NAME : value.atConfig.grantServiceAbilityName; - permStateAbilityName_ = value.atConfig.permStateAbilityName.empty() ? - PERMISSION_STATE_SHEET_ABILITY_NAME : value.atConfig.permStateAbilityName; - globalSwitchAbilityName_ = value.atConfig.globalSwitchAbilityName.empty() ? - GLOBAL_SWITCH_SHEET_ABILITY_NAME : value.atConfig.globalSwitchAbilityName; - applicationSettingAbilityName_ = value.atConfig.applicationSettingAbilityName.empty() ? - APPLICATION_SETTING_ABILITY_NAME : value.atConfig.applicationSettingAbilityName; - TempPermissionObserver::GetInstance().SetCancelTime(value.atConfig.cancleTime); - } else { - LOGI(ATM_DOMAIN, ATM_TAG, "No config file or config file is not valid, use default values"); - grantBundleName_ = GRANT_ABILITY_BUNDLE_NAME; - grantAbilityName_ = GRANT_ABILITY_ABILITY_NAME; - grantServiceAbilityName_ = GRANT_ABILITY_ABILITY_NAME; - permStateAbilityName_ = PERMISSION_STATE_SHEET_ABILITY_NAME; - globalSwitchAbilityName_ = GLOBAL_SWITCH_SHEET_ABILITY_NAME; - applicationSettingAbilityName_ = APPLICATION_SETTING_ABILITY_NAME; + SetFlagIfNeed(value.atConfig, cancelTime, parseConfigFlag); } - + TempPermissionObserver::GetInstance().SetCancelTime(cancelTime); LOGI(ATM_DOMAIN, ATM_TAG, "GrantBundleName_ is %{public}s, grantAbilityName_ is %{public}s, " "grantServiceAbilityName_ is %{public}s, permStateAbilityName_ is %{public}s, " "globalSwitchAbilityName_ is %{public}s, applicationSettingAbilityName_ is %{public}s.", @@ -1284,13 +1368,26 @@ bool AccessTokenManagerService::Initialize() { MemoryGuard guard; ReportSysEventPerformance(); - AccessTokenInfoManager::GetInstance().Init(); + + uint32_t hapSize = 0; + uint32_t nativeSize = 0; + uint32_t pefDefSize = 0; + uint32_t dlpSize = 0; + AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize); #ifdef EVENTHANDLER_ENABLE TempPermissionObserver::GetInstance().InitEventHandler(); ShortGrantManager::GetInstance().InitEventHandler(); #endif - GetConfigValue(); + AccessTokenDfxInfo dfxInfo; + dfxInfo.pid = getpid(); + dfxInfo.hapSize = hapSize; + dfxInfo.nativeSize = nativeSize; + dfxInfo.permDefSize = pefDefSize; + dfxInfo.dlpSize = dlpSize; + GetConfigValue(dfxInfo.parseConfigFlag); + + ReportSysEventServiceStart(dfxInfo); LOGI(ATM_DOMAIN, ATM_TAG, "Initialize success"); return true; } diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 0dc6bae97..88a611f5a 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -85,7 +85,7 @@ AccessTokenInfoManager::~AccessTokenInfoManager() this->hasInited_ = false; } -void AccessTokenInfoManager::Init() +void AccessTokenInfoManager::Init(uint32_t& hapSize, uint32_t& nativeSize, uint32_t& pefDefSize, uint32_t& dlpSize) { OHOS::Utils::UniqueWriteGuard lk(this->managerLock_); if (hasInited_) { @@ -105,23 +105,26 @@ void AccessTokenInfoManager::Init() ReportSysEventServiceStartError( INIT_NATIVE_TOKENINFO_ERROR, "GetAllNativeTokenInfo fail from native json.", ret); } - uint32_t hapSize = 0; - uint32_t nativeSize = tokenInfos.size(); - InitHapTokenInfos(hapSize); - InitNativeTokenInfos(tokenInfos); - uint32_t pefDefSize = GetDefPermissionsSize(); - ReportSysEventServiceStart(getpid(), hapSize, nativeSize, pefDefSize); - LOGI(ATM_DOMAIN, ATM_TAG, "InitTokenInfo end, hapSize %{public}d, nativeSize %{public}d, pefDefSize %{public}d.", - hapSize, nativeSize, pefDefSize); #ifdef SUPPORT_SANDBOX_APP std::vector dlpPerms; ret = policy->GetDlpPermissions(dlpPerms); + dlpSize = dlpPerms.size(); if (ret == RET_SUCCESS) { - LOGI(ATM_DOMAIN, ATM_TAG, "Load dlpPer size=%{public}zu.", dlpPerms.size()); + LOGI(ATM_DOMAIN, ATM_TAG, "Load dlpPer size=%{public}zu.", dlpSize); DlpPermissionSetManager::GetInstance().ProcessDlpPermInfos(dlpPerms); } #endif + + InitHapTokenInfos(hapSize); + nativeSize = tokenInfos.size(); + InitNativeTokenInfos(tokenInfos); + pefDefSize = GetDefPermissionsSize(); + + LOGI(ATM_DOMAIN, ATM_TAG, + "InitTokenInfo end, hapSize %{public}u, nativeSize %{public}u, pefDefSize %{public}u, dlpSize %{public}u.", + hapSize, nativeSize, pefDefSize, dlpSize); + hasInited_ = true; LOGI(ATM_DOMAIN, ATM_TAG, "Init success"); } @@ -151,6 +154,57 @@ void AccessTokenInfoManager::InitDmCallback(void) } #endif +int32_t AccessTokenInfoManager::AddHapInfoToCache(const GenericValues& tokenValue, + const std::vector& permStateRes, const std::vector& extendedPermRes) +{ + AccessTokenID tokenId = static_cast(tokenValue.GetInt(TokenFiledConst::FIELD_TOKEN_ID)); + std::string bundle = tokenValue.GetString(TokenFiledConst::FIELD_BUNDLE_NAME); + int result = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP); + if (result != RET_SUCCESS) { + LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u add id failed, error=%{public}d.", tokenId, result); + ReportSysEventServiceStartError(INIT_HAP_TOKENINFO_ERROR, + "RegisterTokenId fail, " + bundle + std::to_string(tokenId), result); + return result; + } + std::shared_ptr hap = std::make_shared(); + result = hap->RestoreHapTokenInfo(tokenId, tokenValue, permStateRes, extendedPermRes); + if (result != RET_SUCCESS) { + AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); + LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u restore failed.", tokenId); + return result; + } + + AccessTokenID oriTokenId = 0; + result = AddHapTokenInfo(hap, oriTokenId); + if (result != RET_SUCCESS) { + AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); + LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u add failed.", tokenId); + ReportSysEventServiceStartError(INIT_HAP_TOKENINFO_ERROR, + "AddHapTokenInfo fail, " + bundle + std::to_string(tokenId), result); + return result; + } + + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx.tokenIdExStruct.tokenID = tokenId; + tokenIdEx.tokenIdExStruct.tokenAttr = hap->GetAttr(); + + AccessTokenDfxInfo dfxInfo; + dfxInfo.sceneCode = AddHapSceneCode::INIT; + dfxInfo.tokenId = tokenId; + dfxInfo.tokenIdEx = tokenIdEx; + dfxInfo.userId = hap->GetUserID(); + dfxInfo.bundleName = hap->GetBundleName(); + dfxInfo.instIndex = hap->GetInstIndex(); + ReportSysEventAddHap(dfxInfo); + + LOGI(ATM_DOMAIN, ATM_TAG, + " Restore hap token %{public}u bundle name %{public}s user %{public}d," + " permSize %{public}d, inst %{public}d ok!", + tokenId, hap->GetBundleName().c_str(), hap->GetUserID(), hap->GetReqPermissionSize(), hap->GetInstIndex()); + + return RET_SUCCESS; +} + void AccessTokenInfoManager::InitHapTokenInfos(uint32_t& hapSize) { GenericValues conditionValue; @@ -171,36 +225,11 @@ void AccessTokenInfoManager::InitHapTokenInfos(uint32_t& hapSize) ReportSysEventServiceStartError(INIT_HAP_TOKENINFO_ERROR, "Load exetended value from db fail.", ret); } for (const GenericValues& tokenValue : hapTokenRes) { - AccessTokenID tokenId = (AccessTokenID)tokenValue.GetInt(TokenFiledConst::FIELD_TOKEN_ID); - std::string bundle = tokenValue.GetString(TokenFiledConst::FIELD_BUNDLE_NAME); - int result = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP); - if (result != RET_SUCCESS) { - LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u add id failed, error=%{public}d.", tokenId, result); - ReportSysEventServiceStartError(INIT_HAP_TOKENINFO_ERROR, - "RegisterTokenId fail, " + bundle + std::to_string(tokenId), result); - continue; - } - std::shared_ptr hap = std::make_shared(); - result = hap->RestoreHapTokenInfo(tokenId, tokenValue, permStateRes, extendedPermRes); - if (result != RET_SUCCESS) { - AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); - LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u restore failed.", tokenId); - continue; - } - - result = AddHapTokenInfo(hap); - if (result != RET_SUCCESS) { - AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); - LOGE(ATM_DOMAIN, ATM_TAG, "TokenId %{public}u add failed.", tokenId); - ReportSysEventServiceStartError(INIT_HAP_TOKENINFO_ERROR, - "AddHapTokenInfo fail, " + bundle + std::to_string(tokenId), result); + ret = AddHapInfoToCache(tokenValue, permStateRes, extendedPermRes); + if (ret != RET_SUCCESS) { continue; } hapSize++; - LOGI(ATM_DOMAIN, ATM_TAG, - " Restore hap token %{public}u bundle name %{public}s user %{public}d," - " permSize %{public}d, inst %{public}d ok!", - tokenId, hap->GetBundleName().c_str(), hap->GetUserID(), hap->GetReqPermissionSize(), hap->GetInstIndex()); } } @@ -218,7 +247,7 @@ std::string AccessTokenInfoManager::GetHapUniqueStr(const std::shared_ptrGetUserID(), info->GetBundleName(), info->GetInstIndex()); } -int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr& info) +int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr& info, AccessTokenID& oriTokenId) { if (info == nullptr) { LOGE(ATM_DOMAIN, ATM_TAG, "Token info is null."); @@ -245,13 +274,9 @@ int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptrGetTokenID(), "USERID", info->GetUserID(), "BUNDLENAME", info->GetBundleName(), - "INSTINDEX", info->GetInstIndex()); - // add hap to kernel int32_t userId = info->GetUserID(); { @@ -489,27 +514,40 @@ int32_t AccessTokenInfoManager::CheckHapInfoParam(const HapInfoParams& info, con continue; } if (!DataValidator::IsAclExtendedMapContentValid(extendValue.first, extendValue.second)) { - LOGC(ATM_DOMAIN, ATM_TAG, "acl extended content is unvalid."); + LOGC(ATM_DOMAIN, ATM_TAG, "Acl extended content is invalid."); return AccessTokenError::ERR_PARAM_INVALID; } } return ERR_OK; } -int AccessTokenInfoManager::CreateHapTokenInfo( - const HapInfoParams& info, const HapPolicy& policy, AccessTokenIDEx& tokenIdEx) +void AccessTokenInfoManager::ReportAddHapIdChange(const std::shared_ptr& hapInfo, + AccessTokenID oriTokenId) { - if (CheckHapInfoParam(info, policy) != ERR_OK) { - return AccessTokenError::ERR_PARAM_INVALID; - } - AccessTokenID tokenId = info.tokenID; + AccessTokenDfxInfo dfxInfo; + dfxInfo.sceneCode = AddHapSceneCode::TOKEN_ID_CHANGE; + dfxInfo.tokenId = hapInfo->GetTokenID(); + dfxInfo.oriTokenId = oriTokenId; + dfxInfo.userId = hapInfo->GetUserID(); + dfxInfo.bundleName = hapInfo->GetBundleName(); + dfxInfo.instIndex = hapInfo->GetInstIndex(); + ReportSysEventAddHap(dfxInfo); +} + +int32_t AccessTokenInfoManager::RegisterTokenId(const HapInfoParams& info, AccessTokenID& tokenId) +{ + int32_t res = RET_SUCCESS; + if (info.isRestore) { - LOGI(ATM_DOMAIN, ATM_TAG, "isRestore is true, tokenId is %{public}u", tokenId); - int32_t res = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP); + LOGI(ATM_DOMAIN, ATM_TAG, "IsRestore is true, tokenId is %{public}u.", info.tokenID); + + res = AccessTokenIDManager::GetInstance().RegisterTokenId(info.tokenID, TOKEN_HAP); if (res != RET_SUCCESS) { - LOGC(ATM_DOMAIN, ATM_TAG, "Token Id register failed, res is %{public}d", res); + LOGC(ATM_DOMAIN, ATM_TAG, "Token Id register failed, errCode is %{public}d.", res); return res; } + + tokenId = info.tokenID; } else { int32_t dlpFlag = (info.dlpType > DLP_COMMON) ? 1 : 0; int32_t cloneFlag = ((dlpFlag == 0) && (info.instIndex) > 0) ? 1 : 0; @@ -520,6 +558,20 @@ int AccessTokenInfoManager::CreateHapTokenInfo( } } + return res; +} + +int AccessTokenInfoManager::CreateHapTokenInfo( + const HapInfoParams& info, const HapPolicy& policy, AccessTokenIDEx& tokenIdEx) +{ + if (CheckHapInfoParam(info, policy) != ERR_OK) { + return AccessTokenError::ERR_PARAM_INVALID; + } + AccessTokenID tokenId; + int32_t ret = RegisterTokenId(info, tokenId); + if (ret != RET_SUCCESS) { + return ret; + } #ifdef SUPPORT_SANDBOX_APP std::shared_ptr tokenInfo; HapPolicy policyNew = policy; @@ -530,14 +582,26 @@ int AccessTokenInfoManager::CreateHapTokenInfo( #else std::shared_ptr tokenInfo = std::make_shared(tokenId, info, policy); #endif - AddHapTokenInfoToDb(tokenInfo, info.appIDDesc, policy, false); - int ret = AddHapTokenInfo(tokenInfo); + ret = AddHapTokenInfoToDb(tokenInfo, info.appIDDesc, policy, false); + if (ret != RET_SUCCESS) { + LOGC(ATM_DOMAIN, ATM_TAG, "AddHapTokenInfoToDb failed, errCode is %{public}d.", ret); + AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); + return ret; + } + + AccessTokenID oriTokenID = 0; + ret = AddHapTokenInfo(tokenInfo, oriTokenID); if (ret != RET_SUCCESS) { LOGC(ATM_DOMAIN, ATM_TAG, "%{public}s add token info failed", info.bundleName.c_str()); AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); RemoveHapTokenInfoFromDb(tokenInfo); return ret; } + + if (oriTokenID != 0) { + ReportAddHapIdChange(tokenInfo, oriTokenID); + } + LOGI(ATM_DOMAIN, ATM_TAG, "Create hap token %{public}u bundleName %{public}s user %{public}d inst %{public}d isRestore %{public}d ok", tokenId, tokenInfo->GetBundleName().c_str(), tokenInfo->GetUserID(), tokenInfo->GetInstIndex(), info.isRestore); @@ -722,12 +786,21 @@ int AccessTokenInfoManager::CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTok std::shared_ptr hap = std::make_shared(mapID, hapSync); hap->SetRemote(true); - int ret = AddHapTokenInfo(hap); + AccessTokenID oriTokenId = 0; + int ret = AddHapTokenInfo(hap, oriTokenId); if (ret != RET_SUCCESS) { LOGE(ATM_DOMAIN, ATM_TAG, "Add local token failed."); return ret; } + AccessTokenDfxInfo dfxInfo; + dfxInfo.sceneCode = AddHapSceneCode::MAP; + dfxInfo.tokenId = hap->GetTokenID(); + dfxInfo.userId = hap->GetUserID(); + dfxInfo.bundleName = hap->GetBundleName(); + dfxInfo.instIndex = hap->GetInstIndex(); + ReportSysEventAddHap(dfxInfo); + return RET_SUCCESS; } diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 9f5942ca2..aac064b31 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -209,6 +209,11 @@ int HapTokenInfoInner::GetDlpType() const return tokenInfoBasic_.dlpType; } +AccessTokenAttr HapTokenInfoInner::GetAttr() const +{ + return tokenInfoBasic_.tokenAttr; +} + std::string HapTokenInfoInner::GetBundleName() const { return tokenInfoBasic_.bundleName; diff --git a/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp b/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp index e3beda2e4..39c357004 100644 --- a/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp +++ b/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp @@ -72,7 +72,11 @@ public: void PermissionRecordManagerCoverageTest::SetUpTestCase() { - AccessTokenInfoManager::GetInstance().Init(); + uint32_t hapSize = 0; + uint32_t nativeSize = 0; + uint32_t pefDefSize = 0; + uint32_t dlpSize = 0; + AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize); } void PermissionRecordManagerCoverageTest::TearDownTestCase() {} diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index a519fd132..89c64022e 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -126,7 +126,11 @@ public: void AccessTokenInfoManagerTest::SetUpTestCase() { g_selfTokenId = GetSelfTokenID(); - AccessTokenInfoManager::GetInstance().Init(); + uint32_t hapSize = 0; + uint32_t nativeSize = 0; + uint32_t pefDefSize = 0; + uint32_t dlpSize = 0; + AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize); } void AccessTokenInfoManagerTest::TearDownTestCase() @@ -1560,7 +1564,11 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo007, TestSize.Level1) HWTEST_F(AccessTokenInfoManagerTest, AccessTokenInfoManager001, TestSize.Level1) { AccessTokenInfoManager::GetInstance().hasInited_ = true; - AccessTokenInfoManager::GetInstance().Init(); + uint32_t hapSize = 0; + uint32_t nativeSize = 0; + uint32_t pefDefSize = 0; + uint32_t dlpSize = 0; + AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize); AccessTokenInfoManager::GetInstance().hasInited_ = false; ASSERT_EQ(false, AccessTokenInfoManager::GetInstance().hasInited_); } @@ -1586,7 +1594,8 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapUniqueStr001, TestSize.Level1) HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo001, TestSize.Level1) { std::shared_ptr info = nullptr; - ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(info)); + AccessTokenID oriTokenId = 0; + ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(info, oriTokenId)); } /** @@ -1613,7 +1622,8 @@ HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo002, TestSize.Level1) ASSERT_NE(static_cast(0), tokenId); std::shared_ptr infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenId); - ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(infoPtr)); + AccessTokenID oriTokenId = 0; + ASSERT_NE(0, AccessTokenInfoManager::GetInstance().AddHapTokenInfo(infoPtr, oriTokenId)); ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId)); } diff --git a/services/common/json_parse/include/json_parse_loader.h b/services/common/json_parse/include/json_parse_loader.h index 4af857e66..ec5920f8d 100644 --- a/services/common/json_parse/include/json_parse_loader.h +++ b/services/common/json_parse/include/json_parse_loader.h @@ -32,7 +32,7 @@ struct AccessTokenServiceConfig final { std::string grantServiceAbilityName; std::string permStateAbilityName; std::string globalSwitchAbilityName; - int32_t cancleTime = 0; + int32_t cancelTime = 0; std::string applicationSettingAbilityName; }; diff --git a/services/common/json_parse/src/json_parse_loader.cpp b/services/common/json_parse/src/json_parse_loader.cpp index 9fac17896..2998452af 100644 --- a/services/common/json_parse/src/json_parse_loader.cpp +++ b/services/common/json_parse/src/json_parse_loader.cpp @@ -181,7 +181,7 @@ bool GetAtCfgFromJson(const CJson* j, AccessTokenServiceConfig& a) return false; } - if (!GetIntFromJson(j, TEMP_PERM_CANCLE_TIME_KEY, a.cancleTime)) { + if (!GetIntFromJson(j, TEMP_PERM_CANCLE_TIME_KEY, a.cancelTime)) { return false; } diff --git a/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp index ac5977c12..fd45b2931 100644 --- a/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/deleteremotedevicetokensstub_fuzzer/deleteremotedevicetokensstub_fuzzer.cpp @@ -58,7 +58,11 @@ namespace OHOS { if (enable) { AccessTokenID accesstoken = AccessTokenKit::GetNativeTokenId("token_sync_service"); SetSelfTokenID(accesstoken); - AccessTokenInfoManager::GetInstance().Init(); + uint32_t hapSize = 0; + uint32_t nativeSize = 0; + uint32_t pefDefSize = 0; + uint32_t dlpSize = 0; + AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize); } DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); AccessTokenID hdcd = AccessTokenKit::GetNativeTokenId("hdcd"); diff --git a/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp index b9f55622a..cc7f7dca3 100644 --- a/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/deleteremotetokenstub_fuzzer/deleteremotetokenstub_fuzzer.cpp @@ -62,7 +62,11 @@ namespace OHOS { if (enable) { AccessTokenID accesstoken = AccessTokenKit::GetNativeTokenId("token_sync_service"); SetSelfTokenID(accesstoken); - AccessTokenInfoManager::GetInstance().Init(); + uint32_t hapSize = 0; + uint32_t nativeSize = 0; + uint32_t pefDefSize = 0; + uint32_t dlpSize = 0; + AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize); } DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); AccessTokenID hdcd = AccessTokenKit::GetNativeTokenId("hdcd"); diff --git a/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp index 98b432e1a..63a282eb8 100644 --- a/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/gethaptokeninfofromremotestub_fuzzer/gethaptokeninfofromremotestub_fuzzer.cpp @@ -57,7 +57,11 @@ namespace OHOS { if (enable) { AccessTokenID accesstoken = AccessTokenKit::GetNativeTokenId("token_sync_service"); SetSelfTokenID(accesstoken); - AccessTokenInfoManager::GetInstance().Init(); + uint32_t hapSize = 0; + uint32_t nativeSize = 0; + uint32_t pefDefSize = 0; + uint32_t dlpSize = 0; + AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize); } DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); AccessTokenID hdcd = AccessTokenKit::GetNativeTokenId("hdcd"); diff --git a/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp index 1fb794568..d1aa64cfe 100644 --- a/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getremotenativetokenidstub_fuzzer/getremotenativetokenidstub_fuzzer.cpp @@ -62,7 +62,11 @@ namespace OHOS { if (enable) { AccessTokenID accesstoken = AccessTokenKit::GetNativeTokenId("token_sync_service"); SetSelfTokenID(accesstoken); - AccessTokenInfoManager::GetInstance().Init(); + uint32_t hapSize = 0; + uint32_t nativeSize = 0; + uint32_t pefDefSize = 0; + uint32_t dlpSize = 0; + AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize); } DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); AccessTokenID hdcd = AccessTokenKit::GetNativeTokenId("hdcd"); diff --git a/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp index 34aa2513d..4aad6e7e3 100644 --- a/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/grantpermissionstub_fuzzer/grantpermissionstub_fuzzer.cpp @@ -75,7 +75,11 @@ namespace OHOS { AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_InfoParms, g_PolicyPrams); tokenIdHap = tokenIdEx.tokenIDEx; SetSelfTokenID(tokenIdHap); - AccessTokenInfoManager::GetInstance().Init(); + uint32_t hapSize = 0; + uint32_t nativeSize = 0; + uint32_t pefDefSize = 0; + uint32_t dlpSize = 0; + AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize); } bool enable = ((size % CONSTANTS_NUMBER_TWO) == 0); if (enable) { diff --git a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp index db20383d4..5e224d983 100644 --- a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp @@ -96,7 +96,11 @@ namespace OHOS { if (enable) { AccessTokenID accesstoken = AccessTokenKit::GetNativeTokenId("token_sync_service"); SetSelfTokenID(accesstoken); - AccessTokenInfoManager::GetInstance().Init(); + uint32_t hapSize = 0; + uint32_t nativeSize = 0; + uint32_t pefDefSize = 0; + uint32_t dlpSize = 0; + AccessTokenInfoManager::GetInstance().Init(hapSize, nativeSize, pefDefSize, dlpSize); } DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); AccessTokenID hdcd = AccessTokenKit::GetNativeTokenId("hdcd"); -- Gitee From c94e2b9330826df1fd1d86aad58b065fff43cba3 Mon Sep 17 00:00:00 2001 From: t30042929 Date: Tue, 11 Feb 2025 10:37:03 +0800 Subject: [PATCH 039/103] update tdd Signed-off-by: fundavid --- interfaces/inner_api/el5filekeymanager/BUILD.gn | 1 + .../test/src/el5_filekey_manager_service_unittest.cpp | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/interfaces/inner_api/el5filekeymanager/BUILD.gn b/interfaces/inner_api/el5filekeymanager/BUILD.gn index 5e4034620..31697a04e 100644 --- a/interfaces/inner_api/el5filekeymanager/BUILD.gn +++ b/interfaces/inner_api/el5filekeymanager/BUILD.gn @@ -102,6 +102,7 @@ ohos_shared_library("el5_filekey_manager_sdk") { external_deps = [ "c_utils:utils", "hilog:libhilog", + "ipc:ipc_core", "ipc:ipc_single", "samgr:samgr_proxy", ] diff --git a/services/el5filekeymanager/test/src/el5_filekey_manager_service_unittest.cpp b/services/el5filekeymanager/test/src/el5_filekey_manager_service_unittest.cpp index 717bac1a1..c737a150a 100644 --- a/services/el5filekeymanager/test/src/el5_filekey_manager_service_unittest.cpp +++ b/services/el5filekeymanager/test/src/el5_filekey_manager_service_unittest.cpp @@ -24,6 +24,9 @@ using namespace testing::ext; using namespace OHOS::Security::AccessToken; namespace { constexpr uint32_t SCREEN_ON_DELAY_TIME = 30; +constexpr int32_t COMMON_EVENT_SERVICE_ID = 3299; +constexpr int32_t TIME_SERVICE_ID = 3702; +constexpr int32_t SCREENLOCK_SERVICE_ID = 3704; } // namespace void El5FilekeyManagerServiceTest::SetUpTestCase() @@ -39,6 +42,9 @@ void El5FilekeyManagerServiceTest::SetUp() { el5FilekeyManagerService_ = DelayedSingleton::GetInstance(); el5FilekeyManagerService_->Init(); + el5FilekeyManagerService_->OnAddSystemAbility(COMMON_EVENT_SERVICE_ID, ""); + el5FilekeyManagerService_->OnAddSystemAbility(TIME_SERVICE_ID, ""); + el5FilekeyManagerService_->OnAddSystemAbility(SCREENLOCK_SERVICE_ID, ""); } void El5FilekeyManagerServiceTest::TearDown() -- Gitee From 18064f42b12872d0155615d1644baa6366983be8 Mon Sep 17 00:00:00 2001 From: dingqiaoqiao Date: Fri, 11 Apr 2025 10:24:27 +0800 Subject: [PATCH 040/103] =?UTF-8?q?code=E7=A0=81=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: dingqiaoqiao Change-Id: Ia85807c25d60e722fd515f0f238daad18b85052c --- .../grantpermissionforspecifiedtimestub_fuzzer.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp index ae92c9001..538cb8efc 100644 --- a/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/grantpermissionforspecifiedtimestub_fuzzer/grantpermissionforspecifiedtimestub_fuzzer.cpp @@ -49,7 +49,7 @@ namespace OHOS { return false; } uint32_t code = static_cast( - IAccessTokenManagerIpcCode::COMMAND_ALLOC_HAP_TOKEN); + IAccessTokenManagerIpcCode::COMMAND_GRANT_PERMISSION_FOR_SPECIFIED_TIME); MessageParcel reply; MessageOption option; -- Gitee From 0c3d227fd1643c555bbd3874fbbdcc998a9b2336 Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Sat, 5 Apr 2025 09:24:17 +0800 Subject: [PATCH 041/103] =?UTF-8?q?=E5=BC=B9=E7=AA=97=E9=97=AE=E9=A2=98?= =?UTF-8?q?=E4=BF=AE=E5=A4=8D250405?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: I30d9b647172292c4042af61b5ddc637712bee669 --- .../napi_request_global_switch_on_setting.cpp | 120 +++++++++++- .../napi_request_permission_on_setting.cpp | 171 +++++++++++++++--- .../napi_request_global_switch_on_setting.h | 14 ++ .../napi_request_permission_on_setting.h | 14 ++ 4 files changed, 293 insertions(+), 26 deletions(-) diff --git a/frameworks/js/napi/accesstoken/src/napi_request_global_switch_on_setting.cpp b/frameworks/js/napi/accesstoken/src/napi_request_global_switch_on_setting.cpp index e6b05b6d2..ceb3fe322 100644 --- a/frameworks/js/napi/accesstoken/src/napi_request_global_switch_on_setting.cpp +++ b/frameworks/js/napi/accesstoken/src/napi_request_global_switch_on_setting.cpp @@ -24,6 +24,9 @@ namespace OHOS { namespace Security { namespace AccessToken { +std::map>> + RequestGlobalSwitchAsyncInstanceControl::instanceIdMap_; +std::mutex RequestGlobalSwitchAsyncInstanceControl::instanceIdMutex_; namespace { const std::string GLOBAL_SWITCH_KEY = "ohos.user.setting.global_switch"; const std::string GLOBAL_SWITCH_RESULT_KEY = "ohos.user.setting.global_switch.result"; @@ -199,6 +202,8 @@ void SwitchOnSettingUICallback::ReleaseHandler(int32_t code) if (code == -1) { this->reqContext_->errorCode = code; } + RequestGlobalSwitchAsyncInstanceControl::UpdateQueueData(this->reqContext_); + RequestGlobalSwitchAsyncInstanceControl::ExecCallback(this->reqContext_->instanceId); GlobalSwitchResultsCallbackUI( TransferToJsErrorCode(this->reqContext_->errorCode), this->reqContext_->switchStatus, this->reqContext_); } @@ -356,6 +361,117 @@ static int32_t StartUIExtension(std::shared_ptr return CreateUIExtension(want, asyncContext); } +static void GetInstanceId(std::shared_ptr& asyncContext) +{ + auto task = [asyncContext]() { + Ace::UIContent* uiContent = GetUIContent(asyncContext); + if (uiContent == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "Get ui content failed!"); + return; + } + asyncContext->instanceId = uiContent->GetInstanceId(); + }; +#ifdef EVENTHANDLER_ENABLE + if (asyncContext->handler_ != nullptr) { + asyncContext->handler_->PostSyncTask(task, "AT:GetInstanceId"); + } else { + task(); + } +#else + task(); +#endif + LOGI(ATM_DOMAIN, ATM_TAG, "Instance id: %{public}d", asyncContext->instanceId); +} + +void RequestGlobalSwitchAsyncInstanceControl::AddCallbackByInstanceId( + std::shared_ptr& asyncContext) +{ + LOGI(ATM_DOMAIN, ATM_TAG, "InstanceId: %{public}d", asyncContext->instanceId); + { + std::lock_guard lock(instanceIdMutex_); + auto iter = instanceIdMap_.find(asyncContext->instanceId); + // id is existed mean a pop window is showing, add context to waiting queue + if (iter != instanceIdMap_.end()) { + LOGI(ATM_DOMAIN, ATM_TAG, "InstanceId: %{public}d has existed.", asyncContext->instanceId); + instanceIdMap_[asyncContext->instanceId].emplace_back(asyncContext); + return; + } + // make sure id is in map to indicate a pop-up window is showing + instanceIdMap_[asyncContext->instanceId] = {}; + } + StartUIExtension(asyncContext); +} + +void RequestGlobalSwitchAsyncInstanceControl::UpdateQueueData( + const std::shared_ptr& reqContext) +{ + if ((reqContext->errorCode != RET_SUCCESS) || !(reqContext->switchStatus)) { + LOGI(ATM_DOMAIN, ATM_TAG, "The queue data does not need to be updated."); + return; + } + + { + std::lock_guard lock(instanceIdMutex_); + int32_t id = reqContext->instanceId; + auto iter = instanceIdMap_.find(id); + if (iter == instanceIdMap_.end()) { + LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d not existed.", id); + return; + } + int32_t targetSwitchType = reqContext->switchType; + LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map size: %{public}zu.", id, iter->second.size()); + for (auto& asyncContext : iter->second) { + if (targetSwitchType == asyncContext->switchType) { + asyncContext->errorCode = reqContext->errorCode; + asyncContext->switchStatus = reqContext->switchStatus; + asyncContext->isDynamic = false; + } + } + } +} + +void RequestGlobalSwitchAsyncInstanceControl::ExecCallback(int32_t id) +{ + std::shared_ptr asyncContext = nullptr; + bool isDynamic = false; + { + std::lock_guard lock(instanceIdMutex_); + auto iter = instanceIdMap_.find(id); + if (iter == instanceIdMap_.end()) { + LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d not existed.", id); + return; + } + while (!iter->second.empty()) { + LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map size: %{public}zu.", id, iter->second.size()); + asyncContext = iter->second[0]; + iter->second.erase(iter->second.begin()); + CheckDynamicRequest(asyncContext, isDynamic); + if (isDynamic) { + break; + } + } + if (iter->second.empty()) { + LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map is empty", id); + instanceIdMap_.erase(id); + } + } + if (isDynamic) { + StartUIExtension(asyncContext); + } +} + +void RequestGlobalSwitchAsyncInstanceControl::CheckDynamicRequest( + std::shared_ptr& asyncContext, bool& isDynamic) +{ + isDynamic = asyncContext->isDynamic; + if (!isDynamic) { + LOGI(ATM_DOMAIN, ATM_TAG, "It does not need to request permission exsion"); + GlobalSwitchResultsCallbackUI( + TransferToJsErrorCode(asyncContext->errorCode), asyncContext->switchStatus, asyncContext); + return; + } +} + napi_value NapiRequestGlobalSwitch::RequestGlobalSwitch(napi_env env, napi_callback_info info) { LOGD(ATM_DOMAIN, ATM_TAG, "RequestGlobalSwitch begin."); @@ -461,8 +577,10 @@ void NapiRequestGlobalSwitch::RequestGlobalSwitchExecute(napi_env env, void* dat return; } + GetInstanceId(asyncContextHandle->asyncContextPtr); LOGI(ATM_DOMAIN, ATM_TAG, "Start to pop ui extension dialog"); - StartUIExtension(asyncContextHandle->asyncContextPtr); + + RequestGlobalSwitchAsyncInstanceControl::AddCallbackByInstanceId(asyncContextHandle->asyncContextPtr); if (asyncContextHandle->asyncContextPtr->result != JsErrorCode::JS_OK) { LOGW(ATM_DOMAIN, ATM_TAG, "Failed to pop uiextension dialog."); } diff --git a/frameworks/js/napi/accesstoken/src/napi_request_permission_on_setting.cpp b/frameworks/js/napi/accesstoken/src/napi_request_permission_on_setting.cpp index 8bc4516dc..9a16d25ef 100644 --- a/frameworks/js/napi/accesstoken/src/napi_request_permission_on_setting.cpp +++ b/frameworks/js/napi/accesstoken/src/napi_request_permission_on_setting.cpp @@ -24,6 +24,9 @@ namespace OHOS { namespace Security { namespace AccessToken { +std::map>> + RequestOnSettingAsyncInstanceControl::instanceIdMap_; +std::mutex RequestOnSettingAsyncInstanceControl::instanceIdMutex_; namespace { const std::string PERMISSION_KEY = "ohos.user.setting.permission"; const std::string PERMISSION_RESULT_KEY = "ohos.user.setting.permission.result"; @@ -37,8 +40,6 @@ const int32_t PERM_NOT_BELONG_TO_SAME_GROUP = 2; const int32_t PERM_IS_NOT_DECLARE = 3; const int32_t ALL_PERM_GRANTED = 4; const int32_t PERM_REVOKE_BY_USER = 5; -bool g_windowFlag = false; -std::mutex g_lockWindowFlag; std::mutex g_lockFlag; } // namespace static void ReturnPromiseResult(napi_env env, int32_t jsCode, napi_deferred deferred, napi_value result) @@ -228,10 +229,8 @@ void PermissonOnSettingUICallback::ReleaseHandler(int32_t code) if (code == -1) { this->reqContext_->errorCode = code; } - { - std::lock_guard lock(g_lockWindowFlag); - g_windowFlag = false; - } + RequestOnSettingAsyncInstanceControl::UpdateQueueData(this->reqContext_); + RequestOnSettingAsyncInstanceControl::ExecCallback(this->reqContext_->instanceId); PermissionResultsCallbackUI( TransferToJsErrorCode(this->reqContext_->errorCode), this->reqContext_->stateList, this->reqContext_); } @@ -369,22 +368,8 @@ static int32_t CreateUIExtension(const Want &want, std::shared_ptr lock(g_lockWindowFlag); - if (g_windowFlag) { - LOGW(ATM_DOMAIN, ATM_TAG, "The request already exists."); - asyncContext->result = RET_FAILED; - asyncContext->errorCode = REQUEST_REALDY_EXIST; - return RET_FAILED; - } - g_windowFlag = true; - } CreateUIExtensionMainThread(asyncContext, want, uiExtensionCallbacks, uiExtCallback); if (asyncContext->result == RET_FAILED) { - { - std::lock_guard lock(g_lockWindowFlag); - g_windowFlag = false; - } return RET_FAILED; } return JS_OK; @@ -402,6 +387,144 @@ static int32_t StartUIExtension(std::shared_ptr& asyncContext) +{ + auto task = [asyncContext]() { + Ace::UIContent* uiContent = GetUIContent(asyncContext); + if (uiContent == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "Get ui content failed!"); + return; + } + asyncContext->instanceId = uiContent->GetInstanceId(); + }; +#ifdef EVENTHANDLER_ENABLE + if (asyncContext->handler_ != nullptr) { + asyncContext->handler_->PostSyncTask(task, "AT:GetInstanceId"); + } else { + task(); + } +#else + task(); +#endif + LOGI(ATM_DOMAIN, ATM_TAG, "Instance id: %{public}d", asyncContext->instanceId); +} + +void RequestOnSettingAsyncInstanceControl::AddCallbackByInstanceId( + std::shared_ptr& asyncContext) +{ + LOGI(ATM_DOMAIN, ATM_TAG, "InstanceId: %{public}d", asyncContext->instanceId); + { + std::lock_guard lock(instanceIdMutex_); + auto iter = instanceIdMap_.find(asyncContext->instanceId); + // id is existed mean a pop window is showing, add context to waiting queue + if (iter != instanceIdMap_.end()) { + LOGI(ATM_DOMAIN, ATM_TAG, "InstanceId: %{public}d has existed.", asyncContext->instanceId); + instanceIdMap_[asyncContext->instanceId].emplace_back(asyncContext); + return; + } + // make sure id is in map to indicate a pop-up window is showing + instanceIdMap_[asyncContext->instanceId] = {}; + } + StartUIExtension(asyncContext); +} + +bool static CheckPermList(std::vector permList, std::vector tmpPermList) +{ + if (permList.size() != tmpPermList.size()) { + LOGI(ATM_DOMAIN, ATM_TAG, "Perm list size not equal, CurrentPermList size: %{public}zu.", tmpPermList.size()); + return false; + } + + for (const auto& item : permList) { + auto iter = std::find_if(tmpPermList.begin(), tmpPermList.end(), [item](const std::string& perm) { + return item == perm; + }); + if (iter == tmpPermList.end()) { + LOGI(ATM_DOMAIN, ATM_TAG, "Different permission lists."); + return false; + } + } + return true; +} + +void RequestOnSettingAsyncInstanceControl::UpdateQueueData( + const std::shared_ptr& reqContext) +{ + if (reqContext->errorCode != RET_SUCCESS) { + LOGI(ATM_DOMAIN, ATM_TAG, "The queue data does not need to be updated."); + return; + } + for (const int32_t item : reqContext->stateList) { + if (item != PERMISSION_GRANTED) { + LOGI(ATM_DOMAIN, ATM_TAG, "The queue data does not need to be updated"); + return; + } + } + + { + std::lock_guard lock(instanceIdMutex_); + int32_t id = reqContext->instanceId; + auto iter = instanceIdMap_.find(id); + if (iter == instanceIdMap_.end()) { + LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d not existed.", id); + return; + } + std::vector permList = reqContext->permissionList; + LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map size: %{public}zu.", id, iter->second.size()); + for (auto& asyncContext : iter->second) { + std::vector tmpPermList = asyncContext->permissionList; + + if (CheckPermList(permList, tmpPermList)) { + asyncContext->errorCode = reqContext->errorCode; + asyncContext->stateList = reqContext->stateList; + asyncContext->isDynamic = false; + } + } + } +} + +void RequestOnSettingAsyncInstanceControl::ExecCallback(int32_t id) +{ + std::shared_ptr asyncContext = nullptr; + bool isDynamic = false; + { + std::lock_guard lock(instanceIdMutex_); + auto iter = instanceIdMap_.find(id); + if (iter == instanceIdMap_.end()) { + LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d not existed.", id); + return; + } + while (!iter->second.empty()) { + LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map size: %{public}zu.", id, iter->second.size()); + asyncContext = iter->second[0]; + iter->second.erase(iter->second.begin()); + CheckDynamicRequest(asyncContext, isDynamic); + if (isDynamic) { + break; + } + } + if (iter->second.empty()) { + LOGI(ATM_DOMAIN, ATM_TAG, "Id: %{public}d, map is empty", id); + instanceIdMap_.erase(id); + } + } + if (isDynamic) { + StartUIExtension(asyncContext); + } +} + +void RequestOnSettingAsyncInstanceControl::CheckDynamicRequest( + std::shared_ptr& asyncContext, bool& isDynamic) +{ + isDynamic = asyncContext->isDynamic; + if (!isDynamic) { + LOGI(ATM_DOMAIN, ATM_TAG, "It does not need to request permission exsion"); + PermissionResultsCallbackUI( + TransferToJsErrorCode(asyncContext->errorCode), asyncContext->stateList, asyncContext); + return; + } +} + napi_value NapiRequestPermissionOnSetting::RequestPermissionOnSetting(napi_env env, napi_callback_info info) { LOGD(ATM_DOMAIN, ATM_TAG, "RequestPermissionOnSetting begin."); @@ -508,8 +631,10 @@ void NapiRequestPermissionOnSetting::RequestPermissionOnSettingExecute(napi_env return; } + GetInstanceId(asyncContextHandle->asyncContextPtr); LOGI(ATM_DOMAIN, ATM_TAG, "Start to pop ui extension dialog"); - StartUIExtension(asyncContextHandle->asyncContextPtr); + + RequestOnSettingAsyncInstanceControl::AddCallbackByInstanceId(asyncContextHandle->asyncContextPtr); if (asyncContextHandle->asyncContextPtr->result != JsErrorCode::JS_OK) { LOGW(ATM_DOMAIN, ATM_TAG, "Failed to pop uiextension dialog."); } @@ -532,10 +657,6 @@ void NapiRequestPermissionOnSetting::RequestPermissionOnSettingComplete(napi_env // return error if (asyncContextHandle->asyncContextPtr->deferred != nullptr) { int32_t jsCode = NapiContextCommon::GetJsErrorCode(asyncContextHandle->asyncContextPtr->result); - if ((asyncContextHandle->asyncContextPtr->result == RET_FAILED) && - (asyncContextHandle->asyncContextPtr->errorCode == REQUEST_REALDY_EXIST)) { - jsCode = TransferToJsErrorCode(REQUEST_REALDY_EXIST); - } napi_value businessError = GenerateBusinessError(env, jsCode, GetErrorMessage(jsCode)); NAPI_CALL_RETURN_VOID(env, napi_reject_deferred(env, asyncContextHandle->asyncContextPtr->deferred, businessError)); diff --git a/interfaces/kits/js/napi/accesstoken/include/napi_request_global_switch_on_setting.h b/interfaces/kits/js/napi/accesstoken/include/napi_request_global_switch_on_setting.h index 76f9a1989..ee549aabe 100644 --- a/interfaces/kits/js/napi/accesstoken/include/napi_request_global_switch_on_setting.h +++ b/interfaces/kits/js/napi/accesstoken/include/napi_request_global_switch_on_setting.h @@ -47,6 +47,8 @@ struct RequestGlobalSwitchAsyncContext : public AtManagerAsyncWorkData { napi_value requestResult = nullptr; int32_t errorCode = -1; bool switchStatus = false; + int32_t instanceId = -1; + bool isDynamic = true; std::shared_ptr abilityContext; std::shared_ptr uiExtensionContext; bool uiAbilityFlag = false; @@ -66,6 +68,18 @@ struct RequestGlobalSwitchAsyncContextHandle { std::shared_ptr asyncContextPtr; }; +class RequestGlobalSwitchAsyncInstanceControl { + public: + static void AddCallbackByInstanceId(std::shared_ptr& asyncContext); + static void ExecCallback(int32_t id); + static void CheckDynamicRequest( + std::shared_ptr& asyncContext, bool& isDynamic); + static void UpdateQueueData(const std::shared_ptr& asyncContext); + private: + static std::map>> instanceIdMap_; + static std::mutex instanceIdMutex_; +}; + class SwitchOnSettingUICallback { public: explicit SwitchOnSettingUICallback(const std::shared_ptr& reqContext); diff --git a/interfaces/kits/js/napi/accesstoken/include/napi_request_permission_on_setting.h b/interfaces/kits/js/napi/accesstoken/include/napi_request_permission_on_setting.h index 7318e2839..603f53fd2 100644 --- a/interfaces/kits/js/napi/accesstoken/include/napi_request_permission_on_setting.h +++ b/interfaces/kits/js/napi/accesstoken/include/napi_request_permission_on_setting.h @@ -38,6 +38,8 @@ struct RequestPermOnSettingAsyncContext : public AtManagerAsyncWorkData { PermissionGrantInfo info; int32_t resultCode = -1; + int32_t instanceId = -1; + bool isDynamic = true; std::vector permissionList; napi_value requestResult = nullptr; int32_t errorCode = -1; @@ -61,6 +63,18 @@ struct RequestOnSettingAsyncContextHandle { std::shared_ptr asyncContextPtr; }; +class RequestOnSettingAsyncInstanceControl { + public: + static void AddCallbackByInstanceId(std::shared_ptr& asyncContext); + static void ExecCallback(int32_t id); + static void CheckDynamicRequest( + std::shared_ptr& asyncContext, bool& isDynamic); + static void UpdateQueueData(const std::shared_ptr& asyncContext); + private: + static std::map>> instanceIdMap_; + static std::mutex instanceIdMutex_; +}; + class PermissonOnSettingUICallback { public: explicit PermissonOnSettingUICallback(const std::shared_ptr& reqContext); -- Gitee From 25531535974e9ebb2e4ff2ca2a9beb3f6234a692 Mon Sep 17 00:00:00 2001 From: fundavid Date: Mon, 14 Apr 2025 11:29:51 +0800 Subject: [PATCH 042/103] unmarshall coverage & el5 module_name fixed Signed-off-by: fundavid --- .../inner_api/el5filekeymanager/test/BUILD.gn | 2 +- .../src/el5_filekey_manager_kit_unittest.cpp | 21 +++++++++++++++++++ services/el5filekeymanager/test/BUILD.gn | 6 +++--- 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/interfaces/inner_api/el5filekeymanager/test/BUILD.gn b/interfaces/inner_api/el5filekeymanager/test/BUILD.gn index 764d38de9..bc1b9052f 100644 --- a/interfaces/inner_api/el5filekeymanager/test/BUILD.gn +++ b/interfaces/inner_api/el5filekeymanager/test/BUILD.gn @@ -17,7 +17,7 @@ import("../../../../access_token.gni") ohos_unittest("el5_filekey_manager_kit_unittest") { subsystem_name = "accesscontrol" part_name = "access_token" - module_out_path = "access_token/access_token" + module_out_path = "access_token/el5_filekey_manager" sanitize = { cfi = true cfi_cross_dso = true diff --git a/interfaces/inner_api/el5filekeymanager/test/unittest/src/el5_filekey_manager_kit_unittest.cpp b/interfaces/inner_api/el5filekeymanager/test/unittest/src/el5_filekey_manager_kit_unittest.cpp index 07337f276..9dcf219fd 100644 --- a/interfaces/inner_api/el5filekeymanager/test/unittest/src/el5_filekey_manager_kit_unittest.cpp +++ b/interfaces/inner_api/el5filekeymanager/test/unittest/src/el5_filekey_manager_kit_unittest.cpp @@ -16,6 +16,7 @@ #include "el5_filekey_manager_kit_unittest.h" #include "accesstoken_kit.h" +#include "user_app_key_info.h" #include "el5_filekey_callback_interface_stub.h" #include "el5_filekey_manager_error.h" #include "el5_filekey_manager_kit.h" @@ -137,6 +138,26 @@ HWTEST_F(El5FilekeyManagerKitTest, GetUserAppKey001, TestSize.Level1) ASSERT_EQ(El5FilekeyManagerKit::GetUserAppKey(userId, keyInfos), EFM_ERR_NO_PERMISSION); } +/** + * @tc.name: UserAppKeyInfo001 + * @tc.desc: interface coverage + * @tc.type: FUNC + * @tc.require: issueI9JGMV + */ +HWTEST_F(El5FilekeyManagerKitTest, UserAppKeyInfo001, TestSize.Level0) +{ + std::string mockKeyInfo("mockKeyInfo"); + UserAppKeyInfo src(100, mockKeyInfo); + OHOS::Parcel parcel{}; + EXPECT_TRUE(src.Marshalling(parcel)); + + UserAppKeyInfo *dst = UserAppKeyInfo::Unmarshalling(parcel); + EXPECT_NE(dst, nullptr); + EXPECT_EQ(src.first, dst->first); + EXPECT_EQ(src.second, dst->second); + delete dst; +} + /** * @tc.name: ChangeUserAppkeysLoadInfo001 * @tc.desc: Change key infos of the specified user id without permission. diff --git a/services/el5filekeymanager/test/BUILD.gn b/services/el5filekeymanager/test/BUILD.gn index 9e94d9b2e..3bc0d39c9 100644 --- a/services/el5filekeymanager/test/BUILD.gn +++ b/services/el5filekeymanager/test/BUILD.gn @@ -18,7 +18,7 @@ if (is_standard_system && ability_base_enable == true) { ohos_unittest("el5_filekey_manager_service_mock_unittest") { subsystem_name = "accesscontrol" part_name = "access_token" - module_out_path = "access_token/access_token" + module_out_path = "access_token/el5_filekey_manager" sanitize = { cfi = true cfi_cross_dso = true @@ -85,7 +85,7 @@ if (is_standard_system && ability_base_enable == true) { ohos_unittest("el5_filekey_manager_service_unittest") { subsystem_name = "accesscontrol" part_name = "access_token" - module_out_path = "access_token/access_token" + module_out_path = "access_token/el5_filekey_manager" sanitize = { cfi = true cfi_cross_dso = true @@ -148,7 +148,7 @@ if (is_standard_system && ability_base_enable == true) { ohos_unittest("el5_filekey_manager_stub_unittest") { subsystem_name = "accesscontrol" part_name = "access_token" - module_out_path = "access_token/access_token" + module_out_path = "access_token/el5_filekey_manager" sanitize = { cfi = true cfi_cross_dso = true -- Gitee From 0224812e5794790a5572601449110b8dfc465cc0 Mon Sep 17 00:00:00 2001 From: liaiwuqiu Date: Mon, 14 Apr 2025 06:21:38 +0000 Subject: [PATCH 043/103] update services/accesstokenmanager/permission_definitions.json. Signed-off-by: liaiwuqiu --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index aeb876a7c..837d3b692 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6082,6 +6082,16 @@ "provisionEnable": true, "distributedSceneEnable": false }, + { + "name": "ohos.permission.ALLOW_ACCESS_TIPS", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 18, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false + }, { "name": "ohos.permission.GET_DOMAIN_ACCOUNT_SERVER_CONFIGS", "grantMode": "system_grant", -- Gitee From 27d260af7e1da1e19db45f22c3a4dcb0c9bf9469 Mon Sep 17 00:00:00 2001 From: fanzexuan Date: Tue, 15 Apr 2025 11:17:35 +0800 Subject: [PATCH 044/103] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=97=A0=E9=9A=9C?= =?UTF-8?q?=E7=A2=8D=E6=89=A9=E5=B1=95=E6=9C=8D=E5=8A=A1=E6=8E=A5=E5=8F=A3?= =?UTF-8?q?=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: fanzexuan --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 837d3b692..da7b38d7a 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6451,6 +6451,16 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.ACCESSIBILITY_EXTENSION_ABILITY", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false } ] } -- Gitee From a8ceeda9c318a39c43788c169eabceadceaa049a Mon Sep 17 00:00:00 2001 From: lixinsheng2 Date: Tue, 15 Apr 2025 15:03:14 +0800 Subject: [PATCH 045/103] Modify the permission definition to be consistent with the e-stream Signed-off-by: lixinsheng2 --- services/accesstokenmanager/permission_definitions.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 837d3b692..ef3069317 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -2145,7 +2145,7 @@ "grantMode": "system_grant", "availableLevel": "system_basic", "availableType": "NORMAL", - "since": 10, + "since": 11, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false @@ -2175,7 +2175,7 @@ "grantMode": "system_grant", "availableLevel": "normal", "availableType": "NORMAL", - "since": 10, + "since": 11, "deprecated": "", "provisionEnable": false, "distributedSceneEnable": false -- Gitee From 34ccde2f723caf828ab8a14090ccdc69d7ffb974 Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Tue, 15 Apr 2025 16:33:48 +0800 Subject: [PATCH 046/103] =?UTF-8?q?AT=E9=80=82=E9=85=8D=EF=BC=8CIDL?= =?UTF-8?q?=E5=B7=A5=E5=85=B7-=E4=BF=AE=E5=A4=8Dinout=E4=B8=8E=E6=95=B0?= =?UTF-8?q?=E7=BB=84=E7=BB=84=E5=90=88=E6=9C=AA=E6=B8=85=E6=A5=9Ain?= =?UTF-8?q?=E9=83=A8=E5=88=86=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: I27f3cfe4f9a442584d8ab49394ed2e251cf2e786 --- .../accesstoken/src/accesstoken_manager_client.cpp | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index e2d5ac4dd..cc2de1369 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -39,7 +39,6 @@ static const int32_t SA_ID_ACCESSTOKEN_MANAGER_SERVICE = 3503; static const int MAX_PERMISSION_SIZE = 1000; static const int32_t MAX_USER_POLICY_SIZE = 1024; static const int32_t MAX_EXTENDED_VALUE_LIST_SIZE = 512; -const size_t NUMBER_TWO = 2; } // namespace static const uint32_t MAX_CALLBACK_MAP_SIZE = 200; @@ -243,7 +242,7 @@ PermissionOper AccessTokenManagerClient::GetSelfPermissionsState(std::vector Date: Tue, 15 Apr 2025 15:21:21 +0800 Subject: [PATCH 047/103] sync design Signed-off-by: amao Change-Id: I9cec8af3ddc3d2859b1c8d949ba4a9592384972c --- services/accesstokenmanager/permission_definitions.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 837d3b692..0acd215af 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -234,7 +234,7 @@ "name": "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", "grantMode": "system_grant", "availableLevel": "system_basic", - "availableType": "SYSTEM", + "availableType": "ENTERPRISE_NORMAL", "since": 7, "deprecated": "", "provisionEnable": true, @@ -2549,7 +2549,7 @@ "availableType": "NORMAL", "since": 11, "deprecated": "", - "provisionEnable": false, + "provisionEnable": true, "distributedSceneEnable": false }, { -- Gitee From 31aac8f8e42278b1a079ae4ffbef9bd9c844f9e9 Mon Sep 17 00:00:00 2001 From: dingqiaoqiao Date: Tue, 15 Apr 2025 17:14:50 +0800 Subject: [PATCH 048/103] =?UTF-8?q?=E5=B7=AE=E5=BC=82=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: dingqiaoqiao Change-Id: I53d9d20272d723be6bd988c254c360004b66519a --- services/accesstokenmanager/permission_definitions.json | 2 +- .../include/background_task_manager_access_proxy.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index ef3069317..2725ef24a 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -5356,7 +5356,7 @@ "since": 12, "deprecated": "", "provisionEnable": true, - "distributedSceneEnable": false + "distributedSceneEnable": true }, { "name": "ohos.permission.INJECT_INPUT_EVENT", diff --git a/services/common/background_task_manager/include/background_task_manager_access_proxy.h b/services/common/background_task_manager/include/background_task_manager_access_proxy.h index b56028f5f..58a892fda 100644 --- a/services/common/background_task_manager/include/background_task_manager_access_proxy.h +++ b/services/common/background_task_manager/include/background_task_manager_access_proxy.h @@ -25,7 +25,7 @@ namespace Security { namespace AccessToken { class IBackgroundTaskSubscriber : public IRemoteBroker { public: - DECLARE_INTERFACE_DESCRIPTOR(u"ohos.resourceschedule.IBackgroundTaskSubscriber"); + DECLARE_INTERFACE_DESCRIPTOR(u"OHOS.BackgroundTaskMgr.IBackgroundTaskSubscriber"); virtual void OnContinuousTaskStart( const std::shared_ptr &continuousTaskCallbackInfo) = 0; -- Gitee From a0b89e7135fd52efe2ac3b52c0639468ea3572c9 Mon Sep 17 00:00:00 2001 From: h00453403 Date: Tue, 15 Apr 2025 21:46:33 +0800 Subject: [PATCH 049/103] fix availableType in WRITE_WHOLE_CALENDAR and READ_WHOLE_CALENDAR Change-Id: I477edaca74a774c332fb08c0a1fb3b261bde577b Signed-off-by: h00453403 --- services/accesstokenmanager/permission_definitions.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index ef3069317..3cbadb9fd 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -4918,7 +4918,7 @@ "name": "ohos.permission.READ_WHOLE_CALENDAR", "grantMode": "user_grant", "availableLevel": "system_basic", - "availableType": "NORMAL", + "availableType": "SYSTEM", "since": 9, "deprecated": "", "provisionEnable": true, @@ -4930,7 +4930,7 @@ "name": "ohos.permission.WRITE_WHOLE_CALENDAR", "grantMode": "user_grant", "availableLevel": "system_basic", - "availableType": "NORMAL", + "availableType": "SYSTEM", "since": 9, "deprecated": "", "provisionEnable": true, -- Gitee From 908eca5efb18933b191bb56efab0ac536709f4da Mon Sep 17 00:00:00 2001 From: l30067926 Date: Tue, 15 Apr 2025 22:53:42 +0800 Subject: [PATCH 050/103] 25-4-152253 Signed-off-by: l30067926 Change-Id: Ia333092dcd69a07eec07dd12f512839ab21c732b --- services/common/app_manager/include/app_state_data.h | 1 + services/common/app_manager/src/app_state_data.cpp | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/services/common/app_manager/include/app_state_data.h b/services/common/app_manager/include/app_state_data.h index e8d352330..2f65d2ac0 100644 --- a/services/common/app_manager/include/app_state_data.h +++ b/services/common/app_manager/include/app_state_data.h @@ -41,6 +41,7 @@ struct AppStateData : public Parcelable { std::string bundleName; int32_t pid = -1; int32_t uid = 0; + int32_t callerUid = -1; int32_t state = 0; uint32_t accessTokenId = 0; bool isFocused = false; diff --git a/services/common/app_manager/src/app_state_data.cpp b/services/common/app_manager/src/app_state_data.cpp index 48d3bd556..6763062ff 100644 --- a/services/common/app_manager/src/app_state_data.cpp +++ b/services/common/app_manager/src/app_state_data.cpp @@ -23,7 +23,7 @@ bool AppStateData::Marshalling(Parcel &parcel) const return (parcel.WriteString(bundleName) && parcel.WriteInt32(uid) && parcel.WriteInt32(state) && parcel.WriteInt32(pid) && parcel.WriteUint32(accessTokenId) && parcel.WriteBool(isFocused) && parcel.WriteInt32(extensionType) && parcel.WriteInt32Vector(renderPids) - && parcel.WriteString(callerBundleName) && parcel.WriteBool(isSplitScreenMode) + && parcel.WriteString(callerBundleName) && parcel.WriteBool(isSplitScreenMode) && parcel.WriteInt32(callerUid) && parcel.WriteBool(isFloatingWindowMode) && parcel.WriteInt32(appIndex) && parcel.WriteBool(isPreloadModule)); } @@ -43,6 +43,7 @@ AppStateData *AppStateData::Unmarshalling(Parcel &parcel) parcel.ReadInt32Vector(&appStateData->renderPids); appStateData->callerBundleName = parcel.ReadString(); appStateData->isSplitScreenMode = parcel.ReadBool(); + appStateData->callerUid = parcel.ReadInt32(); appStateData->isFloatingWindowMode = parcel.ReadBool(); appStateData->appIndex = parcel.ReadInt32(); appStateData->isPreloadModule = parcel.ReadBool(); -- Gitee From 8643f7bc6fdb395887e78923210637bed1212983 Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Wed, 16 Apr 2025 11:43:01 +0800 Subject: [PATCH 051/103] =?UTF-8?q?FUZZ=E9=AB=98=E9=A3=8E=E9=99=A9?= =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E8=A6=86=E7=9B=96250416?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: Ib2a762a86feb60e15c3830e0e81f0af2f898d11f --- .../dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp index 96e30a502..03ff2eaa4 100644 --- a/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/dumptokeninfostub_fuzzer/dumptokeninfostub_fuzzer.cpp @@ -38,7 +38,12 @@ namespace OHOS { MessageParcel datas; datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); - if (!datas.WriteUint32(tokenId)) { + + AtmToolsParamInfo info; + info.tokenId = tokenId; + AtmToolsParamInfoParcel infoParcel; + infoParcel.info = info; + if (!datas.WriteParcelable(&infoParcel)) { return false; } -- Gitee From 101ba7b8f1563eb152ac91b44c5235a06cb1c5a8 Mon Sep 17 00:00:00 2001 From: fundavid Date: Wed, 16 Apr 2025 16:01:00 +0800 Subject: [PATCH 052/103] tdd fixed Signed-off-by: fundavid --- ..._filekey_manager_service_mock_unittest.cpp | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/services/el5filekeymanager/test/src/el5_filekey_manager_service_mock_unittest.cpp b/services/el5filekeymanager/test/src/el5_filekey_manager_service_mock_unittest.cpp index ef928ba96..9d79db749 100644 --- a/services/el5filekeymanager/test/src/el5_filekey_manager_service_mock_unittest.cpp +++ b/services/el5filekeymanager/test/src/el5_filekey_manager_service_mock_unittest.cpp @@ -155,6 +155,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, AcquireAccess001, TestSize.Level1) MockIpc::SetCallingUid(20020025); uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata"); + // if medialibrarydata not exist, try contactsdataability + if (tokenId == INVALID_TOKENID) { + tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability"); + } + ASSERT_NE(tokenId, INVALID_TOKENID); MockIpc::SetCallingTokenID(static_cast(tokenId)); ASSERT_EQ(el5FilekeyManagerService_->AcquireAccess(DataLockType::DEFAULT_DATA), EFM_SUCCESS); @@ -172,6 +177,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, AcquireAccess002, TestSize.Level1) MockIpc::SetCallingUid(20020025); uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata"); + // if medialibrarydata not exist, try contactsdataability + if (tokenId == INVALID_TOKENID) { + tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability"); + } + ASSERT_NE(tokenId, INVALID_TOKENID); MockIpc::SetCallingTokenID(static_cast(tokenId)); ASSERT_EQ(el5FilekeyManagerService_->AcquireAccess(DataLockType::DEFAULT_DATA), EFM_SUCCESS); @@ -189,6 +199,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, ReleaseAccess001, TestSize.Level1) MockIpc::SetCallingUid(20020025); uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata"); + // if medialibrarydata not exist, try contactsdataability + if (tokenId == INVALID_TOKENID) { + tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability"); + } + ASSERT_NE(tokenId, INVALID_TOKENID); MockIpc::SetCallingTokenID(static_cast(tokenId)); ASSERT_EQ(el5FilekeyManagerService_->ReleaseAccess(DataLockType::DEFAULT_DATA), EFM_SUCCESS); @@ -206,6 +221,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, ReleaseAccess002, TestSize.Level1) MockIpc::SetCallingUid(20020025); uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata"); + // if medialibrarydata not exist, try contactsdataability + if (tokenId == INVALID_TOKENID) { + tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability"); + } + ASSERT_NE(tokenId, INVALID_TOKENID); MockIpc::SetCallingTokenID(static_cast(tokenId)); ASSERT_EQ(el5FilekeyManagerService_->ReleaseAccess(DataLockType::DEFAULT_DATA), EFM_SUCCESS); @@ -539,6 +559,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, QueryAppKeyState001, TestSize.Level1) MockIpc::SetCallingUid(20020025); uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata"); + // if medialibrarydata not exist, try contactsdataability + if (tokenId == INVALID_TOKENID) { + tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability"); + } + ASSERT_NE(tokenId, INVALID_TOKENID); MockIpc::SetCallingTokenID(static_cast(tokenId)); ASSERT_EQ(el5FilekeyManagerService_->QueryAppKeyState(DataLockType::DEFAULT_DATA), EFM_SUCCESS); @@ -556,6 +581,11 @@ HWTEST_F(El5FilekeyManagerServiceMockTest, QueryAppKeyState002, TestSize.Level1) MockIpc::SetCallingUid(20020025); uint64_t tokenId = GetTokenIdFromBundleName("com.ohos.medialibrary.medialibrarydata"); + // if medialibrarydata not exist, try contactsdataability + if (tokenId == INVALID_TOKENID) { + tokenId = GetTokenIdFromBundleName("com.ohos.contactsdataability"); + } + ASSERT_NE(tokenId, INVALID_TOKENID); MockIpc::SetCallingTokenID(static_cast(tokenId)); ASSERT_EQ(el5FilekeyManagerService_->QueryAppKeyState(DataLockType::DEFAULT_DATA), EFM_SUCCESS); -- Gitee From d8d914b6edaf8d1d37db5f087a5964d9d8543df0 Mon Sep 17 00:00:00 2001 From: "@ran-zhao-yu" Date: Wed, 16 Apr 2025 16:58:36 +0800 Subject: [PATCH 053/103] =?UTF-8?q?=E4=BF=AE=E6=94=B9ohos.permission.UPDAT?= =?UTF-8?q?E=5FFONT=E6=9D=83=E9=99=90=E7=89=88=E6=9C=AC=E5=8F=B7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: @ran-zhao-yu --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 46724b512..10be35ac3 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6307,7 +6307,7 @@ "grantMode": "system_grant", "availableLevel": "system_basic", "availableType": "SYSTEM", - "since": 18, + "since": 19, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false -- Gitee From a3895a37d258f9d880b7840be8dcd7def5511f87 Mon Sep 17 00:00:00 2001 From: wangzhen Date: Thu, 17 Apr 2025 10:01:14 +0800 Subject: [PATCH 054/103] permission type Signed-off-by: wangzhen Change-Id: Ibf6a61c24978773770bd63b10bf9fa0df310f6fe --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 46724b512..1b2026145 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -544,7 +544,7 @@ "name": "ohos.permission.CLEAN_BACKGROUND_PROCESSES", "grantMode": "system_grant", "availableLevel": "normal", - "availableType": "SYSTEM", + "availableType": "NORMAL", "since": 7, "deprecated": "", "provisionEnable": true, -- Gitee From 5887cae12497e7a60935dfbdc7321de6efe63e56 Mon Sep 17 00:00:00 2001 From: xia-bubai Date: Mon, 14 Apr 2025 22:18:38 +0800 Subject: [PATCH 055/103] =?UTF-8?q?=E5=8E=BB=E9=99=A4init=20=E8=AF=BBnativ?= =?UTF-8?q?etoken.json=E6=97=B6=E6=9D=83=E9=99=90=E6=95=B0=E9=87=8F?= =?UTF-8?q?=E4=B8=8Edcaps=E6=95=B0=E9=87=8F=E6=9C=80=E5=A4=A7=E9=99=90?= =?UTF-8?q?=E5=88=B6=20=E6=9D=83=E9=99=90=E7=8A=B6=E6=80=81=E8=A1=A8?= =?UTF-8?q?=E7=9A=84deviceID=E9=BB=98=E8=AE=A4=E5=86=99=E4=B8=BAPHONE-001?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: xia-bubai --- interfaces/innerkits/nativetoken/include/nativetoken.h | 1 + interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c | 2 +- .../nativetoken/test/unittest/src/nativetoken_oper_test.cpp | 2 +- .../main/cpp/src/database/data_translator.cpp | 3 ++- 4 files changed, 5 insertions(+), 3 deletions(-) diff --git a/interfaces/innerkits/nativetoken/include/nativetoken.h b/interfaces/innerkits/nativetoken/include/nativetoken.h index 6c403e02e..78ec21af5 100644 --- a/interfaces/innerkits/nativetoken/include/nativetoken.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken.h @@ -42,6 +42,7 @@ extern "C" { #define TOKEN_RANDOM_MASK ((1 << 20) - 1) #define MAX_RETRY_LOCK_TIMES 10 #define SLEEP_TIME (500*1000) +#define MAX_MALLOC_SIZE 8192 #define ATRET_FAILED 1 #define ATRET_SUCCESS 0 diff --git a/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c b/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c index 0288d6adc..3108c96a8 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c @@ -90,7 +90,7 @@ uint32_t GetInfoArrFromJson(cJSON *cjsonItem, char **strArr[], int32_t *strNum, { cJSON *strArrJson = cJSON_GetObjectItem(cjsonItem, attr->strKey); int32_t size = cJSON_GetArraySize(strArrJson); - if (size > attr->maxStrNum) { + if (size > MAX_MALLOC_SIZE) { NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:size = %d is invalid.", __func__, size); return ATRET_FAILED; } diff --git a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp index abc3a6258..6734205df 100644 --- a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp +++ b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp @@ -188,7 +188,7 @@ HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level1) "\"dcaps\":[\"DCAPS_AT\",\"DCAPS_AT\", \"DCAPS_AT\",\"DCAPS_AT\"]," "\"permissions\":[],\"nativeAcls\":[]}"; cJSON* jsonroot = cJSON_Parse(stringJson1); - EXPECT_NE(GetInfoArrFromJson(jsonroot, &test, &resSize, &attr), 0); + EXPECT_EQ(GetInfoArrFromJson(jsonroot, &test, &resSize, &attr), 0); cJSON_Delete(jsonroot); stringJson1 = "{\"processName\":\"partitionslot_host\"," diff --git a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp index 582841fd7..dc496c85b 100644 --- a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp @@ -76,7 +76,8 @@ int DataTranslator::TranslationIntoGenericValues(const PermissionStatus& inPermi GenericValues& outGenericValues) { outGenericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, inPermissionState.permissionName); - outGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, ""); + outGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, "PHONE-001"); + outGenericValues.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, 1); outGenericValues.Put(TokenFiledConst::FIELD_GRANT_STATE, inPermissionState.grantStatus); int32_t grantFlag = static_cast(inPermissionState.grantFlag); outGenericValues.Put(TokenFiledConst::FIELD_GRANT_FLAG, grantFlag); -- Gitee From 4e5d9f4fe00be91672bc398d55263ffb28a8c516 Mon Sep 17 00:00:00 2001 From: chenxiaobaobb <2664761650@qq.com> Date: Fri, 18 Apr 2025 02:39:25 +0000 Subject: [PATCH 056/103] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=9D=83=E9=99=90?= =?UTF-8?q?=E5=BA=94=E7=94=A8=E8=8C=83=E5=9B=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chenxiaobaobb <2664761650@qq.com> --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 61bf26611..ac1a6ee73 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -1894,7 +1894,7 @@ "name": "ohos.permission.RESTRICT_APPLICATION_ACTIVE", "grantMode": "system_grant", "availableLevel": "system_basic", - "availableType": "NORMAL", + "availableType": "SYSTEM", "since": 10, "deprecated": "", "provisionEnable": false, -- Gitee From 4a43e478df28bae0f069316188ed764292fc7835 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=9C=E5=BF=97=E6=81=92?= Date: Thu, 17 Apr 2025 16:43:50 +0800 Subject: [PATCH 057/103] =?UTF-8?q?=E6=96=B0=E5=A2=9Eohos=5Fpermission.SAN?= =?UTF-8?q?DBOX=5FACCESS=5FMANAGER=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 姜志恒 --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 46724b512..7b80d2277 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6461,6 +6461,16 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.SANDBOX_ACCESS_MANAGER", + "grantMode": "system_grant", + "availableLevel": "system_core", + "availableType": "SYSTEM", + "since": 17, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false } ] } -- Gitee From f08bb37f9ac50427957183d11d9dcaf0bdc7a561 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=8E=E8=82=96=E8=91=9B?= Date: Sat, 19 Apr 2025 09:40:36 +0800 Subject: [PATCH 058/103] =?UTF-8?q?=E5=8D=A1=E7=89=87=E6=A1=86=E6=9E=B6?= =?UTF-8?q?=E6=9D=83=E9=99=90availableType=E4=B8=8E=E8=AE=BE=E8=AE=A1?= =?UTF-8?q?=E5=90=8C=E6=AD=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 李肖葛 --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index ac1a6ee73..a4b0c0394 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -2196,7 +2196,7 @@ "name": "ohos.permission.AGENT_REQUIRE_FORM", "grantMode": "system_grant", "availableLevel": "system_basic", - "availableType": "NORMAL", + "availableType": "SYSTEM", "since": 11, "deprecated": "", "provisionEnable": true, -- Gitee From 2c4922422dd79e747962242f5838ecfb0e02f96e Mon Sep 17 00:00:00 2001 From: lanhaoyu Date: Thu, 17 Apr 2025 17:03:28 +0800 Subject: [PATCH 059/103] add ohos.permission.GET_ABILITY_INFO permission Signed-off-by: lanhaoyu --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index f137dedc7..307b9c721 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6461,6 +6461,16 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.GET_ABILITY_INFO", + "grantMode": "user_grant", + "availableLevel": "system_basic", + "availableType": "NORMAL", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false } ] } -- Gitee From 03a4aae4417b3126b7b4deed5753534cca672362 Mon Sep 17 00:00:00 2001 From: xiaozuo00 Date: Mon, 21 Apr 2025 11:18:22 +0800 Subject: [PATCH 060/103] =?UTF-8?q?=E6=8F=92=E4=BB=B6=E6=9D=83=E9=99=90?= =?UTF-8?q?=E4=BF=AE=E6=94=B9=E4=B8=BAapi19?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: xiaozuo00 --- services/accesstokenmanager/permission_definitions.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index ea4d3d28f..c2b666fc8 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -4487,7 +4487,7 @@ "grantMode": "system_grant", "availableLevel": "system_basic", "availableType": "SYSTEM", - "since": 18, + "since": 19, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false @@ -4497,7 +4497,7 @@ "grantMode": "system_grant", "availableLevel": "system_basic", "availableType": "SYSTEM", - "since": 18, + "since": 19, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false @@ -4507,7 +4507,7 @@ "grantMode": "system_grant", "availableLevel": "system_basic", "availableType": "NORMAL", - "since": 18, + "since": 19, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false -- Gitee From da6807f8617610091003dabc83bd2d6064b0b984 Mon Sep 17 00:00:00 2001 From: bigtea Date: Tue, 15 Apr 2025 15:52:10 +0800 Subject: [PATCH 061/103] Add GetSelfPermissionStatus Signed-off-by: bigtea --- .../napi/accesstoken/src/napi_atmanager.cpp | 116 +++- .../accesstoken/include/accesstoken_kit.h | 7 + .../accesstoken/libaccesstoken_sdk.map | 1 + .../accesstoken/src/accesstoken_kit.cpp | 9 + .../src/accesstoken_manager_client.cpp | 18 + .../src/accesstoken_manager_client.h | 1 + .../accesstoken/test/unittest/BUILD.gn | 1 + .../get_self_permission_status_test.cpp | 560 ++++++++++++++++++ .../get_self_permission_status_test.h | 42 ++ .../ProxyMockTest/accesstoken_mock_test.cpp | 13 + .../cj/accesstoken/include/at_manager_impl.h | 2 +- .../cj/accesstoken/src/at_manager_impl.cpp | 2 +- .../napi/accesstoken/include/napi_atmanager.h | 13 +- .../accesstokenmanager/etc/access_token.para | 5 +- .../etc/access_token.para.dac | 3 +- .../idl/IAccessTokenManager.idl | 1 + .../include/permission/permission_manager.h | 4 + .../service/accesstoken_manager_service.h | 1 + .../cpp/src/permission/permission_manager.cpp | 28 +- .../service/accesstoken_manager_service.cpp | 15 + test/fuzztest/innerkits/accesstoken/BUILD.gn | 1 + .../getselfpermissionstatus_fuzzer/BUILD.gn | 42 ++ .../corpus/init | 13 + .../getselfpermissionstatus_fuzzer.cpp | 50 ++ .../getselfpermissionstatus_fuzzer.h | 28 + .../project.xml | 25 + test/fuzztest/services/accesstoken/BUILD.gn | 1 + .../BUILD.gn | 50 ++ .../corpus/init | 14 + .../getselfpermissionstatusstub_fuzzer.cpp | 60 ++ .../getselfpermissionstatusstub_fuzzer.h | 21 + .../project.xml | 25 + 32 files changed, 1148 insertions(+), 24 deletions(-) create mode 100644 interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp create mode 100644 interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h create mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn create mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init create mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp create mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h create mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml create mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn create mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init create mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp create mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h create mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml diff --git a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp index fb96bff4c..f4d99b0ef 100644 --- a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp +++ b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp @@ -31,12 +31,16 @@ namespace AccessToken { std::mutex g_lockForPermStateChangeRegisters; std::vector g_permStateChangeRegisters; std::mutex g_lockCache; -std::map g_cache; +std::map g_cache; +std::mutex g_lockStatusCache; +std::map g_statusCache; static PermissionParamCache g_paramCache; +static PermissionParamCache g_paramFlagCache; static std::atomic g_cnt = 0; constexpr uint32_t REPORT_CNT = 10; namespace { static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change"; +static const char* PERMISSION_STATUS_FLAG_CHANGE_KEY = "accesstoken.permission.flagchange"; static const char* REGISTER_PERMISSION_STATE_CHANGE_TYPE = "permissionStateChange"; static const char* REGISTER_SELF_PERMISSION_STATE_CHANGE_TYPE = "selfPermissionStateChange"; constexpr uint32_t THIRD_PARAM = 2; @@ -238,6 +242,7 @@ napi_value NapiAtManager::Init(napi_env env, napi_value exports) DECLARE_NAPI_FUNCTION("requestPermissionOnSetting", NapiRequestPermissionOnSetting::RequestPermissionOnSetting), DECLARE_NAPI_FUNCTION("requestGlobalSwitch", NapiRequestGlobalSwitch::RequestGlobalSwitch), DECLARE_NAPI_FUNCTION("requestPermissionOnApplicationSetting", RequestAppPermOnSetting), + DECLARE_NAPI_FUNCTION("getSelfPermissionStatus", GetSelfPermissionStatusSync), }; napi_value cons = nullptr; @@ -533,36 +538,36 @@ napi_value NapiAtManager::CheckAccessToken(napi_env env, napi_callback_info info return result; } -std::string NapiAtManager::GetPermParamValue() +std::string NapiAtManager::GetPermParamValue(PermissionParamCache& paramCache, const char* paramKey) { long long sysCommitId = GetSystemCommitId(); - if (sysCommitId == g_paramCache.sysCommitIdCache) { + if (sysCommitId == paramCache.sysCommitIdCache) { LOGD(ATM_DOMAIN, ATM_TAG, "SysCommitId = %{public}lld", sysCommitId); - return g_paramCache.sysParamCache; + return paramCache.sysParamCache; } - g_paramCache.sysCommitIdCache = sysCommitId; - if (g_paramCache.handle == PARAM_DEFAULT_VALUE) { - int32_t handle = static_cast(FindParameter(PERMISSION_STATUS_CHANGE_KEY)); + paramCache.sysCommitIdCache = sysCommitId; + if (paramCache.handle == PARAM_DEFAULT_VALUE) { + int32_t handle = static_cast(FindParameter(paramKey)); if (handle == PARAM_DEFAULT_VALUE) { LOGE(ATM_DOMAIN, ATM_TAG, "FindParameter failed"); return "-1"; } - g_paramCache.handle = handle; + paramCache.handle = handle; } - int32_t currCommitId = static_cast(GetParameterCommitId(g_paramCache.handle)); - if (currCommitId != g_paramCache.commitIdCache) { + int32_t currCommitId = static_cast(GetParameterCommitId(paramCache.handle)); + if (currCommitId != paramCache.commitIdCache) { char value[NapiContextCommon::VALUE_MAX_LEN] = {0}; - auto ret = GetParameterValue(g_paramCache.handle, value, NapiContextCommon::VALUE_MAX_LEN - 1); + auto ret = GetParameterValue(paramCache.handle, value, NapiContextCommon::VALUE_MAX_LEN - 1); if (ret < 0) { LOGE(ATM_DOMAIN, ATM_TAG, "Return default value, ret=%{public}d", ret); return "-1"; } std::string resStr(value); - g_paramCache.sysParamCache = resStr; - g_paramCache.commitIdCache = currCommitId; + paramCache.sysParamCache = resStr; + paramCache.commitIdCache = currCommitId; } - return g_paramCache.sysParamCache; + return paramCache.sysParamCache; } void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext) @@ -570,7 +575,7 @@ void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext) std::lock_guard lock(g_lockCache); auto iter = g_cache.find(syncContext->permissionName); if (iter != g_cache.end()) { - std::string currPara = GetPermParamValue(); + std::string currPara = GetPermParamValue(g_paramCache, PERMISSION_STATUS_CHANGE_KEY); if (currPara != iter->second.paramValue) { syncContext->result = AccessTokenKit::VerifyAccessToken( syncContext->tokenId, syncContext->permissionName); @@ -583,7 +588,7 @@ void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext) } else { syncContext->result = AccessTokenKit::VerifyAccessToken(syncContext->tokenId, syncContext->permissionName); g_cache[syncContext->permissionName].status = syncContext->result; - g_cache[syncContext->permissionName].paramValue = GetPermParamValue(); + g_cache[syncContext->permissionName].paramValue = GetPermParamValue(g_paramCache, PERMISSION_STATUS_CHANGE_KEY); LOGD(ATM_DOMAIN, ATM_TAG, "G_cacheParam set %{public}s", g_cache[syncContext->permissionName].paramValue.c_str()); } @@ -1244,6 +1249,85 @@ napi_value NapiAtManager::RequestAppPermOnSetting(napi_env env, napi_callback_in return result; } +bool NapiAtManager::ParseInputGetPermStatus(const napi_env env, const napi_callback_info info, + AtManagerSyncContext& syncContext) +{ + size_t argc = NapiContextCommon::MAX_PARAMS_ONE; + napi_value argv[NapiContextCommon::MAX_PARAMS_ONE] = {nullptr}; + napi_value thisVar = nullptr; + + void *data = nullptr; + NAPI_CALL_BASE(env, napi_get_cb_info(env, info, &argc, argv, &thisVar, &data), false); + if (argc < NapiContextCommon::MAX_PARAMS_ONE) { + NAPI_CALL_BASE(env, napi_throw(env, GenerateBusinessError(env, + JsErrorCode::JS_ERROR_PARAM_ILLEGAL, "Parameter is missing.")), false); + return false; + } + + syncContext.env = env; + if (!ParseString(env, argv[0], syncContext.permissionName)) { + std::string errMsg = GetParamErrorMsg("permissionName", "string"); + NAPI_CALL_BASE(env, + napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false); + return false; + } + return true; +} + +napi_value NapiAtManager::GetSelfPermissionStatusSync(napi_env env, napi_callback_info info) +{ + auto* syncContext = new (std::nothrow) AtManagerSyncContext(); + if (syncContext == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "New struct fail."); + return nullptr; + } + + std::unique_ptr context {syncContext}; + if (!ParseInputGetPermStatus(env, info, *syncContext)) { + return nullptr; + } + + if ((syncContext->permissionName.empty()) || + ((syncContext->permissionName.length() > NapiContextCommon::MAX_LENGTH))) { + std::string errMsg = "Invalid parameter. The permissionName is empty or exceeds 256 characters."; + NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, JS_ERROR_PARAM_INVALID, errMsg))); + return nullptr; + } + + { + std::lock_guard lock(g_lockStatusCache); + auto iter = g_statusCache.find(syncContext->permissionName); + if (iter != g_statusCache.end()) { + std::string currPara = GetPermParamValue(g_paramFlagCache, PERMISSION_STATUS_FLAG_CHANGE_KEY); + if (currPara != iter->second.paramValue) { + syncContext->result = AccessTokenKit::GetSelfPermissionStatus(syncContext->permissionName, + syncContext->permissionsState); + iter->second.status = syncContext->permissionsState; + iter->second.paramValue = currPara; + } else { + syncContext->result = RET_SUCCESS; + syncContext->permissionsState = iter->second.status; + } + } else { + syncContext->result = AccessTokenKit::GetSelfPermissionStatus(syncContext->permissionName, + syncContext->permissionsState); + g_statusCache[syncContext->permissionName].status = syncContext->permissionsState; + g_statusCache[syncContext->permissionName].paramValue = GetPermParamValue( + g_paramFlagCache, PERMISSION_STATUS_FLAG_CHANGE_KEY); + } + } + + if (syncContext->result != RET_SUCCESS) { + int32_t jsCode = NapiContextCommon::GetJsErrorCode(syncContext->result); + NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, jsCode, GetErrorMessage(jsCode)))); + return nullptr; + } + + napi_value result = nullptr; + NAPI_CALL(env, napi_create_int32(env, static_cast(syncContext->permissionsState), &result)); + return result; +} + bool NapiAtManager::FillPermStateChangeInfo(const napi_env env, const napi_value* argv, const std::string& type, const napi_value thisVar, RegisterPermStateChangeInfo& registerPermStateChangeInfo) { diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index abe082293..b47baeff2 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -297,6 +297,13 @@ public: * @return error code, see access_token_error.h */ static int32_t RequestAppPermOnSetting(AccessTokenID tokenID); + /** + * @brief Get self permission status + * @param permissionName permission name quote + * @param status the permission status + * @return error code, see access_token_error.h + */ + static int32_t GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status); /** * @brief Get requsted permission grant result * @param permList PermissionListState list quote, as input and query result diff --git a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map index 19192e683..373be35db 100644 --- a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map +++ b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map @@ -83,6 +83,7 @@ "OHOS::Security::AccessToken::AccessTokenKit::RequestAppPermOnSetting(unsigned int)"; "OHOS::Security::AccessToken::AccessTokenKit::GetReqPermissionByName(unsigned int, std::__h::basic_string, std::__h::allocator> const&, std::__h::basic_string, std::__h::allocator>&)"; "OHOS::Security::AccessToken::AccessTokenKit::GetKernelPermissions(unsigned int, std::__h::vector>&)"; + "OHOS::Security::AccessToken::AccessTokenKit::GetSelfPermissionStatus(std::__h::basic_string, std::__h::allocator> const&, OHOS::Security::AccessToken::TypePermissionOper&)"; OHOS::Security::AccessToken::AccessTokenKit::IsSystemAppByFullTokenID*; OHOS::Security::AccessToken::AccessTokenKit::GetRenderTokenID*; ""; diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 83590b74d..b41d98847 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -37,6 +37,7 @@ static const uint64_t SYSTEM_APP_MASK = (static_cast(1) << 32); static const uint64_t TOKEN_ID_LOWMASK = 0xffffffff; static const int INVALID_DLP_TOKEN_FLAG = -1; static const int FIRSTCALLER_TOKENID_DEFAULT = 0; +static const int MAX_LENGTH = 256; } // namespace PermUsedTypeEnum AccessTokenKit::GetPermissionUsedType( @@ -279,6 +280,14 @@ int AccessTokenKit::GetNativeTokenInfo( return AccessTokenManagerClient::GetInstance().GetNativeTokenInfo(tokenID, nativeTokenInfoRes); } +int32_t AccessTokenKit::GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status) +{ + if (permissionName.empty() || permissionName.size() > MAX_LENGTH) { + return ERR_PARAM_INVALID; + } + return AccessTokenManagerClient::GetInstance().GetSelfPermissionStatus(permissionName, status); +} + PermissionOper AccessTokenKit::GetSelfPermissionsState(std::vector& permList, PermissionGrantInfo& info) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index e2d5ac4dd..0c91354fa 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -211,6 +211,24 @@ int AccessTokenManagerClient::GetPermissionFlag( return result; } +int32_t AccessTokenManagerClient::GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status) +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null."); + status = INVALID_OPER; + return AccessTokenError::ERR_SERVICE_ABNORMAL; + } + int32_t retStatus = INVALID_OPER; + int32_t result = proxy->GetSelfPermissionStatus(permissionName, retStatus); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + status = static_cast(retStatus); + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, status=%{public}d).", result, retStatus); + return result; +} + PermissionOper AccessTokenManagerClient::GetSelfPermissionsState(std::vector& permList, PermissionGrantInfo& info) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index df0ed5815..0689d1697 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -60,6 +60,7 @@ public: int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, int32_t userID); int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, int32_t userID); int32_t RequestAppPermOnSetting(AccessTokenID tokenID); + int32_t GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status); PermissionOper GetSelfPermissionsState(std::vector& permList, PermissionGrantInfo& info); int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector& permList); diff --git a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn index c8267ecdb..973d2c7a3 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn @@ -60,6 +60,7 @@ ohos_unittest("libaccesstoken_sdk_test") { "PermDenyTest/accesstoken_deny_test.cpp", "PermisionDialogTest/accesstoken_location_request_test.cpp", "PermisionDialogTest/get_self_permission_state_test.cpp", + "PermisionDialogTest/get_self_permission_status_test.cpp", "PermisionDialogTest/request_permission_on_setting_test.cpp", "PermisionDialogTest/set_perm_dialog_cap_test.cpp", "PermissionsTest/check_permission_map_test.cpp", diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp new file mode 100644 index 000000000..cd529a108 --- /dev/null +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp @@ -0,0 +1,560 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "get_self_permission_status_test.h" +#include "access_token_error.h" +#include "nativetoken_kit.h" +#include "test_common.h" +#include "token_setproc.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +using namespace testing::ext; +namespace { +static const std::string TEST_BUNDLE_NAME = "ohos"; +static const int TEST_USER_ID = 0; +static const std::string APPROXIMATELY_LOCATION_PERMISSION = "ohos.permission.APPROXIMATELY_LOCATION"; +static const std::string LOCATION_PERMISSION = "ohos.permission.LOCATION"; + +PermissionStateFull g_permTestState1 = { + .permissionName = APPROXIMATELY_LOCATION_PERMISSION, + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}, +}; + +PermissionStateFull g_permTestState2 = { + .permissionName = "ohos.permission.MICROPHONE", + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_USER_SET} +}; + +PermissionStateFull g_permTestState3 = { + .permissionName = "ohos.permission.WRITE_CALENDAR", + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED} +}; + +PermissionStateFull g_permTestState4 = { + .permissionName = "ohos.permission.READ_IMAGEVIDEO", + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .grantFlags = {PermissionFlag::PERMISSION_USER_SET} +}; + +PermissionStateFull g_permTestState5 = { + .permissionName = LOCATION_PERMISSION, + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}, +}; + +PermissionStateFull g_permTestState6 = { + .permissionName = "ohos.permission.READ_CALENDAR", + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}, +}; + +HapPolicyParams g_policy = { + .apl = APL_NORMAL, + .domain = "domain", + .permStateList = {g_permTestState1, g_permTestState2, g_permTestState3, g_permTestState4, g_permTestState5, + g_permTestState6} +}; + +static uint64_t g_selfTokenId = 0; +} + +void GetSelfPermissionStatusTest::SetUpTestCase() +{ + g_selfTokenId = GetSelfTokenID(); + TestCommon::SetTestEvironment(g_selfTokenId); +} + +void GetSelfPermissionStatusTest::TearDownTestCase() +{ + ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(g_selfTokenId)); + TestCommon::ResetTestEvironment(); +} + +void GetSelfPermissionStatusTest::SetUp() +{ + HapInfoParams info = { + .userID = TEST_USER_ID, + .bundleName = TEST_BUNDLE_NAME, + .instIndex = 0, + .appIDDesc = "appIDDesc", + .apiVersion = 20 // 20: api version + }; + + AccessTokenIDEx tokenIdEx = TestCommon::AllocAndGrantHapTokenByTest(info, g_policy); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(tokenId, INVALID_TOKENID); + ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx)); +} + +void GetSelfPermissionStatusTest::TearDown() +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + if (tokenId != INVALID_TOKENID) { + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenId)); + } +} + +/** + * @tc.name: GetSelfPermissionStatus001 + * @tc.desc: default permission status + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus001, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user set DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user fixed DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + // user set GRANTED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); + + // not request permission CAMERA + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus002 + * @tc.desc: forbidden permission status + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus002, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG"); + MockHapToken mock("GetSelfPermissionStatus002", reqPerm, true); + + HapBaseInfo hapBaseInfo = { + .userID = TEST_USER_ID, + .bundleName = TEST_BUNDLE_NAME, + .instIndex = 0, + }; + + ASSERT_EQ(0, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true)); + } + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(FORBIDDEN_OPER, status); + + // user set DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(FORBIDDEN_OPER, status); + + // user fixed DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(FORBIDDEN_OPER, status); + + // user set GRANTED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(FORBIDDEN_OPER, status); + + // not request permission CAMERA + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus003 + * @tc.desc: grant permission status + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus003, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus003", reqPerm, true); + + // grant user set + ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET)); + } + + // grant permission + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); + + // user set DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user fixed DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + // user set GRANTED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); + + // not request permission CAMERA + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus004 + * @tc.desc: revoke user set permission status + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus004, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus004", reqPerm, true); + + // revoke user set + ASSERT_EQ(0, AccessTokenKit::RevokePermission(tokenID, "ohos.permission.READ_IMAGEVIDEO", PERMISSION_USER_SET)); + } + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user set DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user fixed DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + // revoke user set + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // not request permission CAMERA + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus005 + * @tc.desc: revoke user fixed permission status + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus005, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus005", reqPerm, true); + + // revoke user fixed + ASSERT_EQ(0, + AccessTokenKit::RevokePermission(tokenID, "ohos.permission.READ_IMAGEVIDEO", PERMISSION_USER_FIXED)); + } + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user set DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user fixed DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + // revoke user fixed + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + // not request permission CAMERA + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus006 + * @tc.desc: invalid permission + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus006, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + PermissionOper status; + // invalid permission + int32_t ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.TTTTT", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); + + // not request permission + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.ACCESS_NEARLINK", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); + + // empty permission + std::string testPerm1; + ret = AccessTokenKit::GetSelfPermissionStatus(testPerm1, status); + EXPECT_EQ(ERR_PARAM_INVALID, ret); + + // oversize permission + std::string testPerm2(257, 'a'); + ret = AccessTokenKit::GetSelfPermissionStatus(testPerm2, status); + EXPECT_EQ(ERR_PARAM_INVALID, ret); +} + +/** + * @tc.name: GetSelfPermissionStatus007 + * @tc.desc: location permission test + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus007, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // APPROXIMATELY_LOCATION not set, LOCATION status is INVALID_OPER + ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus0071", reqPerm, true); + + // grant user set + ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET)); + } + + // grant permission + ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); + + // APPROXIMATELY_LOCATION already set, LOCATION status is DYNAMIC_OPER + ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus0072", reqPerm, true); + + // grant user set + ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, LOCATION_PERMISSION, PERMISSION_USER_SET)); + } + + // grant permission + ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus008 + * @tc.desc: only change flag + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus008, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus0081", reqPerm, true); + + // grant user set + ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET)); + } + + // grant permission + ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus0082", reqPerm, true); + + // revoke user fixed + ASSERT_EQ(0, AccessTokenKit::RevokePermission( + tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_FIXED)); + } + + // revoke permission + ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus0083", reqPerm, true); + + // revoke to default flag + ASSERT_EQ(0, AccessTokenKit::RevokePermission( + tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_DEFAULT_FLAG)); + } + + ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus009 + * @tc.desc: test permission group + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus009, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + PermissionOper status; + + // default + int32_t ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // default denied + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus009", reqPerm, true); + + // grant user set + ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, "ohos.permission.WRITE_CALENDAR", PERMISSION_USER_SET)); + } + + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // no change + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h new file mode 100644 index 000000000..58ee97f3e --- /dev/null +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef GET_SELF_PERMISSION_STATUS_TEST_H +#define GET_SELF_PERMISSION_STATUS_TEST_H + +#include + +#include "access_token.h" +#include "accesstoken_kit.h" +#include "permission_def.h" +#include "permission_state_full.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class GetSelfPermissionStatusTest : public testing::Test { +public: + static void SetUpTestCase(); + static void TearDownTestCase(); + void SetUp(); + void TearDown(); + unsigned int GetAccessTokenID(int userID, std::string bundleName, int instIndex); + AccessTokenID AllocTestToken(const HapInfoParams& hapInfo, const HapPolicyParams& hapPolicy) const; + void DeleteTestToken() const; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // GET_SELF_PERMISSION_STATUS_TEST_H diff --git a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp index 1678ab82f..6d919b20c 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp @@ -341,6 +341,19 @@ HWTEST_F(AccessTokenMockTest, GetPermissionRequestToggleStatus001, TestSize.Leve status, userID)); } +/** + * @tc.name: GetSelfPermissionStatus001 + * @tc.desc: GetSelfPermissionStatus with proxy is null + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenMockTest, GetSelfPermissionStatus001, TestSize.Level1) +{ + std::string permission = "ohos.permission.CAMERA"; + PermissionOper status; + ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::GetSelfPermissionStatus(permission, status)); +} + /** * @tc.name: GetSelfPermissionsState001 * @tc.desc: GetSelfPermissionsState with proxy is null diff --git a/interfaces/kits/cj/accesstoken/include/at_manager_impl.h b/interfaces/kits/cj/accesstoken/include/at_manager_impl.h index 512f66d93..96e92dae8 100644 --- a/interfaces/kits/cj/accesstoken/include/at_manager_impl.h +++ b/interfaces/kits/cj/accesstoken/include/at_manager_impl.h @@ -57,7 +57,7 @@ const int AT_PERM_OPERA_FAIL = -1; const int AT_PERM_OPERA_SUCC = 0; const int32_t PARAM_DEFAULT_VALUE = -1; -struct PermissionStatusCache { +struct GrantStatusCache { int32_t status; std::string paramValue; }; diff --git a/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp b/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp index 6cf2e6c12..9165560ce 100644 --- a/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp +++ b/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp @@ -33,7 +33,7 @@ namespace CJSystemapi { std::mutex g_lockForPermStateChangeRegisters; std::vector g_permStateChangeRegisters; std::mutex g_lockCache; -std::map g_cache; +std::map g_cache; static PermissionParamCache g_paramCache; std::mutex g_lockForPermRequestCallbacks; static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change"; diff --git a/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h b/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h index d36729b27..5545ecaa2 100644 --- a/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h +++ b/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h @@ -93,13 +93,19 @@ struct AtManagerSyncContext { std::string permissionName; int32_t result = RET_FAILED; int32_t errorCode = 0; + PermissionOper permissionsState = PermissionOper::INVALID_OPER; }; -struct PermissionStatusCache { +struct GrantStatusCache { int32_t status; std::string paramValue; }; +struct PermissionStatusCache { + PermissionOper status; + std::string paramValue; +}; + struct PermissionParamCache { long long sysCommitIdCache = PARAM_DEFAULT_VALUE; int32_t commitIdCache = PARAM_DEFAULT_VALUE; @@ -124,6 +130,7 @@ private: static napi_value SetPermissionRequestToggleStatus(napi_env env, napi_callback_info info); static napi_value GetPermissionRequestToggleStatus(napi_env env, napi_callback_info info); static napi_value RequestAppPermOnSetting(napi_env env, napi_callback_info info); + static napi_value GetSelfPermissionStatusSync(napi_env env, napi_callback_info info); static bool ParseInputVerifyPermissionOrGetFlag(const napi_env env, const napi_callback_info info, AtManagerAsyncContext& asyncContext); @@ -133,6 +140,8 @@ private: AtManagerAsyncContext& asyncContext); static bool ParseInputGetToggleStatus(const napi_env env, const napi_callback_info info, AtManagerAsyncContext& asyncContext); + static bool ParseInputGetPermStatus(const napi_env env, const napi_callback_info info, + AtManagerSyncContext& syncContext); static void VerifyAccessTokenExecute(napi_env env, void *data); static void VerifyAccessTokenComplete(napi_env env, napi_status status, void *data); static void CheckAccessTokenExecute(napi_env env, void* data); @@ -172,7 +181,7 @@ private: std::vector& batchPermStateChangeRegisters, const napi_env env); static void DeleteRegisterFromVector(const PermStateChangeScope& scopeInfo, const napi_env env, napi_ref subscriberRef); - static std::string GetPermParamValue(); + static std::string GetPermParamValue(PermissionParamCache& paramCache, const char* paramKey); static void UpdatePermissionCache(AtManagerSyncContext* syncContext); }; } // namespace AccessToken diff --git a/services/accesstokenmanager/etc/access_token.para b/services/accesstokenmanager/etc/access_token.para index c9f7458a9..27ad49588 100644 --- a/services/accesstokenmanager/etc/access_token.para +++ b/services/accesstokenmanager/etc/access_token.para @@ -1,4 +1,4 @@ -# Copyright (c) 2022 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -13,4 +13,5 @@ accesstoken.permission.change = 0 -accesstoken.permission.init = 0 \ No newline at end of file +accesstoken.permission.init = 0 +accesstoken.permission.flagchange = 0 \ No newline at end of file diff --git a/services/accesstokenmanager/etc/access_token.para.dac b/services/accesstokenmanager/etc/access_token.para.dac index 33de56a3e..15b0be5d2 100644 --- a/services/accesstokenmanager/etc/access_token.para.dac +++ b/services/accesstokenmanager/etc/access_token.para.dac @@ -1,4 +1,4 @@ -# Copyright (c) 2022 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -13,3 +13,4 @@ accesstoken.permission.change="access_token:access_token:0774" accesstoken.permission.init="access_token:access_token:0774" +accesstoken.permission.flagchange="access_token:access_token:0774" diff --git a/services/accesstokenmanager/idl/IAccessTokenManager.idl b/services/accesstokenmanager/idl/IAccessTokenManager.idl index 31da0d225..c5497e408 100644 --- a/services/accesstokenmanager/idl/IAccessTokenManager.idl +++ b/services/accesstokenmanager/idl/IAccessTokenManager.idl @@ -86,4 +86,5 @@ interface OHOS.Security.AccessToken.IAccessTokenManager{ [ipccode 67] void GetKernelPermissions([in] unsigned int tokenId, [out] List kernelPermIdlList); [ipccode 68] void GetReqPermissionByName([in] unsigned int tokenId, [in] String permissionName, [out] String value); [ipccode 80] void VerifyAccessToken([in] unsigned int tokenID, [in] List permissionList, [out] List permStateList); + [ipccode 81] void GetSelfPermissionStatus([in] String permissionName, [out] int status); } \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h index 14cd8a00a..8fd5fef42 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h @@ -85,6 +85,7 @@ public: std::vector& permsList, int32_t apiVersion); void NotifyPermGrantStoreResult(bool result, uint64_t timestamp); void ParamUpdate(const std::string& permissionName, uint32_t flag, bool filtered); + void ParamFlagUpdate(); void NotifyWhenPermissionStateUpdated(AccessTokenID tokenID, const std::string& permissionName, bool isGranted, uint32_t flag, const std::shared_ptr& infoPtr); void AddNativePermToKernel( @@ -125,6 +126,9 @@ private: OHOS::Utils::RWLock permParamSetLock_; uint64_t paramValue_ = 0; + OHOS::Utils::RWLock permFlagParamSetLock_; + uint64_t paramFlagValue_ = 0; + OHOS::Utils::RWLock permToggleStateLock_; DISALLOW_COPY_AND_MOVE(PermissionManager); diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index ecbb2c431..f8e2e2c45 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -57,6 +57,7 @@ public: int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; int GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; + int32_t GetSelfPermissionStatus(const std::string& permissionName, int32_t& status) override; int32_t GetSelfPermissionsState(std::vector& reqPermList, PermissionGrantInfoParcel& infoParcel, int32_t& permOper) override; int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector& reqPermList) override; diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index e8f12d457..24e1a9336 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -50,6 +50,7 @@ namespace Security { namespace AccessToken { namespace { static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change"; +static const char* PERMISSION_STATUS_FLAG_CHANGE_KEY = "accesstoken.permission.flagchange"; static constexpr int32_t VALUE_MAX_LEN = 32; static const std::vector g_notDisplayedPerms = { "ohos.permission.ANSWER_CALL", @@ -92,9 +93,18 @@ PermissionManager::PermissionManager() if (ret < 0) { LOGE(ATM_DOMAIN, ATM_TAG, "Return default value, ret=%{public}d", ret); paramValue_ = 0; + } else { + paramValue_ = static_cast(std::atoll(value)); + } + + char flagValue[VALUE_MAX_LEN] = {0}; + ret = GetParameter(PERMISSION_STATUS_FLAG_CHANGE_KEY, "", flagValue, VALUE_MAX_LEN - 1); + if (ret < 0) { + LOGE(ATM_DOMAIN, ATM_TAG, "Return default flag value, ret=%{public}d", ret); + paramFlagValue_ = 0; return; } - paramValue_ = static_cast(std::atoll(value)); + paramFlagValue_ = static_cast(std::atoll(flagValue)); } PermissionManager::~PermissionManager() @@ -318,6 +328,18 @@ void PermissionManager::ParamUpdate(const std::string& permissionName, uint32_t } } +void PermissionManager::ParamFlagUpdate() +{ + Utils::UniqueWriteGuard infoGuard(this->permFlagParamSetLock_); + paramFlagValue_++; + LOGD(ATM_DOMAIN, ATM_TAG, + "paramFlagValue_ change %{public}llu", static_cast(paramFlagValue_)); + int32_t res = SetParameter(PERMISSION_STATUS_FLAG_CHANGE_KEY, std::to_string(paramFlagValue_).c_str()); + if (res != 0) { + LOGE(ATM_DOMAIN, ATM_TAG, "SetParameter failed %{public}d", res); + } +} + void PermissionManager::NotifyWhenPermissionStateUpdated(AccessTokenID tokenID, const std::string& permissionName, bool isGranted, uint32_t flag, const std::shared_ptr& infoPtr) { @@ -367,6 +389,10 @@ int32_t PermissionManager::UpdateTokenPermissionState( "INT_VAL2", static_cast(flag), "NEED_KILL", needKill); return ret; } + + // notify flag change + ParamFlagUpdate(); + if (statusChanged) { NotifyWhenPermissionStateUpdated(id, permission, isGranted, flag, infoPtr); // To notify kill process when perm is revoke diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 092e41cdb..67dab3bd2 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -260,6 +260,21 @@ int AccessTokenManagerService::GetReqPermissions( return ret; } +int32_t AccessTokenManagerService::GetSelfPermissionStatus(const std::string& permissionName, int32_t& status) +{ + status = INVALID_OPER; + AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); + PermissionListStateParcel parcel; + parcel.permsState.permissionName = permissionName; + parcel.permsState.state = INVALID_OPER; + std::vector list{parcel}; + (void)GetPermissionsState(callingTokenID, list); + if (!list.empty()) { + status = static_cast(list[0].permsState.state); + } + return ERR_OK; +} + int32_t AccessTokenManagerService::GetSelfPermissionsState(std::vector& reqPermList, PermissionGrantInfoParcel& infoParcel, int32_t& permOper) { diff --git a/test/fuzztest/innerkits/accesstoken/BUILD.gn b/test/fuzztest/innerkits/accesstoken/BUILD.gn index 8b1334097..6ebac1ef1 100644 --- a/test/fuzztest/innerkits/accesstoken/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/BUILD.gn @@ -40,6 +40,7 @@ group("fuzztest") { "getrendertokenid_fuzzer:GetRenderTokenIdFuzzTest", "getreqpermissions_fuzzer:GetReqPermissionsFuzzTest", "getselfpermissionsstate_fuzzer:GetSelfPermissionsStateFuzzTest", + "getselfpermissionstatus_fuzzer:GetSelfPermissionStatusFuzzTest", "gettokenidbyuserid_fuzzer:GetTokenIDByUserIDFuzzTest", "gettokentype_fuzzer:GetTokenTypeFuzzTest", "gettokentypeflag_fuzzer:GetTokenTypeFlagFuzzTest", diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn new file mode 100644 index 000000000..2968c428b --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn @@ -0,0 +1,42 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../access_token.gni") + +ohos_fuzztest("GetSelfPermissionStatusFuzzTest") { + module_out_path = module_output_path_interface_access_token + fuzz_config_file = "." + include_dirs = [ + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/test/fuzztest/common", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "getselfpermissionstatus_fuzzer.cpp" ] + deps = [ + "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + ] + + configs = [ "${access_token_path}/config:coverage_flags" ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + ] +} diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init new file mode 100644 index 000000000..8f37f0925 --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp new file mode 100644 index 000000000..a9b21bd23 --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "getselfpermissionstatus_fuzzer.h" + +#include +#include +#include +#include "accesstoken_fuzzdata.h" +#undef private +#include "accesstoken_kit.h" + +using namespace std; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { + bool GetSelfPermissionStatusFuzzTest(const uint8_t* data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + AccessTokenFuzzData fuzzData(data, size); + std::string permissionName = fuzzData.GenerateStochasticString(); + PermissionOper status; + + AccessTokenKit::GetSelfPermissionStatus(permissionName, status); + return true; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::GetSelfPermissionStatusFuzzTest(data, size); + return 0; +} diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h new file mode 100644 index 000000000..46854bbce --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h @@ -0,0 +1,28 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H +#define TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H + +#define FUZZ_PROJECT_NAME "getselfpermissionstatus_fuzzer" + +#include +#include +#include +#include +#include +#include + +#endif // TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml new file mode 100644 index 000000000..66e1dcac4 --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/services/accesstoken/BUILD.gn b/test/fuzztest/services/accesstoken/BUILD.gn index 99767dcd1..ef172e338 100644 --- a/test/fuzztest/services/accesstoken/BUILD.gn +++ b/test/fuzztest/services/accesstoken/BUILD.gn @@ -39,6 +39,7 @@ group("fuzztest") { "getreqpermissionbynamestub_fuzzer:GetReqPermissionByNameStubFuzzTest", "getreqpermissionsstub_fuzzer:GetReqPermissionsStubFuzzTest", "getselfpermissionsstatestub_fuzzer:GetSelfPermissionsStateStubFuzzTest", + "getselfpermissionstatusstub_fuzzer:GetSelfPermissionStatusStubFuzzTest", "gettokenidbyuseridstub_fuzzer:GetTokenIDByUserIDStubFuzzTest", "gettokentypestub_fuzzer:GetTokenTypeStubFuzzTest", "grantpermissionforspecifiedtimestub_fuzzer:GrantPermissionForSpecifiedTimeStubFuzzTest", diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn new file mode 100644 index 000000000..4e1b33289 --- /dev/null +++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn @@ -0,0 +1,50 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../access_token.gni") +import("../access_token_service_fuzz.gni") + +ohos_fuzztest("GetSelfPermissionStatusStubFuzzTest") { + module_out_path = module_output_path_service_access_token + fuzz_config_file = "." + + sources = [ "getselfpermissionstatusstub_fuzzer.cpp" ] + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + include_dirs = access_token_include_dirs + + deps = access_token_deps + + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] + + external_deps = access_token_external_deps + + include_dirs += access_token_impl_include_dirs + + cflags_cc = access_token_cflags_cc + + sources += access_token_sources + + sources += access_token_impl_sources +} diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init new file mode 100644 index 000000000..65af8ee8d --- /dev/null +++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp new file mode 100644 index 000000000..5587af8d2 --- /dev/null +++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "getselfpermissionstatusstub_fuzzer.h" + +#include +#include +#include +#undef private +#include "accesstoken_fuzzdata.h" +#include "accesstoken_manager_service.h" +#include "iaccess_token_manager.h" + +using namespace std; +using namespace OHOS; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { + bool GetSelfPermissionStatusStubFuzzTest(const uint8_t* data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + AccessTokenFuzzData fuzzData(data, size); + std::string permissionName = fuzzData.GenerateStochasticString(); + MessageParcel datas; + datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!datas.WriteString(permissionName)) { + return false; + } + + uint32_t code = static_cast( + IAccessTokenManagerIpcCode::COMMAND_GET_SELF_PERMISSION_STATUS); + MessageParcel reply; + MessageOption option; + DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); + return true; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::GetSelfPermissionStatusStubFuzzTest(data, size); + return 0; +} + diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h new file mode 100644 index 000000000..6c3de023f --- /dev/null +++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H +#define TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "getselfpermissionstatusstub_fuzzer" + +#endif // TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml new file mode 100644 index 000000000..66e1dcac4 --- /dev/null +++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + -- Gitee From b511fe738f396e0160a7796d3a2ffb73d1d115f8 Mon Sep 17 00:00:00 2001 From: fanzexuan Date: Tue, 22 Apr 2025 09:11:20 +0800 Subject: [PATCH 062/103] revert accessibility permission Signed-off-by: fanzexuan --- .../accesstokenmanager/permission_definitions.json | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 6512eb699..6cfbfe72c 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6452,16 +6452,6 @@ "provisionEnable": true, "distributedSceneEnable": false }, - { - "name": "ohos.permission.ACCESSIBILITY_EXTENSION_ABILITY", - "grantMode": "system_grant", - "availableLevel": "system_basic", - "availableType": "SYSTEM", - "since": 20, - "deprecated": "", - "provisionEnable": true, - "distributedSceneEnable": false - }, { "name": "ohos.permission.SANDBOX_ACCESS_MANAGER", "grantMode": "system_grant", -- Gitee From a294cf293fe4d99cebfb96827bcc25f7063dd8bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E4=B8=87=E9=B9=8F?= Date: Tue, 22 Apr 2025 07:29:23 +0000 Subject: [PATCH 063/103] update services/accesstokenmanager/permission_definitions.json. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 张万鹏 --- .../accesstokenmanager/permission_definitions.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 6512eb699..7ba66bfdc 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6302,6 +6302,16 @@ "provisionEnable": true, "distributedSceneEnable": false }, + { + "name": "ohos.permission.ACCESS_MEDIALIB_RESTORE", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 17, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false + }, { "name": "ohos.permission.UPDATE_FONT", "grantMode": "system_grant", -- Gitee From 9de71f6a35a0c196b25e7a1d161b095997f70d54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=A8=E4=B8=96=E7=90=A6=5Fhw?= <670097973@qq.com> Date: Tue, 22 Apr 2025 17:12:31 +0800 Subject: [PATCH 064/103] change api level MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 杨世琦_hw <670097973@qq.com> --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 6cfbfe72c..0c6587a9b 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6447,7 +6447,7 @@ "grantMode": "system_grant", "availableLevel": "system_core", "availableType": "SERVICE", - "since": 20, + "since": 19, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false -- Gitee From a62762d32547824ec278630d82278152f48c0ae5 Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Tue, 22 Apr 2025 19:50:30 +0800 Subject: [PATCH 065/103] =?UTF-8?q?AT=E9=80=82=E9=85=8D=EF=BC=8Csamgr?= =?UTF-8?q?=E7=8B=AC=E7=AB=8B=E7=BC=96=E8=AF=91=E6=95=B4=E6=94=B9250422?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: I38d1110f0819c63c0b50c8eeb2e8b5fbffa42351 --- services/tokensyncmanager/test/coverage/BUILD.gn | 1 + services/tokensyncmanager/test/unittest/BUILD.gn | 1 + 2 files changed, 2 insertions(+) diff --git a/services/tokensyncmanager/test/coverage/BUILD.gn b/services/tokensyncmanager/test/coverage/BUILD.gn index 952bc5e6a..f39c25053 100644 --- a/services/tokensyncmanager/test/coverage/BUILD.gn +++ b/services/tokensyncmanager/test/coverage/BUILD.gn @@ -87,6 +87,7 @@ ohos_unittest("libtoken_sync_service_coverage_test") { "hilog:libhilog", "ipc:ipc_single", "safwk:system_ability_fwk", + "samgr:samgr_proxy", "zlib:libz", ] diff --git a/services/tokensyncmanager/test/unittest/BUILD.gn b/services/tokensyncmanager/test/unittest/BUILD.gn index f347b2b3c..bec90ffc7 100644 --- a/services/tokensyncmanager/test/unittest/BUILD.gn +++ b/services/tokensyncmanager/test/unittest/BUILD.gn @@ -91,6 +91,7 @@ ohos_unittest("libtoken_sync_service_standard_test") { "hilog:libhilog", "ipc:ipc_single", "safwk:system_ability_fwk", + "samgr:samgr_proxy", "zlib:libz", ] if (eventhandler_enable == true) { -- Gitee From b3b310beabd7a3135059c0e4cb90aa0706c7d225 Mon Sep 17 00:00:00 2001 From: bigtea Date: Wed, 23 Apr 2025 12:08:08 +0800 Subject: [PATCH 066/103] Revert "!3186 Add GetSelfPermissionStatus" This reverts commit 8189d1104d1f96440a6fab0e070e8fb4473b5cfc, reversing changes made to 0615519059a1c96c33be7545d68471c2955d3a0f. Signed-off-by: bigtea --- .../napi/accesstoken/src/napi_atmanager.cpp | 116 +--- .../accesstoken/include/accesstoken_kit.h | 7 - .../accesstoken/libaccesstoken_sdk.map | 1 - .../accesstoken/src/accesstoken_kit.cpp | 9 - .../src/accesstoken_manager_client.cpp | 18 - .../src/accesstoken_manager_client.h | 1 - .../accesstoken/test/unittest/BUILD.gn | 1 - .../get_self_permission_status_test.cpp | 560 ------------------ .../get_self_permission_status_test.h | 42 -- .../ProxyMockTest/accesstoken_mock_test.cpp | 13 - .../cj/accesstoken/include/at_manager_impl.h | 2 +- .../cj/accesstoken/src/at_manager_impl.cpp | 2 +- .../napi/accesstoken/include/napi_atmanager.h | 13 +- .../accesstokenmanager/etc/access_token.para | 5 +- .../etc/access_token.para.dac | 3 +- .../idl/IAccessTokenManager.idl | 1 - .../include/permission/permission_manager.h | 4 - .../service/accesstoken_manager_service.h | 1 - .../cpp/src/permission/permission_manager.cpp | 28 +- .../service/accesstoken_manager_service.cpp | 15 - test/fuzztest/innerkits/accesstoken/BUILD.gn | 1 - .../getselfpermissionstatus_fuzzer/BUILD.gn | 42 -- .../corpus/init | 13 - .../getselfpermissionstatus_fuzzer.cpp | 50 -- .../getselfpermissionstatus_fuzzer.h | 28 - .../project.xml | 25 - test/fuzztest/services/accesstoken/BUILD.gn | 1 - .../BUILD.gn | 50 -- .../corpus/init | 14 - .../getselfpermissionstatusstub_fuzzer.cpp | 60 -- .../getselfpermissionstatusstub_fuzzer.h | 21 - .../project.xml | 25 - 32 files changed, 24 insertions(+), 1148 deletions(-) delete mode 100644 interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp delete mode 100644 interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h delete mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn delete mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init delete mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp delete mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h delete mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml delete mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn delete mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init delete mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp delete mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h delete mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml diff --git a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp index f4d99b0ef..fb96bff4c 100644 --- a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp +++ b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp @@ -31,16 +31,12 @@ namespace AccessToken { std::mutex g_lockForPermStateChangeRegisters; std::vector g_permStateChangeRegisters; std::mutex g_lockCache; -std::map g_cache; -std::mutex g_lockStatusCache; -std::map g_statusCache; +std::map g_cache; static PermissionParamCache g_paramCache; -static PermissionParamCache g_paramFlagCache; static std::atomic g_cnt = 0; constexpr uint32_t REPORT_CNT = 10; namespace { static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change"; -static const char* PERMISSION_STATUS_FLAG_CHANGE_KEY = "accesstoken.permission.flagchange"; static const char* REGISTER_PERMISSION_STATE_CHANGE_TYPE = "permissionStateChange"; static const char* REGISTER_SELF_PERMISSION_STATE_CHANGE_TYPE = "selfPermissionStateChange"; constexpr uint32_t THIRD_PARAM = 2; @@ -242,7 +238,6 @@ napi_value NapiAtManager::Init(napi_env env, napi_value exports) DECLARE_NAPI_FUNCTION("requestPermissionOnSetting", NapiRequestPermissionOnSetting::RequestPermissionOnSetting), DECLARE_NAPI_FUNCTION("requestGlobalSwitch", NapiRequestGlobalSwitch::RequestGlobalSwitch), DECLARE_NAPI_FUNCTION("requestPermissionOnApplicationSetting", RequestAppPermOnSetting), - DECLARE_NAPI_FUNCTION("getSelfPermissionStatus", GetSelfPermissionStatusSync), }; napi_value cons = nullptr; @@ -538,36 +533,36 @@ napi_value NapiAtManager::CheckAccessToken(napi_env env, napi_callback_info info return result; } -std::string NapiAtManager::GetPermParamValue(PermissionParamCache& paramCache, const char* paramKey) +std::string NapiAtManager::GetPermParamValue() { long long sysCommitId = GetSystemCommitId(); - if (sysCommitId == paramCache.sysCommitIdCache) { + if (sysCommitId == g_paramCache.sysCommitIdCache) { LOGD(ATM_DOMAIN, ATM_TAG, "SysCommitId = %{public}lld", sysCommitId); - return paramCache.sysParamCache; + return g_paramCache.sysParamCache; } - paramCache.sysCommitIdCache = sysCommitId; - if (paramCache.handle == PARAM_DEFAULT_VALUE) { - int32_t handle = static_cast(FindParameter(paramKey)); + g_paramCache.sysCommitIdCache = sysCommitId; + if (g_paramCache.handle == PARAM_DEFAULT_VALUE) { + int32_t handle = static_cast(FindParameter(PERMISSION_STATUS_CHANGE_KEY)); if (handle == PARAM_DEFAULT_VALUE) { LOGE(ATM_DOMAIN, ATM_TAG, "FindParameter failed"); return "-1"; } - paramCache.handle = handle; + g_paramCache.handle = handle; } - int32_t currCommitId = static_cast(GetParameterCommitId(paramCache.handle)); - if (currCommitId != paramCache.commitIdCache) { + int32_t currCommitId = static_cast(GetParameterCommitId(g_paramCache.handle)); + if (currCommitId != g_paramCache.commitIdCache) { char value[NapiContextCommon::VALUE_MAX_LEN] = {0}; - auto ret = GetParameterValue(paramCache.handle, value, NapiContextCommon::VALUE_MAX_LEN - 1); + auto ret = GetParameterValue(g_paramCache.handle, value, NapiContextCommon::VALUE_MAX_LEN - 1); if (ret < 0) { LOGE(ATM_DOMAIN, ATM_TAG, "Return default value, ret=%{public}d", ret); return "-1"; } std::string resStr(value); - paramCache.sysParamCache = resStr; - paramCache.commitIdCache = currCommitId; + g_paramCache.sysParamCache = resStr; + g_paramCache.commitIdCache = currCommitId; } - return paramCache.sysParamCache; + return g_paramCache.sysParamCache; } void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext) @@ -575,7 +570,7 @@ void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext) std::lock_guard lock(g_lockCache); auto iter = g_cache.find(syncContext->permissionName); if (iter != g_cache.end()) { - std::string currPara = GetPermParamValue(g_paramCache, PERMISSION_STATUS_CHANGE_KEY); + std::string currPara = GetPermParamValue(); if (currPara != iter->second.paramValue) { syncContext->result = AccessTokenKit::VerifyAccessToken( syncContext->tokenId, syncContext->permissionName); @@ -588,7 +583,7 @@ void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext) } else { syncContext->result = AccessTokenKit::VerifyAccessToken(syncContext->tokenId, syncContext->permissionName); g_cache[syncContext->permissionName].status = syncContext->result; - g_cache[syncContext->permissionName].paramValue = GetPermParamValue(g_paramCache, PERMISSION_STATUS_CHANGE_KEY); + g_cache[syncContext->permissionName].paramValue = GetPermParamValue(); LOGD(ATM_DOMAIN, ATM_TAG, "G_cacheParam set %{public}s", g_cache[syncContext->permissionName].paramValue.c_str()); } @@ -1249,85 +1244,6 @@ napi_value NapiAtManager::RequestAppPermOnSetting(napi_env env, napi_callback_in return result; } -bool NapiAtManager::ParseInputGetPermStatus(const napi_env env, const napi_callback_info info, - AtManagerSyncContext& syncContext) -{ - size_t argc = NapiContextCommon::MAX_PARAMS_ONE; - napi_value argv[NapiContextCommon::MAX_PARAMS_ONE] = {nullptr}; - napi_value thisVar = nullptr; - - void *data = nullptr; - NAPI_CALL_BASE(env, napi_get_cb_info(env, info, &argc, argv, &thisVar, &data), false); - if (argc < NapiContextCommon::MAX_PARAMS_ONE) { - NAPI_CALL_BASE(env, napi_throw(env, GenerateBusinessError(env, - JsErrorCode::JS_ERROR_PARAM_ILLEGAL, "Parameter is missing.")), false); - return false; - } - - syncContext.env = env; - if (!ParseString(env, argv[0], syncContext.permissionName)) { - std::string errMsg = GetParamErrorMsg("permissionName", "string"); - NAPI_CALL_BASE(env, - napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false); - return false; - } - return true; -} - -napi_value NapiAtManager::GetSelfPermissionStatusSync(napi_env env, napi_callback_info info) -{ - auto* syncContext = new (std::nothrow) AtManagerSyncContext(); - if (syncContext == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "New struct fail."); - return nullptr; - } - - std::unique_ptr context {syncContext}; - if (!ParseInputGetPermStatus(env, info, *syncContext)) { - return nullptr; - } - - if ((syncContext->permissionName.empty()) || - ((syncContext->permissionName.length() > NapiContextCommon::MAX_LENGTH))) { - std::string errMsg = "Invalid parameter. The permissionName is empty or exceeds 256 characters."; - NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, JS_ERROR_PARAM_INVALID, errMsg))); - return nullptr; - } - - { - std::lock_guard lock(g_lockStatusCache); - auto iter = g_statusCache.find(syncContext->permissionName); - if (iter != g_statusCache.end()) { - std::string currPara = GetPermParamValue(g_paramFlagCache, PERMISSION_STATUS_FLAG_CHANGE_KEY); - if (currPara != iter->second.paramValue) { - syncContext->result = AccessTokenKit::GetSelfPermissionStatus(syncContext->permissionName, - syncContext->permissionsState); - iter->second.status = syncContext->permissionsState; - iter->second.paramValue = currPara; - } else { - syncContext->result = RET_SUCCESS; - syncContext->permissionsState = iter->second.status; - } - } else { - syncContext->result = AccessTokenKit::GetSelfPermissionStatus(syncContext->permissionName, - syncContext->permissionsState); - g_statusCache[syncContext->permissionName].status = syncContext->permissionsState; - g_statusCache[syncContext->permissionName].paramValue = GetPermParamValue( - g_paramFlagCache, PERMISSION_STATUS_FLAG_CHANGE_KEY); - } - } - - if (syncContext->result != RET_SUCCESS) { - int32_t jsCode = NapiContextCommon::GetJsErrorCode(syncContext->result); - NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, jsCode, GetErrorMessage(jsCode)))); - return nullptr; - } - - napi_value result = nullptr; - NAPI_CALL(env, napi_create_int32(env, static_cast(syncContext->permissionsState), &result)); - return result; -} - bool NapiAtManager::FillPermStateChangeInfo(const napi_env env, const napi_value* argv, const std::string& type, const napi_value thisVar, RegisterPermStateChangeInfo& registerPermStateChangeInfo) { diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index b47baeff2..abe082293 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -297,13 +297,6 @@ public: * @return error code, see access_token_error.h */ static int32_t RequestAppPermOnSetting(AccessTokenID tokenID); - /** - * @brief Get self permission status - * @param permissionName permission name quote - * @param status the permission status - * @return error code, see access_token_error.h - */ - static int32_t GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status); /** * @brief Get requsted permission grant result * @param permList PermissionListState list quote, as input and query result diff --git a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map index 373be35db..19192e683 100644 --- a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map +++ b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map @@ -83,7 +83,6 @@ "OHOS::Security::AccessToken::AccessTokenKit::RequestAppPermOnSetting(unsigned int)"; "OHOS::Security::AccessToken::AccessTokenKit::GetReqPermissionByName(unsigned int, std::__h::basic_string, std::__h::allocator> const&, std::__h::basic_string, std::__h::allocator>&)"; "OHOS::Security::AccessToken::AccessTokenKit::GetKernelPermissions(unsigned int, std::__h::vector>&)"; - "OHOS::Security::AccessToken::AccessTokenKit::GetSelfPermissionStatus(std::__h::basic_string, std::__h::allocator> const&, OHOS::Security::AccessToken::TypePermissionOper&)"; OHOS::Security::AccessToken::AccessTokenKit::IsSystemAppByFullTokenID*; OHOS::Security::AccessToken::AccessTokenKit::GetRenderTokenID*; ""; diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index b41d98847..83590b74d 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -37,7 +37,6 @@ static const uint64_t SYSTEM_APP_MASK = (static_cast(1) << 32); static const uint64_t TOKEN_ID_LOWMASK = 0xffffffff; static const int INVALID_DLP_TOKEN_FLAG = -1; static const int FIRSTCALLER_TOKENID_DEFAULT = 0; -static const int MAX_LENGTH = 256; } // namespace PermUsedTypeEnum AccessTokenKit::GetPermissionUsedType( @@ -280,14 +279,6 @@ int AccessTokenKit::GetNativeTokenInfo( return AccessTokenManagerClient::GetInstance().GetNativeTokenInfo(tokenID, nativeTokenInfoRes); } -int32_t AccessTokenKit::GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status) -{ - if (permissionName.empty() || permissionName.size() > MAX_LENGTH) { - return ERR_PARAM_INVALID; - } - return AccessTokenManagerClient::GetInstance().GetSelfPermissionStatus(permissionName, status); -} - PermissionOper AccessTokenKit::GetSelfPermissionsState(std::vector& permList, PermissionGrantInfo& info) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index 7bff45946..cc2de1369 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -210,24 +210,6 @@ int AccessTokenManagerClient::GetPermissionFlag( return result; } -int32_t AccessTokenManagerClient::GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status) -{ - auto proxy = GetProxy(); - if (proxy == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null."); - status = INVALID_OPER; - return AccessTokenError::ERR_SERVICE_ABNORMAL; - } - int32_t retStatus = INVALID_OPER; - int32_t result = proxy->GetSelfPermissionStatus(permissionName, retStatus); - if (result != RET_SUCCESS) { - result = ConvertResult(result); - } - status = static_cast(retStatus); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, status=%{public}d).", result, retStatus); - return result; -} - PermissionOper AccessTokenManagerClient::GetSelfPermissionsState(std::vector& permList, PermissionGrantInfo& info) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index 0689d1697..df0ed5815 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -60,7 +60,6 @@ public: int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, int32_t userID); int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, int32_t userID); int32_t RequestAppPermOnSetting(AccessTokenID tokenID); - int32_t GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status); PermissionOper GetSelfPermissionsState(std::vector& permList, PermissionGrantInfo& info); int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector& permList); diff --git a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn index 973d2c7a3..c8267ecdb 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn @@ -60,7 +60,6 @@ ohos_unittest("libaccesstoken_sdk_test") { "PermDenyTest/accesstoken_deny_test.cpp", "PermisionDialogTest/accesstoken_location_request_test.cpp", "PermisionDialogTest/get_self_permission_state_test.cpp", - "PermisionDialogTest/get_self_permission_status_test.cpp", "PermisionDialogTest/request_permission_on_setting_test.cpp", "PermisionDialogTest/set_perm_dialog_cap_test.cpp", "PermissionsTest/check_permission_map_test.cpp", diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp deleted file mode 100644 index cd529a108..000000000 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp +++ /dev/null @@ -1,560 +0,0 @@ -/* - * Copyright (c) 2025 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include "get_self_permission_status_test.h" -#include "access_token_error.h" -#include "nativetoken_kit.h" -#include "test_common.h" -#include "token_setproc.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -using namespace testing::ext; -namespace { -static const std::string TEST_BUNDLE_NAME = "ohos"; -static const int TEST_USER_ID = 0; -static const std::string APPROXIMATELY_LOCATION_PERMISSION = "ohos.permission.APPROXIMATELY_LOCATION"; -static const std::string LOCATION_PERMISSION = "ohos.permission.LOCATION"; - -PermissionStateFull g_permTestState1 = { - .permissionName = APPROXIMATELY_LOCATION_PERMISSION, - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}, -}; - -PermissionStateFull g_permTestState2 = { - .permissionName = "ohos.permission.MICROPHONE", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET} -}; - -PermissionStateFull g_permTestState3 = { - .permissionName = "ohos.permission.WRITE_CALENDAR", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED} -}; - -PermissionStateFull g_permTestState4 = { - .permissionName = "ohos.permission.READ_IMAGEVIDEO", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET} -}; - -PermissionStateFull g_permTestState5 = { - .permissionName = LOCATION_PERMISSION, - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}, -}; - -PermissionStateFull g_permTestState6 = { - .permissionName = "ohos.permission.READ_CALENDAR", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}, -}; - -HapPolicyParams g_policy = { - .apl = APL_NORMAL, - .domain = "domain", - .permStateList = {g_permTestState1, g_permTestState2, g_permTestState3, g_permTestState4, g_permTestState5, - g_permTestState6} -}; - -static uint64_t g_selfTokenId = 0; -} - -void GetSelfPermissionStatusTest::SetUpTestCase() -{ - g_selfTokenId = GetSelfTokenID(); - TestCommon::SetTestEvironment(g_selfTokenId); -} - -void GetSelfPermissionStatusTest::TearDownTestCase() -{ - ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(g_selfTokenId)); - TestCommon::ResetTestEvironment(); -} - -void GetSelfPermissionStatusTest::SetUp() -{ - HapInfoParams info = { - .userID = TEST_USER_ID, - .bundleName = TEST_BUNDLE_NAME, - .instIndex = 0, - .appIDDesc = "appIDDesc", - .apiVersion = 20 // 20: api version - }; - - AccessTokenIDEx tokenIdEx = TestCommon::AllocAndGrantHapTokenByTest(info, g_policy); - AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(tokenId, INVALID_TOKENID); - ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx)); -} - -void GetSelfPermissionStatusTest::TearDown() -{ - AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; - if (tokenId != INVALID_TOKENID) { - EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenId)); - } -} - -/** - * @tc.name: GetSelfPermissionStatus001 - * @tc.desc: default permission status - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus001, TestSize.Level1) -{ - AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(INVALID_TOKENID, tokenID); - - // default flag, user not operation - PermissionOper status; - int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - // user set DENIED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - // user fixed DENIED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(SETTING_OPER, status); - - // user set GRANTED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(PASS_OPER, status); - - // not request permission CAMERA - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(INVALID_OPER, status); -} - -/** - * @tc.name: GetSelfPermissionStatus002 - * @tc.desc: forbidden permission status - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus002, TestSize.Level1) -{ - AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(INVALID_TOKENID, tokenID); - - { - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG"); - MockHapToken mock("GetSelfPermissionStatus002", reqPerm, true); - - HapBaseInfo hapBaseInfo = { - .userID = TEST_USER_ID, - .bundleName = TEST_BUNDLE_NAME, - .instIndex = 0, - }; - - ASSERT_EQ(0, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true)); - } - - // default flag, user not operation - PermissionOper status; - int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(FORBIDDEN_OPER, status); - - // user set DENIED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(FORBIDDEN_OPER, status); - - // user fixed DENIED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(FORBIDDEN_OPER, status); - - // user set GRANTED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(FORBIDDEN_OPER, status); - - // not request permission CAMERA - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(INVALID_OPER, status); -} - -/** - * @tc.name: GetSelfPermissionStatus003 - * @tc.desc: grant permission status - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus003, TestSize.Level1) -{ - AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(INVALID_TOKENID, tokenID); - - { - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GetSelfPermissionStatus003", reqPerm, true); - - // grant user set - ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET)); - } - - // grant permission - PermissionOper status; - int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(PASS_OPER, status); - - // user set DENIED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - // user fixed DENIED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(SETTING_OPER, status); - - // user set GRANTED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(PASS_OPER, status); - - // not request permission CAMERA - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(INVALID_OPER, status); -} - -/** - * @tc.name: GetSelfPermissionStatus004 - * @tc.desc: revoke user set permission status - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus004, TestSize.Level1) -{ - AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(INVALID_TOKENID, tokenID); - - { - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GetSelfPermissionStatus004", reqPerm, true); - - // revoke user set - ASSERT_EQ(0, AccessTokenKit::RevokePermission(tokenID, "ohos.permission.READ_IMAGEVIDEO", PERMISSION_USER_SET)); - } - - // default flag, user not operation - PermissionOper status; - int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - // user set DENIED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - // user fixed DENIED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(SETTING_OPER, status); - - // revoke user set - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - // not request permission CAMERA - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(INVALID_OPER, status); -} - -/** - * @tc.name: GetSelfPermissionStatus005 - * @tc.desc: revoke user fixed permission status - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus005, TestSize.Level1) -{ - AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(INVALID_TOKENID, tokenID); - - { - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GetSelfPermissionStatus005", reqPerm, true); - - // revoke user fixed - ASSERT_EQ(0, - AccessTokenKit::RevokePermission(tokenID, "ohos.permission.READ_IMAGEVIDEO", PERMISSION_USER_FIXED)); - } - - // default flag, user not operation - PermissionOper status; - int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - // user set DENIED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - // user fixed DENIED - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(SETTING_OPER, status); - - // revoke user fixed - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(SETTING_OPER, status); - - // not request permission CAMERA - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(INVALID_OPER, status); -} - -/** - * @tc.name: GetSelfPermissionStatus006 - * @tc.desc: invalid permission - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus006, TestSize.Level1) -{ - AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(INVALID_TOKENID, tokenID); - - PermissionOper status; - // invalid permission - int32_t ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.TTTTT", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(INVALID_OPER, status); - - // not request permission - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.ACCESS_NEARLINK", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(INVALID_OPER, status); - - // empty permission - std::string testPerm1; - ret = AccessTokenKit::GetSelfPermissionStatus(testPerm1, status); - EXPECT_EQ(ERR_PARAM_INVALID, ret); - - // oversize permission - std::string testPerm2(257, 'a'); - ret = AccessTokenKit::GetSelfPermissionStatus(testPerm2, status); - EXPECT_EQ(ERR_PARAM_INVALID, ret); -} - -/** - * @tc.name: GetSelfPermissionStatus007 - * @tc.desc: location permission test - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus007, TestSize.Level1) -{ - AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(INVALID_TOKENID, tokenID); - - // default flag, user not operation - PermissionOper status; - int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - // APPROXIMATELY_LOCATION not set, LOCATION status is INVALID_OPER - ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(INVALID_OPER, status); - - { - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GetSelfPermissionStatus0071", reqPerm, true); - - // grant user set - ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET)); - } - - // grant permission - ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(PASS_OPER, status); - - // APPROXIMATELY_LOCATION already set, LOCATION status is DYNAMIC_OPER - ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - { - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GetSelfPermissionStatus0072", reqPerm, true); - - // grant user set - ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, LOCATION_PERMISSION, PERMISSION_USER_SET)); - } - - // grant permission - ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(PASS_OPER, status); -} - -/** - * @tc.name: GetSelfPermissionStatus008 - * @tc.desc: only change flag - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus008, TestSize.Level1) -{ - AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(INVALID_TOKENID, tokenID); - - // default flag, user not operation - PermissionOper status; - int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - { - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GetSelfPermissionStatus0081", reqPerm, true); - - // grant user set - ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET)); - } - - // grant permission - ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(PASS_OPER, status); - - { - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GetSelfPermissionStatus0082", reqPerm, true); - - // revoke user fixed - ASSERT_EQ(0, AccessTokenKit::RevokePermission( - tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_FIXED)); - } - - // revoke permission - ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(SETTING_OPER, status); - - { - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GetSelfPermissionStatus0083", reqPerm, true); - - // revoke to default flag - ASSERT_EQ(0, AccessTokenKit::RevokePermission( - tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_DEFAULT_FLAG)); - } - - ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); -} - -/** - * @tc.name: GetSelfPermissionStatus009 - * @tc.desc: test permission group - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus009, TestSize.Level1) -{ - AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(INVALID_TOKENID, tokenID); - - PermissionOper status; - - // default - int32_t ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_CALENDAR", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - // default denied - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(SETTING_OPER, status); - - { - std::vector reqPerm; - reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); - MockHapToken mock("GetSelfPermissionStatus009", reqPerm, true); - - // grant user set - ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, "ohos.permission.WRITE_CALENDAR", PERMISSION_USER_SET)); - } - - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_CALENDAR", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(DYNAMIC_OPER, status); - - // no change - ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); - EXPECT_EQ(RET_SUCCESS, ret); - EXPECT_EQ(PASS_OPER, status); -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h deleted file mode 100644 index 58ee97f3e..000000000 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 2025 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef GET_SELF_PERMISSION_STATUS_TEST_H -#define GET_SELF_PERMISSION_STATUS_TEST_H - -#include - -#include "access_token.h" -#include "accesstoken_kit.h" -#include "permission_def.h" -#include "permission_state_full.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class GetSelfPermissionStatusTest : public testing::Test { -public: - static void SetUpTestCase(); - static void TearDownTestCase(); - void SetUp(); - void TearDown(); - unsigned int GetAccessTokenID(int userID, std::string bundleName, int instIndex); - AccessTokenID AllocTestToken(const HapInfoParams& hapInfo, const HapPolicyParams& hapPolicy) const; - void DeleteTestToken() const; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // GET_SELF_PERMISSION_STATUS_TEST_H diff --git a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp index 6d919b20c..1678ab82f 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp @@ -341,19 +341,6 @@ HWTEST_F(AccessTokenMockTest, GetPermissionRequestToggleStatus001, TestSize.Leve status, userID)); } -/** - * @tc.name: GetSelfPermissionStatus001 - * @tc.desc: GetSelfPermissionStatus with proxy is null - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(AccessTokenMockTest, GetSelfPermissionStatus001, TestSize.Level1) -{ - std::string permission = "ohos.permission.CAMERA"; - PermissionOper status; - ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::GetSelfPermissionStatus(permission, status)); -} - /** * @tc.name: GetSelfPermissionsState001 * @tc.desc: GetSelfPermissionsState with proxy is null diff --git a/interfaces/kits/cj/accesstoken/include/at_manager_impl.h b/interfaces/kits/cj/accesstoken/include/at_manager_impl.h index 96e92dae8..512f66d93 100644 --- a/interfaces/kits/cj/accesstoken/include/at_manager_impl.h +++ b/interfaces/kits/cj/accesstoken/include/at_manager_impl.h @@ -57,7 +57,7 @@ const int AT_PERM_OPERA_FAIL = -1; const int AT_PERM_OPERA_SUCC = 0; const int32_t PARAM_DEFAULT_VALUE = -1; -struct GrantStatusCache { +struct PermissionStatusCache { int32_t status; std::string paramValue; }; diff --git a/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp b/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp index 9165560ce..6cf2e6c12 100644 --- a/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp +++ b/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp @@ -33,7 +33,7 @@ namespace CJSystemapi { std::mutex g_lockForPermStateChangeRegisters; std::vector g_permStateChangeRegisters; std::mutex g_lockCache; -std::map g_cache; +std::map g_cache; static PermissionParamCache g_paramCache; std::mutex g_lockForPermRequestCallbacks; static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change"; diff --git a/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h b/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h index 5545ecaa2..d36729b27 100644 --- a/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h +++ b/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h @@ -93,16 +93,10 @@ struct AtManagerSyncContext { std::string permissionName; int32_t result = RET_FAILED; int32_t errorCode = 0; - PermissionOper permissionsState = PermissionOper::INVALID_OPER; -}; - -struct GrantStatusCache { - int32_t status; - std::string paramValue; }; struct PermissionStatusCache { - PermissionOper status; + int32_t status; std::string paramValue; }; @@ -130,7 +124,6 @@ private: static napi_value SetPermissionRequestToggleStatus(napi_env env, napi_callback_info info); static napi_value GetPermissionRequestToggleStatus(napi_env env, napi_callback_info info); static napi_value RequestAppPermOnSetting(napi_env env, napi_callback_info info); - static napi_value GetSelfPermissionStatusSync(napi_env env, napi_callback_info info); static bool ParseInputVerifyPermissionOrGetFlag(const napi_env env, const napi_callback_info info, AtManagerAsyncContext& asyncContext); @@ -140,8 +133,6 @@ private: AtManagerAsyncContext& asyncContext); static bool ParseInputGetToggleStatus(const napi_env env, const napi_callback_info info, AtManagerAsyncContext& asyncContext); - static bool ParseInputGetPermStatus(const napi_env env, const napi_callback_info info, - AtManagerSyncContext& syncContext); static void VerifyAccessTokenExecute(napi_env env, void *data); static void VerifyAccessTokenComplete(napi_env env, napi_status status, void *data); static void CheckAccessTokenExecute(napi_env env, void* data); @@ -181,7 +172,7 @@ private: std::vector& batchPermStateChangeRegisters, const napi_env env); static void DeleteRegisterFromVector(const PermStateChangeScope& scopeInfo, const napi_env env, napi_ref subscriberRef); - static std::string GetPermParamValue(PermissionParamCache& paramCache, const char* paramKey); + static std::string GetPermParamValue(); static void UpdatePermissionCache(AtManagerSyncContext* syncContext); }; } // namespace AccessToken diff --git a/services/accesstokenmanager/etc/access_token.para b/services/accesstokenmanager/etc/access_token.para index 27ad49588..c9f7458a9 100644 --- a/services/accesstokenmanager/etc/access_token.para +++ b/services/accesstokenmanager/etc/access_token.para @@ -1,4 +1,4 @@ -# Copyright (c) 2022-2025 Huawei Device Co., Ltd. +# Copyright (c) 2022 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -13,5 +13,4 @@ accesstoken.permission.change = 0 -accesstoken.permission.init = 0 -accesstoken.permission.flagchange = 0 \ No newline at end of file +accesstoken.permission.init = 0 \ No newline at end of file diff --git a/services/accesstokenmanager/etc/access_token.para.dac b/services/accesstokenmanager/etc/access_token.para.dac index 15b0be5d2..33de56a3e 100644 --- a/services/accesstokenmanager/etc/access_token.para.dac +++ b/services/accesstokenmanager/etc/access_token.para.dac @@ -1,4 +1,4 @@ -# Copyright (c) 2022-2025 Huawei Device Co., Ltd. +# Copyright (c) 2022 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -13,4 +13,3 @@ accesstoken.permission.change="access_token:access_token:0774" accesstoken.permission.init="access_token:access_token:0774" -accesstoken.permission.flagchange="access_token:access_token:0774" diff --git a/services/accesstokenmanager/idl/IAccessTokenManager.idl b/services/accesstokenmanager/idl/IAccessTokenManager.idl index c5497e408..31da0d225 100644 --- a/services/accesstokenmanager/idl/IAccessTokenManager.idl +++ b/services/accesstokenmanager/idl/IAccessTokenManager.idl @@ -86,5 +86,4 @@ interface OHOS.Security.AccessToken.IAccessTokenManager{ [ipccode 67] void GetKernelPermissions([in] unsigned int tokenId, [out] List kernelPermIdlList); [ipccode 68] void GetReqPermissionByName([in] unsigned int tokenId, [in] String permissionName, [out] String value); [ipccode 80] void VerifyAccessToken([in] unsigned int tokenID, [in] List permissionList, [out] List permStateList); - [ipccode 81] void GetSelfPermissionStatus([in] String permissionName, [out] int status); } \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h index 8fd5fef42..14cd8a00a 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h @@ -85,7 +85,6 @@ public: std::vector& permsList, int32_t apiVersion); void NotifyPermGrantStoreResult(bool result, uint64_t timestamp); void ParamUpdate(const std::string& permissionName, uint32_t flag, bool filtered); - void ParamFlagUpdate(); void NotifyWhenPermissionStateUpdated(AccessTokenID tokenID, const std::string& permissionName, bool isGranted, uint32_t flag, const std::shared_ptr& infoPtr); void AddNativePermToKernel( @@ -126,9 +125,6 @@ private: OHOS::Utils::RWLock permParamSetLock_; uint64_t paramValue_ = 0; - OHOS::Utils::RWLock permFlagParamSetLock_; - uint64_t paramFlagValue_ = 0; - OHOS::Utils::RWLock permToggleStateLock_; DISALLOW_COPY_AND_MOVE(PermissionManager); diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index ad9361d70..5ab5562ba 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -58,7 +58,6 @@ public: int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; int GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; - int32_t GetSelfPermissionStatus(const std::string& permissionName, int32_t& status) override; int32_t GetSelfPermissionsState(std::vector& reqPermList, PermissionGrantInfoParcel& infoParcel, int32_t& permOper) override; int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector& reqPermList) override; diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index 24e1a9336..e8f12d457 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -50,7 +50,6 @@ namespace Security { namespace AccessToken { namespace { static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change"; -static const char* PERMISSION_STATUS_FLAG_CHANGE_KEY = "accesstoken.permission.flagchange"; static constexpr int32_t VALUE_MAX_LEN = 32; static const std::vector g_notDisplayedPerms = { "ohos.permission.ANSWER_CALL", @@ -93,18 +92,9 @@ PermissionManager::PermissionManager() if (ret < 0) { LOGE(ATM_DOMAIN, ATM_TAG, "Return default value, ret=%{public}d", ret); paramValue_ = 0; - } else { - paramValue_ = static_cast(std::atoll(value)); - } - - char flagValue[VALUE_MAX_LEN] = {0}; - ret = GetParameter(PERMISSION_STATUS_FLAG_CHANGE_KEY, "", flagValue, VALUE_MAX_LEN - 1); - if (ret < 0) { - LOGE(ATM_DOMAIN, ATM_TAG, "Return default flag value, ret=%{public}d", ret); - paramFlagValue_ = 0; return; } - paramFlagValue_ = static_cast(std::atoll(flagValue)); + paramValue_ = static_cast(std::atoll(value)); } PermissionManager::~PermissionManager() @@ -328,18 +318,6 @@ void PermissionManager::ParamUpdate(const std::string& permissionName, uint32_t } } -void PermissionManager::ParamFlagUpdate() -{ - Utils::UniqueWriteGuard infoGuard(this->permFlagParamSetLock_); - paramFlagValue_++; - LOGD(ATM_DOMAIN, ATM_TAG, - "paramFlagValue_ change %{public}llu", static_cast(paramFlagValue_)); - int32_t res = SetParameter(PERMISSION_STATUS_FLAG_CHANGE_KEY, std::to_string(paramFlagValue_).c_str()); - if (res != 0) { - LOGE(ATM_DOMAIN, ATM_TAG, "SetParameter failed %{public}d", res); - } -} - void PermissionManager::NotifyWhenPermissionStateUpdated(AccessTokenID tokenID, const std::string& permissionName, bool isGranted, uint32_t flag, const std::shared_ptr& infoPtr) { @@ -389,10 +367,6 @@ int32_t PermissionManager::UpdateTokenPermissionState( "INT_VAL2", static_cast(flag), "NEED_KILL", needKill); return ret; } - - // notify flag change - ParamFlagUpdate(); - if (statusChanged) { NotifyWhenPermissionStateUpdated(id, permission, isGranted, flag, infoPtr); // To notify kill process when perm is revoke diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 173e99765..ccdf0fff3 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -266,21 +266,6 @@ int AccessTokenManagerService::GetReqPermissions( return ret; } -int32_t AccessTokenManagerService::GetSelfPermissionStatus(const std::string& permissionName, int32_t& status) -{ - status = INVALID_OPER; - AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); - PermissionListStateParcel parcel; - parcel.permsState.permissionName = permissionName; - parcel.permsState.state = INVALID_OPER; - std::vector list{parcel}; - (void)GetPermissionsState(callingTokenID, list); - if (!list.empty()) { - status = static_cast(list[0].permsState.state); - } - return ERR_OK; -} - int32_t AccessTokenManagerService::GetSelfPermissionsState(std::vector& reqPermList, PermissionGrantInfoParcel& infoParcel, int32_t& permOper) { diff --git a/test/fuzztest/innerkits/accesstoken/BUILD.gn b/test/fuzztest/innerkits/accesstoken/BUILD.gn index 6ebac1ef1..8b1334097 100644 --- a/test/fuzztest/innerkits/accesstoken/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/BUILD.gn @@ -40,7 +40,6 @@ group("fuzztest") { "getrendertokenid_fuzzer:GetRenderTokenIdFuzzTest", "getreqpermissions_fuzzer:GetReqPermissionsFuzzTest", "getselfpermissionsstate_fuzzer:GetSelfPermissionsStateFuzzTest", - "getselfpermissionstatus_fuzzer:GetSelfPermissionStatusFuzzTest", "gettokenidbyuserid_fuzzer:GetTokenIDByUserIDFuzzTest", "gettokentype_fuzzer:GetTokenTypeFuzzTest", "gettokentypeflag_fuzzer:GetTokenTypeFlagFuzzTest", diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn deleted file mode 100644 index 2968c428b..000000000 --- a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright (c) 2025 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/config/features.gni") -import("//build/test.gni") -import("../../../../../access_token.gni") - -ohos_fuzztest("GetSelfPermissionStatusFuzzTest") { - module_out_path = module_output_path_interface_access_token - fuzz_config_file = "." - include_dirs = [ - "${access_token_path}/interfaces/innerkits/accesstoken/include", - "${access_token_path}/test/fuzztest/common", - ] - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - sources = [ "getselfpermissionstatus_fuzzer.cpp" ] - deps = [ - "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", - ] - - configs = [ "${access_token_path}/config:coverage_flags" ] - - external_deps = [ - "c_utils:utils", - "hilog:libhilog", - ] -} diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init deleted file mode 100644 index 8f37f0925..000000000 --- a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright (c) 2025 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp deleted file mode 100644 index a9b21bd23..000000000 --- a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 2025 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "getselfpermissionstatus_fuzzer.h" - -#include -#include -#include -#include "accesstoken_fuzzdata.h" -#undef private -#include "accesstoken_kit.h" - -using namespace std; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { - bool GetSelfPermissionStatusFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - - AccessTokenFuzzData fuzzData(data, size); - std::string permissionName = fuzzData.GenerateStochasticString(); - PermissionOper status; - - AccessTokenKit::GetSelfPermissionStatus(permissionName, status); - return true; - } -} - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) -{ - /* Run your code on data */ - OHOS::GetSelfPermissionStatusFuzzTest(data, size); - return 0; -} diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h deleted file mode 100644 index 46854bbce..000000000 --- a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Copyright (c) 2025 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H -#define TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H - -#define FUZZ_PROJECT_NAME "getselfpermissionstatus_fuzzer" - -#include -#include -#include -#include -#include -#include - -#endif // TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml deleted file mode 100644 index 66e1dcac4..000000000 --- a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - diff --git a/test/fuzztest/services/accesstoken/BUILD.gn b/test/fuzztest/services/accesstoken/BUILD.gn index ef172e338..99767dcd1 100644 --- a/test/fuzztest/services/accesstoken/BUILD.gn +++ b/test/fuzztest/services/accesstoken/BUILD.gn @@ -39,7 +39,6 @@ group("fuzztest") { "getreqpermissionbynamestub_fuzzer:GetReqPermissionByNameStubFuzzTest", "getreqpermissionsstub_fuzzer:GetReqPermissionsStubFuzzTest", "getselfpermissionsstatestub_fuzzer:GetSelfPermissionsStateStubFuzzTest", - "getselfpermissionstatusstub_fuzzer:GetSelfPermissionStatusStubFuzzTest", "gettokenidbyuseridstub_fuzzer:GetTokenIDByUserIDStubFuzzTest", "gettokentypestub_fuzzer:GetTokenTypeStubFuzzTest", "grantpermissionforspecifiedtimestub_fuzzer:GrantPermissionForSpecifiedTimeStubFuzzTest", diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn deleted file mode 100644 index 4e1b33289..000000000 --- a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright (c) 2025 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/config/features.gni") -import("//build/test.gni") -import("../../../../../access_token.gni") -import("../access_token_service_fuzz.gni") - -ohos_fuzztest("GetSelfPermissionStatusStubFuzzTest") { - module_out_path = module_output_path_service_access_token - fuzz_config_file = "." - - sources = [ "getselfpermissionstatusstub_fuzzer.cpp" ] - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - include_dirs = access_token_include_dirs - - deps = access_token_deps - - configs = [ - "${access_token_path}/config:coverage_flags", - "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", - ] - - external_deps = access_token_external_deps - - include_dirs += access_token_impl_include_dirs - - cflags_cc = access_token_cflags_cc - - sources += access_token_sources - - sources += access_token_impl_sources -} diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init deleted file mode 100644 index 65af8ee8d..000000000 --- a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright (c) 2025 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FUZZ \ No newline at end of file diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp deleted file mode 100644 index 5587af8d2..000000000 --- a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 2025 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "getselfpermissionstatusstub_fuzzer.h" - -#include -#include -#include -#undef private -#include "accesstoken_fuzzdata.h" -#include "accesstoken_manager_service.h" -#include "iaccess_token_manager.h" - -using namespace std; -using namespace OHOS; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { - bool GetSelfPermissionStatusStubFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - AccessTokenFuzzData fuzzData(data, size); - std::string permissionName = fuzzData.GenerateStochasticString(); - MessageParcel datas; - datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); - if (!datas.WriteString(permissionName)) { - return false; - } - - uint32_t code = static_cast( - IAccessTokenManagerIpcCode::COMMAND_GET_SELF_PERMISSION_STATUS); - MessageParcel reply; - MessageOption option; - DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); - return true; - } -} - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) -{ - /* Run your code on data */ - OHOS::GetSelfPermissionStatusStubFuzzTest(data, size); - return 0; -} - diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h deleted file mode 100644 index 6c3de023f..000000000 --- a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2025 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H -#define TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "getselfpermissionstatusstub_fuzzer" - -#endif // TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml deleted file mode 100644 index 66e1dcac4..000000000 --- a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - -- Gitee From ee6d5a8f3b6d29b809b2cf44ae9b8600252e741c Mon Sep 17 00:00:00 2001 From: zhaobenhong Date: Thu, 24 Apr 2025 04:18:09 +0000 Subject: [PATCH 067/103] update services/accesstokenmanager/permission_definitions.json. Signed-off-by: zhaobenhong --- .../accesstokenmanager/permission_definitions.json | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 85761d758..3dbf4856c 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6432,16 +6432,6 @@ "provisionEnable": true, "distributedSceneEnable": false }, - { - "name": "ohos.permission.MANAGE_SCREEN_TIME_GUARD", - "grantMode": "system_grant", - "availableLevel": "system_basic", - "availableType": "NORMAL", - "since": 20, - "deprecated": "", - "provisionEnable": true, - "distributedSceneEnable": false - }, { "name": "ohos.permission.HIVIEW_TRACE_MANAGE", "grantMode": "system_grant", -- Gitee From 25486bee205c11c88f8b6511e3a6ca944a4df6bc Mon Sep 17 00:00:00 2001 From: zhouyan Date: Thu, 24 Apr 2025 14:45:46 +0800 Subject: [PATCH 068/103] =?UTF-8?q?napi=E6=8A=9B=E5=BC=82=E5=B8=B8Permissi?= =?UTF-8?q?ons=E7=B1=BB=E5=9E=8B=E6=95=B4=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: zhouyan Change-Id: I99a7fc12de7c3c298950e91334f22a0442463a13 --- .../js/napi/accesstoken/src/napi_atmanager.cpp | 14 +++++++------- .../accesstoken/src/napi_request_permission.cpp | 4 ++-- .../privacy/src/permission_record_manager_napi.cpp | 14 +++++++------- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp index fb96bff4c..be03a8066 100644 --- a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp +++ b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp @@ -345,7 +345,7 @@ bool NapiAtManager::ParseInputVerifyPermissionOrGetFlag(const napi_env env, cons // 1: the second parameter of argv if (!ParseString(env, argv[1], asyncContext.permissionName)) { - errMsg = GetParamErrorMsg("permissionName", "string"); + errMsg = GetParamErrorMsg("permissionName", "Permissions"); NAPI_CALL_BASE(env, napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false); return false; @@ -382,7 +382,7 @@ bool NapiAtManager::ParseInputVerifyPermissionSync(const napi_env env, const nap // 1: the second parameter of argv if (!ParseString(env, argv[1], syncContext.permissionName)) { - errMsg = GetParamErrorMsg("permissionName", "string"); + errMsg = GetParamErrorMsg("permissionName", "Permissions"); NAPI_CALL_BASE(env, napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false); return false; @@ -609,7 +609,7 @@ napi_value NapiAtManager::VerifyAccessTokenSync(napi_env env, napi_callback_info } if ((syncContext->permissionName.empty()) || ((syncContext->permissionName.length() > NapiContextCommon::MAX_LENGTH))) { - std::string errMsg = GetParamErrorMsg("permissionName", "string"); + std::string errMsg = GetParamErrorMsg("permissionName", "Permissions"); NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, JS_ERROR_PARAM_INVALID, errMsg))); return nullptr; } @@ -661,7 +661,7 @@ bool NapiAtManager::ParseInputGrantOrRevokePermission(const napi_env env, const // 1: the second parameter of argv if (!ParseString(env, argv[1], asyncContext.permissionName)) { - errMsg = GetParamErrorMsg("permissionName", "string"); + errMsg = GetParamErrorMsg("permissionName", "Permissions"); NAPI_CALL_BASE(env, napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false); return false; @@ -989,7 +989,7 @@ bool NapiAtManager::ParseInputSetToggleStatus(const napi_env env, const napi_cal asyncContext.env = env; // 0: the first parameter of argv if (!ParseString(env, argv[0], asyncContext.permissionName)) { - errMsg = GetParamErrorMsg("permissionName", "string"); + errMsg = GetParamErrorMsg("permissionName", "Permissions"); NAPI_CALL_BASE(env, napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false); return false; @@ -1024,7 +1024,7 @@ bool NapiAtManager::ParseInputGetToggleStatus(const napi_env env, const napi_cal asyncContext.env = env; // 0: the first parameter of argv if (!ParseString(env, argv[0], asyncContext.permissionName)) { - errMsg = GetParamErrorMsg("permissionName", "string"); + errMsg = GetParamErrorMsg("permissionName", "Permissions"); NAPI_CALL_BASE(env, napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false); return false; @@ -1171,7 +1171,7 @@ bool NapiAtManager::FillPermStateChangeScope(const napi_env env, const napi_valu scopeInfo.tokenIDs = {GetSelfTokenID()}; } if (!ParseStringArray(env, argv[index++], scopeInfo.permList)) { - errMsg = GetParamErrorMsg("permissionNameList", "Array"); + errMsg = GetParamErrorMsg("permissionNameList", "Array"); napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)); return false; } diff --git a/frameworks/js/napi/accesstoken/src/napi_request_permission.cpp b/frameworks/js/napi/accesstoken/src/napi_request_permission.cpp index 38930d947..cd2a6c3f6 100644 --- a/frameworks/js/napi/accesstoken/src/napi_request_permission.cpp +++ b/frameworks/js/napi/accesstoken/src/napi_request_permission.cpp @@ -640,7 +640,7 @@ bool NapiRequestPermission::ParseRequestPermissionFromUser(const napi_env& env, // argv[1] : permissionList if (!ParseStringArray(env, argv[1], asyncContext->permissionList) || (asyncContext->permissionList.empty())) { - errMsg = GetParamErrorMsg("permissionList", "Array"); + errMsg = GetParamErrorMsg("permissionList", "Array"); NAPI_CALL_BASE( env, napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false); return false; @@ -805,7 +805,7 @@ bool NapiRequestPermission::ParseInputToGetQueryResult(const napi_env& env, cons // the second parameter of argv if (!ParseStringArray(env, argv[1], asyncContext.permissionList)) { - errMsg = GetParamErrorMsg("permissions", "Array"); + errMsg = GetParamErrorMsg("permissions", "Array"); NAPI_CALL_BASE( env, napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false); return false; diff --git a/frameworks/js/napi/privacy/src/permission_record_manager_napi.cpp b/frameworks/js/napi/privacy/src/permission_record_manager_napi.cpp index d5f55eb75..37f3e0a2e 100644 --- a/frameworks/js/napi/privacy/src/permission_record_manager_napi.cpp +++ b/frameworks/js/napi/privacy/src/permission_record_manager_napi.cpp @@ -192,7 +192,7 @@ static bool ParseAddPermissionRecord( // 1: the second parameter of argv if (!ParseString(env, argv[SECOND_PARAM], asyncContext.permissionName)) { - ParamResolveErrorThrow(env, "permissionName", "string"); + ParamResolveErrorThrow(env, "permissionName", "Permissions"); return false; } @@ -295,7 +295,7 @@ static bool ParseStartAndStopUsingPermission( // 1: the second parameter of argv is permissionName if (!ParseString(env, argv[SECOND_PARAM], asyncContext.permissionName)) { - ParamResolveErrorThrow(env, "permissionName", "string"); + ParamResolveErrorThrow(env, "permissionName", "Permissions"); return false; } @@ -492,7 +492,7 @@ static bool ParseRequest(const napi_env& env, const napi_value& value, Permissio if (IsNeedParseProperty(env, value, "permissionNames", property) && !ParseStringArray(env, property, request.permissionList)) { - ParamResolveErrorThrow(env, "request:permissionNames", "Array"); + ParamResolveErrorThrow(env, "request:permissionNames", "Array"); return false; } @@ -943,7 +943,7 @@ static bool ParseInputToRegister(const napi_env env, const napi_callback_info cb std::vector permList; // 1: the second parameter of argv if (!ParseStringArray(env, argv[1], permList)) { - ParamResolveErrorThrow(env, "permList", "Array"); + ParamResolveErrorThrow(env, "permList", "Array"); return false; } std::sort(permList.begin(), permList.end()); @@ -979,13 +979,13 @@ static bool ParseInputToUnregister(const napi_env env, const napi_callback_info std::string type; // 0: the first parameter of argv if (!ParseString(env, argv[0], type)) { - ParamResolveErrorThrow(env, "permList", "Array"); + ParamResolveErrorThrow(env, "type", "string"); return false; } // 1: the second parameter of argv std::vector permList; if (!ParseStringArray(env, argv[1], permList)) { - ParamResolveErrorThrow(env, "permList", "Array"); + ParamResolveErrorThrow(env, "permList", "Array"); return false; } std::sort(permList.begin(), permList.end()); @@ -1189,7 +1189,7 @@ static bool ParseGetPermissionUsedType(const napi_env env, const napi_callback_i } if (!ParseString(env, argv[1], permissionName)) { - ParamResolveErrorThrow(env, "permissionName", "string"); + ParamResolveErrorThrow(env, "permissionName", "Permissions"); return false; } } -- Gitee From 181ca430f833df9de7384f79fb90947103dfacad Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Tue, 22 Apr 2025 17:10:41 +0800 Subject: [PATCH 069/103] =?UTF-8?q?=E6=BC=8F=E6=B4=9Emaster=20250422?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: I4c2ee411439093eae5a97a844ed30e457a626123 --- .../test/unittest/src/privacy_kit_test.cpp | 17 +++++++++++++++-- .../src/service/privacy_manager_service.cpp | 6 ++++++ 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 3cbaca374..10dc149f4 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -2676,8 +2676,7 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest001, TestSize.Level1) */ HWTEST_F(PrivacyKitTest, SetMutePolicyTest002, TestSize.Level1) { - std::vector reqPerm; - MockHapToken mock("SetMutePolicyTest002", reqPerm, true); // as a system hap without SET_MUTE_POLICY + MockNativeToken mock("accesstoken_service"); // as a sa without SET_MUTE_POLICY ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID)); } @@ -2696,6 +2695,20 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest003, TestSize.Level1) PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID)); } +/** + * @tc.name: SetMutePolicyTest004 + * @tc.desc: Test SetMutePolicy with not permission + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyKitTest, SetMutePolicyTest004, TestSize.Level1) +{ + std::vector reqPerm; + MockHapToken mock("SetMutePolicyTest004", reqPerm, true); // as a system hap + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, + PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID)); +} + /** * @tc.name: SetHapWithFGReminder01 * @tc.desc: SetHapWithFGReminder with valid tokenId. diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index b953cb250..11749d28d 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -487,6 +487,12 @@ int32_t PrivacyManagerService::IsAllowedUsingPermission(AccessTokenID tokenId, c int32_t PrivacyManagerService::SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, AccessTokenID tokenID) { + AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); + if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) != TOKEN_NATIVE) && + (AccessTokenKit::GetTokenTypeFlag(callingTokenID) != TOKEN_SHELL)) { + return PrivacyError::ERR_PERMISSION_DENIED; + } + if (!VerifyPermission(SET_MUTE_POLICY)) { return PrivacyError::ERR_PERMISSION_DENIED; } -- Gitee From bc1cdbc8d7d4683fe8f6dd3070ed7fad3af8c221 Mon Sep 17 00:00:00 2001 From: zhouyan Date: Thu, 24 Apr 2025 18:18:18 +0800 Subject: [PATCH 070/103] =?UTF-8?q?64=E4=BD=8D=E7=BC=96=E8=AF=91=E6=8A=A5?= =?UTF-8?q?=E9=94=99=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: zhouyan Change-Id: I2d0234b4a8c75f7ff2ff085d27dc5fafdf7ad16d --- .../main/cpp/src/token/accesstoken_info_manager.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 88a611f5a..e5d1ba764 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -111,7 +111,7 @@ void AccessTokenInfoManager::Init(uint32_t& hapSize, uint32_t& nativeSize, uint3 ret = policy->GetDlpPermissions(dlpPerms); dlpSize = dlpPerms.size(); if (ret == RET_SUCCESS) { - LOGI(ATM_DOMAIN, ATM_TAG, "Load dlpPer size=%{public}zu.", dlpSize); + LOGI(ATM_DOMAIN, ATM_TAG, "Load dlpPer size=%{public}u.", dlpSize); DlpPermissionSetManager::GetInstance().ProcessDlpPermInfos(dlpPerms); } #endif -- Gitee From 20c9438c21c06f3491da96cdfa59425407b78510 Mon Sep 17 00:00:00 2001 From: AXYChen Date: Thu, 3 Apr 2025 16:37:51 +0800 Subject: [PATCH 071/103] =?UTF-8?q?=E8=BF=81=E7=A7=BB=E9=9A=90=E7=A7=81?= =?UTF-8?q?=E4=B8=AD=E7=9A=84=E5=AE=89=E5=85=A8=E6=8E=A7=E4=BB=B6=E5=88=B0?= =?UTF-8?q?AT?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: AXYChen Change-Id: I0708c735cf7c3959b19dfbf18edd459a0de0df64 --- frameworks/accesstoken/BUILD.gn | 5 ++ .../include/sec_comp_enhance_data_parcel.h | 0 .../src/sec_comp_enhance_data_parcel.cpp | 0 frameworks/privacy/BUILD.gn | 5 -- interfaces/innerkits/accesstoken/BUILD.gn | 3 + .../accesstoken/include/accesstoken_kit.h | 25 ++++++ .../include/sec_comp_enhance_data.h | 4 - .../accesstoken/libaccesstoken_sdk.map | 3 + .../accesstoken/src/accesstoken_kit.cpp | 17 ++++ .../src/accesstoken_manager_client.cpp | 45 ++++++++++ .../src/accesstoken_manager_client.h | 5 ++ .../security_component_grant_test.cpp | 29 +++++++ interfaces/innerkits/privacy/BUILD.gn | 4 - .../innerkits/privacy/include/privacy_kit.h | 33 ------- .../innerkits/privacy/libprivacy_sdk.map | 4 - .../innerkits/privacy/src/privacy_kit.cpp | 24 ------ .../privacy/src/privacy_manager_client.cpp | 64 -------------- .../privacy/src/privacy_manager_client.h | 7 -- .../test/unittest/src/privacy_kit_test.cpp | 44 ---------- services/accesstokenmanager/BUILD.gn | 7 ++ services/accesstokenmanager/idl/BUILD.gn | 8 ++ .../idl/IAccessTokenManager.idl | 6 +- .../include/seccomp/sec_comp_enhance_agent.h} | 32 ++++--- .../service/accesstoken_manager_service.h | 9 ++ .../src/seccomp/sec_comp_enhance_agent.cpp} | 85 +++++++------------ .../service/accesstoken_manager_service.cpp | 49 +++++++++++ services/privacymanager/BUILD.gn | 12 --- .../privacymanager/idl/IPrivacyManager.idl | 5 -- .../include/service/privacy_manager_service.h | 7 -- .../src/service/privacy_manager_service.cpp | 65 -------------- test/fuzztest/innerkits/accesstoken/BUILD.gn | 7 ++ .../getseccompenhance_fuzzer/BUILD.gn | 6 +- .../getseccompenhance_fuzzer/corpus/init | 0 .../getseccompenhance_fuzzer.cpp | 4 +- .../getseccompenhance_fuzzer.h | 0 .../getseccompenhance_fuzzer/project.xml | 0 .../registerseccompenhance_fuzzer/BUILD.gn | 6 +- .../corpus/init | 0 .../project.xml | 0 .../registerseccompenhance_fuzzer.cpp | 4 +- .../registerseccompenhance_fuzzer.h | 0 .../updateseccompenhance_fuzzer/BUILD.gn | 6 +- .../updateseccompenhance_fuzzer}/corpus/init | 0 .../updateseccompenhance_fuzzer}/project.xml | 0 .../updateseccompenhance_fuzzer.cpp | 4 +- .../updateseccompenhance_fuzzer.h | 0 test/fuzztest/innerkits/privacy/BUILD.gn | 8 -- .../getspecialseccompenhance_fuzzer/BUILD.gn | 44 ---------- .../getspecialseccompenhance_fuzzer.cpp | 51 ----------- .../getspecialseccompenhance_fuzzer.h | 21 ----- test/fuzztest/services/accesstoken/BUILD.gn | 7 ++ .../accesstoken/access_token_service_fuzz.gni | 5 +- .../getseccompenhancestub_fuzzer/BUILD.gn | 22 ++--- .../getseccompenhancestub_fuzzer}/corpus/init | 0 .../getseccompenhancestub_fuzzer.cpp | 10 +-- .../getseccompenhancestub_fuzzer.h | 0 .../getseccompenhancestub_fuzzer}/project.xml | 0 .../BUILD.gn | 22 ++--- .../corpus/init | 0 .../project.xml | 0 .../registerseccompenhancestub_fuzzer.cpp | 10 +-- .../registerseccompenhancestub_fuzzer.h | 0 .../updateseccompenhancestub_fuzzer/BUILD.gn | 22 ++--- .../corpus/init | 0 .../project.xml | 0 .../updateseccompenhancestub_fuzzer.cpp | 10 +-- .../updateseccompenhancestub_fuzzer.h | 0 test/fuzztest/services/privacy/BUILD.gn | 9 -- .../BUILD.gn | 52 ------------ .../getspecialseccompenhancestub_fuzzer.cpp | 65 -------------- .../getspecialseccompenhancestub_fuzzer.h | 21 ----- .../services/privacy/privacy_service_fuzz.gni | 1 - .../corpus/init | 14 --- .../project.xml | 25 ------ .../corpus/init | 14 --- .../project.xml | 25 ------ 76 files changed, 336 insertions(+), 765 deletions(-) rename frameworks/{privacy => accesstoken}/include/sec_comp_enhance_data_parcel.h (100%) rename frameworks/{privacy => accesstoken}/src/sec_comp_enhance_data_parcel.cpp (100%) rename services/{privacymanager/include/seccomp/privacy_sec_comp_enhance_agent.h => accesstokenmanager/main/cpp/include/seccomp/sec_comp_enhance_agent.h} (61%) rename services/{privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp => accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp} (56%) rename test/fuzztest/innerkits/{privacy => accesstoken}/getseccompenhance_fuzzer/BUILD.gn (88%) rename test/fuzztest/innerkits/{privacy => accesstoken}/getseccompenhance_fuzzer/corpus/init (100%) rename test/fuzztest/innerkits/{privacy => accesstoken}/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp (91%) rename test/fuzztest/innerkits/{privacy => accesstoken}/getseccompenhance_fuzzer/getseccompenhance_fuzzer.h (100%) rename test/fuzztest/innerkits/{privacy => accesstoken}/getseccompenhance_fuzzer/project.xml (100%) rename test/fuzztest/innerkits/{privacy => accesstoken}/registerseccompenhance_fuzzer/BUILD.gn (89%) rename test/fuzztest/innerkits/{privacy/getspecialseccompenhance_fuzzer => accesstoken/registerseccompenhance_fuzzer}/corpus/init (100%) rename test/fuzztest/innerkits/{privacy/getspecialseccompenhance_fuzzer => accesstoken/registerseccompenhance_fuzzer}/project.xml (100%) rename test/fuzztest/innerkits/{privacy => accesstoken}/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp (94%) rename test/fuzztest/innerkits/{privacy => accesstoken}/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.h (100%) rename test/fuzztest/innerkits/{privacy => accesstoken}/updateseccompenhance_fuzzer/BUILD.gn (88%) rename test/fuzztest/innerkits/{privacy/registerseccompenhance_fuzzer => accesstoken/updateseccompenhance_fuzzer}/corpus/init (100%) rename test/fuzztest/innerkits/{privacy/registerseccompenhance_fuzzer => accesstoken/updateseccompenhance_fuzzer}/project.xml (100%) rename test/fuzztest/innerkits/{privacy => accesstoken}/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp (89%) rename test/fuzztest/innerkits/{privacy => accesstoken}/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.h (100%) delete mode 100644 test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/BUILD.gn delete mode 100644 test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.cpp delete mode 100644 test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.h rename test/fuzztest/services/{privacy => accesstoken}/getseccompenhancestub_fuzzer/BUILD.gn (65%) rename test/fuzztest/{innerkits/privacy/updateseccompenhance_fuzzer => services/accesstoken/getseccompenhancestub_fuzzer}/corpus/init (100%) rename test/fuzztest/services/{privacy => accesstoken}/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp (81%) rename test/fuzztest/services/{privacy => accesstoken}/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.h (100%) rename test/fuzztest/{innerkits/privacy/updateseccompenhance_fuzzer => services/accesstoken/getseccompenhancestub_fuzzer}/project.xml (100%) rename test/fuzztest/services/{privacy => accesstoken}/registerseccompenhancestub_fuzzer/BUILD.gn (66%) rename test/fuzztest/services/{privacy/getseccompenhancestub_fuzzer => accesstoken/registerseccompenhancestub_fuzzer}/corpus/init (100%) rename test/fuzztest/services/{privacy/getseccompenhancestub_fuzzer => accesstoken/registerseccompenhancestub_fuzzer}/project.xml (100%) rename test/fuzztest/services/{privacy => accesstoken}/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp (89%) rename test/fuzztest/services/{privacy => accesstoken}/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.h (100%) rename test/fuzztest/services/{privacy => accesstoken}/updateseccompenhancestub_fuzzer/BUILD.gn (65%) rename test/fuzztest/services/{privacy/getspecialseccompenhancestub_fuzzer => accesstoken/updateseccompenhancestub_fuzzer}/corpus/init (100%) rename test/fuzztest/services/{privacy/getspecialseccompenhancestub_fuzzer => accesstoken/updateseccompenhancestub_fuzzer}/project.xml (100%) rename test/fuzztest/services/{privacy => accesstoken}/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp (82%) rename test/fuzztest/services/{privacy => accesstoken}/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.h (100%) delete mode 100644 test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/BUILD.gn delete mode 100644 test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.cpp delete mode 100644 test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.h delete mode 100644 test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/corpus/init delete mode 100644 test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/project.xml delete mode 100644 test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/corpus/init delete mode 100644 test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/project.xml diff --git a/frameworks/accesstoken/BUILD.gn b/frameworks/accesstoken/BUILD.gn index 6730263a5..122215ae5 100644 --- a/frameworks/accesstoken/BUILD.gn +++ b/frameworks/accesstoken/BUILD.gn @@ -64,4 +64,9 @@ ohos_shared_library("accesstoken_communication_adapter_cxx") { ] external_deps = [ "c_utils:utils" ] + + if (security_component_enhance_enable) { + sources += [ "src/sec_comp_enhance_data_parcel.cpp" ] + external_deps += [ "ipc:ipc_single" ] + } } diff --git a/frameworks/privacy/include/sec_comp_enhance_data_parcel.h b/frameworks/accesstoken/include/sec_comp_enhance_data_parcel.h similarity index 100% rename from frameworks/privacy/include/sec_comp_enhance_data_parcel.h rename to frameworks/accesstoken/include/sec_comp_enhance_data_parcel.h diff --git a/frameworks/privacy/src/sec_comp_enhance_data_parcel.cpp b/frameworks/accesstoken/src/sec_comp_enhance_data_parcel.cpp similarity index 100% rename from frameworks/privacy/src/sec_comp_enhance_data_parcel.cpp rename to frameworks/accesstoken/src/sec_comp_enhance_data_parcel.cpp diff --git a/frameworks/privacy/BUILD.gn b/frameworks/privacy/BUILD.gn index b452f0cda..6209524ec 100644 --- a/frameworks/privacy/BUILD.gn +++ b/frameworks/privacy/BUILD.gn @@ -50,9 +50,4 @@ ohos_shared_library("privacy_communication_adapter_cxx") { ] external_deps = [ "c_utils:utils" ] - - if (security_component_enhance_enable) { - sources += [ "src/sec_comp_enhance_data_parcel.cpp" ] - external_deps += [ "ipc:ipc_single" ] - } } diff --git a/interfaces/innerkits/accesstoken/BUILD.gn b/interfaces/innerkits/accesstoken/BUILD.gn index 21fdd24ff..e330621df 100644 --- a/interfaces/innerkits/accesstoken/BUILD.gn +++ b/interfaces/innerkits/accesstoken/BUILD.gn @@ -93,6 +93,9 @@ if (is_standard_system) { if (token_sync_enable == true) { cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] } + if (security_component_enhance_enable == true) { + cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] + } } } diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index abe082293..c35fc7cc6 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -54,6 +54,9 @@ #include "permission_state_change_info.h" #include "permission_state_full.h" #include "perm_state_change_callback_customize.h" +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE +#include "sec_comp_enhance_data.h" +#endif #ifdef TOKEN_SYNC_ENABLE #include "token_sync_kit_interface.h" #endif // TOKEN_SYNC_ENABLE @@ -513,6 +516,28 @@ public: */ static int32_t GetReqPermissionByName( AccessTokenID tokenID, const std::string& permissionName, std::string& value); +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE + /** + * @brief Register security component enhance data when security component service did not start + * @param enhance enhance data + * @return error code, see access_token_error.h + */ + static int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhance); + /** + * @brief update security component enhance data + * @param pid process id + * @param seqNum sequence number + * @return error code, see access_token_error.h + */ + static int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum); + /** + * @brief get security component enhance data + * @param pid process id + * @param enhance enhance data + * @return error code, see access_token_error.h + */ + static int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance); +#endif }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/include/sec_comp_enhance_data.h b/interfaces/innerkits/accesstoken/include/sec_comp_enhance_data.h index 011572703..c5be2919c 100644 --- a/interfaces/innerkits/accesstoken/include/sec_comp_enhance_data.h +++ b/interfaces/innerkits/accesstoken/include/sec_comp_enhance_data.h @@ -71,10 +71,6 @@ struct SecCompEnhanceData { * sequence number of session. */ uint32_t seqNum; - /** - * mark whether sceneboard application or not. - */ - bool isSceneBoard; /** * key to encrypt ipc message. */ diff --git a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map index 19192e683..d4cad6a2e 100644 --- a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map +++ b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map @@ -82,6 +82,9 @@ "OHOS::Security::AccessToken::AccessTokenKit::GetHapTokenInfoExtension(unsigned int, OHOS::Security::AccessToken::HapTokenInfoExt&)"; "OHOS::Security::AccessToken::AccessTokenKit::RequestAppPermOnSetting(unsigned int)"; "OHOS::Security::AccessToken::AccessTokenKit::GetReqPermissionByName(unsigned int, std::__h::basic_string, std::__h::allocator> const&, std::__h::basic_string, std::__h::allocator>&)"; + "OHOS::Security::AccessToken::AccessTokenKit::RegisterSecCompEnhance(OHOS::Security::AccessToken::SecCompEnhanceData const&)"; + "OHOS::Security::AccessToken::AccessTokenKit::UpdateSecCompEnhance(int, unsigned int)"; + "OHOS::Security::AccessToken::AccessTokenKit::GetSecCompEnhance(int, OHOS::Security::AccessToken::SecCompEnhanceData&)"; "OHOS::Security::AccessToken::AccessTokenKit::GetKernelPermissions(unsigned int, std::__h::vector>&)"; OHOS::Security::AccessToken::AccessTokenKit::IsSystemAppByFullTokenID*; OHOS::Security::AccessToken::AccessTokenKit::GetRenderTokenID*; diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 83590b74d..09ca1bc9b 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -821,6 +821,23 @@ int32_t AccessTokenKit::GetReqPermissionByName( } return AccessTokenManagerClient::GetInstance().GetReqPermissionByName(tokenID, permissionName, value); } + +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE +int32_t AccessTokenKit::RegisterSecCompEnhance(const SecCompEnhanceData& enhance) +{ + return AccessTokenManagerClient::GetInstance().RegisterSecCompEnhance(enhance); +} + +int32_t AccessTokenKit::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) +{ + return AccessTokenManagerClient::GetInstance().UpdateSecCompEnhance(pid, seqNum); +} + +int32_t AccessTokenKit::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance) +{ + return AccessTokenManagerClient::GetInstance().GetSecCompEnhance(pid, enhance); +} +#endif } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index e2d5ac4dd..c46777135 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -27,6 +27,9 @@ #include "parameter.h" #include "perm_state_change_scope_parcel.h" #include "permission_grant_info_parcel.h" +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE +#include "sec_comp_enhance_data_parcel.h" +#endif namespace OHOS { namespace Security { @@ -1181,6 +1184,48 @@ int32_t AccessTokenManagerClient::GetReqPermissionByName( } return errCode; } + +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE +int32_t AccessTokenManagerClient::RegisterSecCompEnhance(const SecCompEnhanceData& enhance) +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null."); + return AccessTokenError::ERR_PARAM_INVALID; + } + SecCompEnhanceDataParcel registerParcel; + registerParcel.enhanceData = enhance; + int32_t ret = proxy->RegisterSecCompEnhance(registerParcel); + return ConvertResult(ret); +} + +int32_t AccessTokenManagerClient::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null."); + return AccessTokenError::ERR_PARAM_INVALID; + } + int32_t ret = proxy->UpdateSecCompEnhance(pid, seqNum); + return ConvertResult(ret); +} + +int32_t AccessTokenManagerClient::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance) +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null."); + return AccessTokenError::ERR_PARAM_INVALID; + } + SecCompEnhanceDataParcel parcel; + int32_t res = proxy->GetSecCompEnhance(pid, parcel); + if (res != RET_SUCCESS) { + return ConvertResult(res); + } + enhance = parcel.enhanceData; + return RET_SUCCESS; +} +#endif } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index df0ed5815..869a441a8 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -112,6 +112,11 @@ public: int32_t InitUserPolicy(const std::vector& userList, const std::vector& permList); int32_t UpdateUserPolicy(const std::vector& userList); int32_t ClearUserPolicy(); +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE + int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhance); + int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum); + int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance); +#endif // SECURITY_COMPONENT_ENHANCE_ENABLE private: AccessTokenManagerClient(); diff --git a/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp index 3f535fb8d..2228b119b 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp @@ -567,3 +567,32 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest011, TestSize.Lev res = TestCommon::DeleteTestHapToken(tokenID); ASSERT_EQ(res, RET_SUCCESS); } + +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE +/** + * @tc.name: RegisterSecCompEnhance001 + * @tc.desc: AccessTokenKit:: function test register enhance data + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(SecurityComponentGrantTest, RegisterSecCompEnhance001, TestSize.Level1) +{ + SecCompEnhanceData data; + data.callback = nullptr; + data.challenge = 0; + data.seqNum = 0; + EXPECT_EQ(PrivacyError::ERR_WRITE_PARCEL_FAILED, AccessTokenKit::RegisterSecCompEnhance(data)); + + // StateChangeCallback is not the real callback of SecCompEnhance, but it does not effect the final result. + auto callbackPtr = std::make_shared(); + data.callback = new (std::nothrow) StateChangeCallback(callbackPtr); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::RegisterSecCompEnhance(data)); + + MockNativeToken mock("security_component_service"); + SecCompEnhanceData data1; + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::GetSecCompEnhance(getpid(), data1)); + EXPECT_NE(RET_SUCCESS, AccessTokenKit::GetSecCompEnhance(0, data1)); + EXPECT_EQ(RET_SUCCESS, AccessTokenKit::UpdateSecCompEnhance(getpid(), 1)); + EXPECT_NE(RET_SUCCESS, AccessTokenKit::UpdateSecCompEnhance(0, 1)); +} +#endif diff --git a/interfaces/innerkits/privacy/BUILD.gn b/interfaces/innerkits/privacy/BUILD.gn index 014dfce75..b0604152e 100644 --- a/interfaces/innerkits/privacy/BUILD.gn +++ b/interfaces/innerkits/privacy/BUILD.gn @@ -86,10 +86,6 @@ if (is_standard_system) { "-DDEBUG_API_PERFORMANCE", ] - if (security_component_enhance_enable == true) { - cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] - } - if (build_variant == "user") { cflags_cc += [ "-DATM_BUILD_VARIANT_USER_ENABLE" ] } diff --git a/interfaces/innerkits/privacy/include/privacy_kit.h b/interfaces/innerkits/privacy/include/privacy_kit.h index 0cd8b4152..e2bbc7821 100644 --- a/interfaces/innerkits/privacy/include/privacy_kit.h +++ b/interfaces/innerkits/privacy/include/privacy_kit.h @@ -45,9 +45,6 @@ #include "permission_used_type_info.h" #include "perm_active_status_customized_cbk.h" #include "privacy_param.h" -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -#include "sec_comp_enhance_data.h" -#endif #include "state_customized_cbk.h" namespace OHOS { @@ -157,36 +154,6 @@ public: */ static bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid = -1); -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE - /** - * @brief Register security component enhance data when security component service did not start - * @param enhance enhance data - * @return error code, see privacy_error.h - */ - static int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhance); - /** - * @brief update security component enhance data - * @param pid process id - * @param seqNum sequence number - * @return error code, see privacy_error.h - */ - static int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum); - /** - * @brief get security component enhance data - * @param pid process id - * @param enhance enhance data - * @return error code, see privacy_error.h - */ - static int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance); - /** - * @brief get special security component enhance data - * @param bundleName bundle name - * @param enhanceList enhance data - * @return error code, see privacy_error.h - */ - static int32_t GetSpecialSecCompEnhance(const std::string& bundleName, - std::vector& enhanceList); -#endif /** * @brief query permission used type. * @param tokenId token id, if 0 return all tokenIds diff --git a/interfaces/innerkits/privacy/libprivacy_sdk.map b/interfaces/innerkits/privacy/libprivacy_sdk.map index f99cde501..96392941a 100644 --- a/interfaces/innerkits/privacy/libprivacy_sdk.map +++ b/interfaces/innerkits/privacy/libprivacy_sdk.map @@ -31,10 +31,6 @@ "OHOS::Security::AccessToken::PrivacyKit::StartUsingPermission(unsigned int, std::__h::basic_string, std::__h::allocator> const&, std::__h::shared_ptr const&, int, OHOS::Security::AccessToken::PermissionUsedTypeValue)"; "OHOS::Security::AccessToken::PrivacyKit::GetPermissionUsedRecords(OHOS::Security::AccessToken::PermissionUsedRequest const&, OHOS::sptr const&)"; "OHOS::Security::AccessToken::PrivacyKit::IsAllowedUsingPermission(unsigned int, std::__h::basic_string, std::__h::allocator> const&, int)"; - "OHOS::Security::AccessToken::PrivacyKit::RegisterSecCompEnhance(OHOS::Security::AccessToken::SecCompEnhanceData const&)"; - "OHOS::Security::AccessToken::PrivacyKit::UpdateSecCompEnhance(int, unsigned int)"; - "OHOS::Security::AccessToken::PrivacyKit::GetSecCompEnhance(int, OHOS::Security::AccessToken::SecCompEnhanceData&)"; - "OHOS::Security::AccessToken::PrivacyKit::GetSpecialSecCompEnhance(std::__h::basic_string, std::__h::allocator> const&, std::__h::vector>&)"; "OHOS::Security::AccessToken::StateCustomizedCbk::~StateCustomizedCbk()"; "OHOS::Security::AccessToken::OnPermissionUsedRecordCallbackStub::OnRemoteRequest(unsigned int, OHOS::MessageParcel&, OHOS::MessageParcel&, OHOS::MessageOption&)"; "OHOS::Security::AccessToken::PrivacyManagerClient::GetInstance()"; diff --git a/interfaces/innerkits/privacy/src/privacy_kit.cpp b/interfaces/innerkits/privacy/src/privacy_kit.cpp index 5f796a854..786a9812b 100644 --- a/interfaces/innerkits/privacy/src/privacy_kit.cpp +++ b/interfaces/innerkits/privacy/src/privacy_kit.cpp @@ -215,30 +215,6 @@ bool PrivacyKit::IsAllowedUsingPermission(AccessTokenID tokenID, const std::stri return PrivacyManagerClient::GetInstance().IsAllowedUsingPermission(tokenID, permissionName, pid); } -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -int32_t PrivacyKit::RegisterSecCompEnhance(const SecCompEnhanceData& enhance) -{ - return PrivacyManagerClient::GetInstance().RegisterSecCompEnhance(enhance); -} - -int32_t PrivacyKit::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) -{ - return PrivacyManagerClient::GetInstance().UpdateSecCompEnhance(pid, seqNum); -} - -int32_t PrivacyKit::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance) -{ - return PrivacyManagerClient::GetInstance().GetSecCompEnhance(pid, enhance); -} - -int32_t PrivacyKit::GetSpecialSecCompEnhance(const std::string& bundleName, - std::vector& enhanceList) -{ - return PrivacyManagerClient::GetInstance(). - GetSpecialSecCompEnhance(bundleName, enhanceList); -} -#endif - int32_t PrivacyKit::GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, std::vector& results) { diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp index f65f1bae4..2b59b1da1 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp @@ -19,9 +19,6 @@ #include "iservice_registry.h" #include "privacy_error.h" #include "privacy_manager_proxy.h" -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -#include "sec_comp_enhance_data_parcel.h" -#endif namespace OHOS { namespace Security { @@ -352,67 +349,6 @@ bool PrivacyManagerClient::IsAllowedUsingPermission(AccessTokenID tokenID, const return isAllowed; } -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -int32_t PrivacyManagerClient::RegisterSecCompEnhance(const SecCompEnhanceData& enhance) -{ - auto proxy = GetProxy(); - if (proxy == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null."); - return PrivacyError::ERR_PARAM_INVALID; - } - SecCompEnhanceDataParcel registerParcel; - registerParcel.enhanceData = enhance; - int32_t ret = proxy->RegisterSecCompEnhance(registerParcel); - return ConvertResult(ret); -} - -int32_t PrivacyManagerClient::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) -{ - auto proxy = GetProxy(); - if (proxy == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null."); - return PrivacyError::ERR_PARAM_INVALID; - } - int32_t ret = proxy->UpdateSecCompEnhance(pid, seqNum); - return ConvertResult(ret); -} - -int32_t PrivacyManagerClient::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance) -{ - auto proxy = GetProxy(); - if (proxy == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null."); - return PrivacyError::ERR_PARAM_INVALID; - } - SecCompEnhanceDataParcel parcel; - int32_t res = proxy->GetSecCompEnhance(pid, parcel); - if (res != RET_SUCCESS) { - return ConvertResult(res); - } - enhance = parcel.enhanceData; - return RET_SUCCESS; -} - -int32_t PrivacyManagerClient::GetSpecialSecCompEnhance(const std::string& bundleName, - std::vector& enhanceList) -{ - auto proxy = GetProxy(); - if (proxy == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "Proxy is null."); - return PrivacyError::ERR_PARAM_INVALID; - } - std::vector parcelList; - int32_t res = proxy->GetSpecialSecCompEnhance(bundleName, parcelList); - if (res != RET_SUCCESS) { - return ConvertResult(res); - } - - std::transform(parcelList.begin(), parcelList.end(), std::back_inserter(enhanceList), - [](SecCompEnhanceDataParcel pair) { return pair.enhanceData; }); - return RET_SUCCESS; -} -#endif - int32_t PrivacyManagerClient::GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, std::vector& results) { diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.h b/interfaces/innerkits/privacy/src/privacy_manager_client.h index 8dcca2149..0a652cb51 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.h +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.h @@ -59,13 +59,6 @@ public: sptr& callbackWrap); bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid); void OnRemoteDiedHandle(); -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE - int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhance); - int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum); - int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance); - int32_t GetSpecialSecCompEnhance(const std::string& bundleName, - std::vector& enhanceList); -#endif int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, std::vector& results); int32_t SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, AccessTokenID tokenID); diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 3cbaca374..82138f1cb 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -2153,50 +2153,6 @@ HWTEST_F(PrivacyKitTest, InitProxy001, TestSize.Level1) PrivacyManagerClient::GetInstance().proxy_ = proxy; // recovery } -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -/** - * @tc.name: RegisterSecCompEnhance001 - * @tc.desc: PrivacyKit:: function test register enhance data - * @tc.type: FUNC - * @tc.require: issueI7MXZ - */ -HWTEST_F(PrivacyKitTest, RegisterSecCompEnhance001, TestSize.Level1) -{ - SecCompEnhanceData data; - data.callback = nullptr; - data.challenge = 0; - data.seqNum = 0; - EXPECT_EQ(PrivacyError::ERR_WRITE_PARCEL_FAILED, PrivacyKit::RegisterSecCompEnhance(data)); - - // StateChangeCallback is not the real callback of SecCompEnhance, but it does not effect the final result. - auto callbackPtr = std::make_shared(); - data.callback = new (std::nothrow) StateChangeCallback(callbackPtr); - EXPECT_EQ(RET_SUCCESS, PrivacyKit::RegisterSecCompEnhance(data)); - - MockNativeToken mock("security_component_service"); - SecCompEnhanceData data1; - EXPECT_EQ(RET_SUCCESS, PrivacyKit::GetSecCompEnhance(getpid(), data1)); - EXPECT_NE(RET_SUCCESS, PrivacyKit::GetSecCompEnhance(0, data1)); - EXPECT_EQ(RET_SUCCESS, PrivacyKit::UpdateSecCompEnhance(getpid(), 1)); - EXPECT_NE(RET_SUCCESS, PrivacyKit::UpdateSecCompEnhance(0, 1)); -} - -/** - * @tc.name: GetSpecialSecCompEnhance001 - * @tc.desc: PrivacyKit:: function test Get Special enhance - * @tc.type: FUNC - * @tc.require: issueI7MXZ - */ -HWTEST_F(PrivacyKitTest, GetSpecialSecCompEnhance001, TestSize.Level1) -{ - MockNativeToken mock("security_component_service"); - - std::vector res; - ASSERT_EQ(RET_SUCCESS, PrivacyKit::GetSpecialSecCompEnhance("", res)); - ASSERT_EQ(RET_SUCCESS, PrivacyKit::GetSpecialSecCompEnhance(g_infoParmsA.bundleName, res)); -} -#endif - /** * @tc.name: AddPermissionUsedRecord011 * @tc.desc: Test AddPermissionUsedRecord with default normal used type diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index 6ef246714..a77405e66 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -194,5 +194,12 @@ if (is_standard_system) { "${access_token_path}/services/common/background_task_manager/src/continuous_task_change_callback.cpp", ] } + + if (security_component_enhance_enable == true) { + cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] + include_dirs += [ "main/cpp/include/seccomp" ] + sources += + [ "main/cpp/src/seccomp/sec_comp_enhance_agent.cpp" ] + } } } diff --git a/services/accesstokenmanager/idl/BUILD.gn b/services/accesstokenmanager/idl/BUILD.gn index 1b08e66a7..4c6192b6a 100644 --- a/services/accesstokenmanager/idl/BUILD.gn +++ b/services/accesstokenmanager/idl/BUILD.gn @@ -72,6 +72,10 @@ ohos_source_set("access_token_manager_proxy") { "samgr:samgr_proxy", ] + if (security_component_enhance_enable) { + cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] + } + subsystem_name = "security" part_name = "access_token" } @@ -120,6 +124,10 @@ ohos_source_set("access_token_manager_stub") { "samgr:samgr_proxy", ] + if (security_component_enhance_enable) { + cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] + } + subsystem_name = "security" part_name = "access_token" } diff --git a/services/accesstokenmanager/idl/IAccessTokenManager.idl b/services/accesstokenmanager/idl/IAccessTokenManager.idl index 31da0d225..5e7c3c775 100644 --- a/services/accesstokenmanager/idl/IAccessTokenManager.idl +++ b/services/accesstokenmanager/idl/IAccessTokenManager.idl @@ -27,6 +27,7 @@ sequenceable OHOS.IRemoteObject; sequenceable OHOS.Security.AccessToken.HapTokenInfoForSyncParcel; sequenceable OHOS.Security.AccessToken.HapBaseInfoParcel; sequenceable OHOS.Security.AccessToken.AtmToolsParamInfoParcel; +sequenceable OHOS.Security.AccessToken.SecCompEnhanceDataParcel; import IdlCommon; @@ -85,5 +86,8 @@ interface OHOS.Security.AccessToken.IAccessTokenManager{ [ipccode 66] void UnRegisterSelfPermStateChangeCallback([in] IRemoteObject cb); [ipccode 67] void GetKernelPermissions([in] unsigned int tokenId, [out] List kernelPermIdlList); [ipccode 68] void GetReqPermissionByName([in] unsigned int tokenId, [in] String permissionName, [out] String value); - [ipccode 80] void VerifyAccessToken([in] unsigned int tokenID, [in] List permissionList, [out] List permStateList); + [ipccode 80] void VerifyAccessToken([in] unsigned int tokenID, [in] List permissionList, [out] List permStateList); + [ipccode 101, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE, oneway] void RegisterSecCompEnhance([in] SecCompEnhanceDataParcel enhanceParcel); + [ipccode 102, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void UpdateSecCompEnhance([in] int pid, [in] unsigned int seqNum); + [ipccode 103, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void GetSecCompEnhance([in] int pid, [out] SecCompEnhanceDataParcel enhanceParcel); } \ No newline at end of file diff --git a/services/privacymanager/include/seccomp/privacy_sec_comp_enhance_agent.h b/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_enhance_agent.h similarity index 61% rename from services/privacymanager/include/seccomp/privacy_sec_comp_enhance_agent.h rename to services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_enhance_agent.h index 76896f7b0..0efe7b077 100644 --- a/services/privacymanager/include/seccomp/privacy_sec_comp_enhance_agent.h +++ b/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_enhance_agent.h @@ -25,45 +25,43 @@ namespace OHOS { namespace Security { namespace AccessToken { -class PrivacyAppUsingSecCompStateObserver : public ApplicationStateObserverStub { +class AppUsingSecCompStateObserver : public ApplicationStateObserverStub { public: - PrivacyAppUsingSecCompStateObserver() = default; - ~PrivacyAppUsingSecCompStateObserver() = default; + AppUsingSecCompStateObserver() = default; + ~AppUsingSecCompStateObserver() = default; void OnProcessDied(const ProcessData &processData) override; - DISALLOW_COPY_AND_MOVE(PrivacyAppUsingSecCompStateObserver); + DISALLOW_COPY_AND_MOVE(AppUsingSecCompStateObserver); }; -class PrivacySecCompAppManagerDeathCallback : public AppManagerDeathCallback { +class SecCompAppManagerDeathCallback : public AppManagerDeathCallback { public: - PrivacySecCompAppManagerDeathCallback() = default; - ~PrivacySecCompAppManagerDeathCallback() = default; + SecCompAppManagerDeathCallback() = default; + ~SecCompAppManagerDeathCallback() = default; void NotifyAppManagerDeath() override; - DISALLOW_COPY_AND_MOVE(PrivacySecCompAppManagerDeathCallback); + DISALLOW_COPY_AND_MOVE(SecCompAppManagerDeathCallback); }; -class PrivacySecCompEnhanceAgent final { +class SecCompEnhanceAgent final { public: - static PrivacySecCompEnhanceAgent& GetInstance(); - virtual ~PrivacySecCompEnhanceAgent(); + static SecCompEnhanceAgent& GetInstance(); + virtual ~SecCompEnhanceAgent(); int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhanceData); int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum); int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhanceData); - int32_t GetSpecialSecCompEnhance(const std::string& bundleName, - std::vector& enhanceList); void RemoveSecCompEnhance(int pid); void OnAppMgrRemoteDiedHandle(); private: - PrivacySecCompEnhanceAgent(); + SecCompEnhanceAgent(); void InitAppObserver(); - DISALLOW_COPY_AND_MOVE(PrivacySecCompEnhanceAgent); + DISALLOW_COPY_AND_MOVE(SecCompEnhanceAgent); private: - sptr observer_ = nullptr; - std::shared_ptr appManagerDeathCallback_ = nullptr; + sptr observer_ = nullptr; + std::shared_ptr appManagerDeathCallback_ = nullptr; std::mutex secCompEnhanceMutex_; std::vector secCompEnhanceData_; }; diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index c90a9a26b..a34e88433 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -95,6 +95,11 @@ public: int GetHapTokenInfoExtension(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes, std::string& appID) override; int32_t GetNativeTokenId(const std::string& processName, AccessTokenID& tokenID) override; +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE + int32_t RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel) override; + int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) override; + int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) override; +#endif #ifdef TOKEN_SYNC_ENABLE int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override; @@ -142,12 +147,16 @@ private: bool IsNativeProcessCalling(); bool IsSystemAppCalling() const; bool IsShellProcessCalling(); +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE + bool IsSecCompServiceCalling(); +#endif #ifndef ATM_BUILD_VARIANT_USER_ENABLE static const int32_t ROOT_UID = 0; #endif static const int32_t ACCESSTOKEN_UID = 3020; AccessTokenID tokenSyncId_ = 0; + AccessTokenID secCompTokenId_ = 0; }; } // namespace AccessToken } // namespace Security diff --git a/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp b/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp similarity index 56% rename from services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp rename to services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp index 8091a5f93..79da6223b 100644 --- a/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp +++ b/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp @@ -12,76 +12,76 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -#include "privacy_sec_comp_enhance_agent.h" +#include "sec_comp_enhance_agent.h" #include "access_token.h" +#include "access_token_error.h" #include "accesstoken_kit.h" #include "accesstoken_common_log.h" +#include "accesstoken_info_manager.h" #include "app_manager_access_client.h" #include "ipc_skeleton.h" -#include "privacy_error.h" #include "securec.h" namespace OHOS { namespace Security { namespace AccessToken { namespace { -static const std::string SCENE_BOARD_PKG_NAME = "com.ohos.sceneboard"; std::recursive_mutex g_instanceMutex; } -void PrivacyAppUsingSecCompStateObserver::OnProcessDied(const ProcessData &processData) +void AppUsingSecCompStateObserver::OnProcessDied(const ProcessData &processData) { - LOGI(PRI_DOMAIN, PRI_TAG, "OnProcessDied pid %{public}d", processData.pid); - PrivacySecCompEnhanceAgent::GetInstance().RemoveSecCompEnhance(processData.pid); + LOGI(ATM_DOMAIN, ATM_TAG, "OnProcessDied pid %{public}d", processData.pid); + SecCompEnhanceAgent::GetInstance().RemoveSecCompEnhance(processData.pid); } -void PrivacySecCompAppManagerDeathCallback::NotifyAppManagerDeath() +void SecCompAppManagerDeathCallback::NotifyAppManagerDeath() { - LOGI(PRI_DOMAIN, PRI_TAG, "AppManagerDeath called"); + LOGI(ATM_DOMAIN, ATM_TAG, "AppManagerDeath called"); - PrivacySecCompEnhanceAgent::GetInstance().OnAppMgrRemoteDiedHandle(); + SecCompEnhanceAgent::GetInstance().OnAppMgrRemoteDiedHandle(); } -PrivacySecCompEnhanceAgent& PrivacySecCompEnhanceAgent::GetInstance() +SecCompEnhanceAgent& SecCompEnhanceAgent::GetInstance() { - static PrivacySecCompEnhanceAgent* instance = nullptr; + static SecCompEnhanceAgent* instance = nullptr; if (instance == nullptr) { std::lock_guard lock(g_instanceMutex); if (instance == nullptr) { - PrivacySecCompEnhanceAgent* tmp = new PrivacySecCompEnhanceAgent(); + SecCompEnhanceAgent* tmp = new SecCompEnhanceAgent(); instance = std::move(tmp); } } return *instance; } -void PrivacySecCompEnhanceAgent::InitAppObserver() +void SecCompEnhanceAgent::InitAppObserver() { if (observer_ != nullptr) { return; } - observer_ = new (std::nothrow) PrivacyAppUsingSecCompStateObserver(); + observer_ = new (std::nothrow) AppUsingSecCompStateObserver(); if (observer_ == nullptr) { - LOGE(PRI_DOMAIN, PRI_TAG, "New observer failed."); + LOGE(ATM_DOMAIN, ATM_TAG, "New observer failed."); return; } if (AppManagerAccessClient::GetInstance().RegisterApplicationStateObserver(observer_) != 0) { - LOGE(PRI_DOMAIN, PRI_TAG, "Register observer failed."); + LOGE(ATM_DOMAIN, ATM_TAG, "Register observer failed."); observer_ = nullptr; return; } if (appManagerDeathCallback_ == nullptr) { - appManagerDeathCallback_ = std::make_shared(); + appManagerDeathCallback_ = std::make_shared(); AppManagerAccessClient::GetInstance().RegisterDeathCallback(appManagerDeathCallback_); } } -PrivacySecCompEnhanceAgent::PrivacySecCompEnhanceAgent() +SecCompEnhanceAgent::SecCompEnhanceAgent() { InitAppObserver(); } -PrivacySecCompEnhanceAgent::~PrivacySecCompEnhanceAgent() +SecCompEnhanceAgent::~SecCompEnhanceAgent() { if (observer_ != nullptr) { AppManagerAccessClient::GetInstance().UnregisterApplicationStateObserver(observer_); @@ -89,37 +89,37 @@ PrivacySecCompEnhanceAgent::~PrivacySecCompEnhanceAgent() } } -void PrivacySecCompEnhanceAgent::OnAppMgrRemoteDiedHandle() +void SecCompEnhanceAgent::OnAppMgrRemoteDiedHandle() { - LOGI(PRI_DOMAIN, PRI_TAG, "OnAppMgrRemoteDiedHandle."); + LOGI(ATM_DOMAIN, ATM_TAG, "OnAppMgrRemoteDiedHandle."); std::lock_guard lock(secCompEnhanceMutex_); secCompEnhanceData_.clear(); observer_ = nullptr; } -void PrivacySecCompEnhanceAgent::RemoveSecCompEnhance(int pid) +void SecCompEnhanceAgent::RemoveSecCompEnhance(int pid) { std::lock_guard lock(secCompEnhanceMutex_); for (auto iter = secCompEnhanceData_.begin(); iter != secCompEnhanceData_.end(); ++iter) { if (iter->pid == pid) { secCompEnhanceData_.erase(iter); - LOGI(PRI_DOMAIN, PRI_TAG, "Remove pid %{public}d data.", pid); + LOGI(ATM_DOMAIN, ATM_TAG, "Remove pid %{public}d data.", pid); return; } } - LOGE(PRI_DOMAIN, PRI_TAG, "Not found pid %{public}d data.", pid); + LOGE(ATM_DOMAIN, ATM_TAG, "Not found pid %{public}d data.", pid); return; } -int32_t PrivacySecCompEnhanceAgent::RegisterSecCompEnhance(const SecCompEnhanceData& enhanceData) +int32_t SecCompEnhanceAgent::RegisterSecCompEnhance(const SecCompEnhanceData& enhanceData) { std::lock_guard lock(secCompEnhanceMutex_); InitAppObserver(); int pid = IPCSkeleton::GetCallingPid(); if (std::any_of(secCompEnhanceData_.begin(), secCompEnhanceData_.end(), [pid](const auto& e) { return e.pid == pid; })) { - LOGE(PRI_DOMAIN, PRI_TAG, "Register sec comp enhance exist, pid %{public}d.", pid); - return PrivacyError::ERR_CALLBACK_ALREADY_EXIST; + LOGE(ATM_DOMAIN, ATM_TAG, "Register sec comp enhance exist, pid %{public}d.", pid); + return AccessTokenError::ERR_CALLBACK_ALREADY_EXIST; } SecCompEnhanceData enhance; enhance.callback = enhanceData.callback; @@ -128,61 +128,42 @@ int32_t PrivacySecCompEnhanceAgent::RegisterSecCompEnhance(const SecCompEnhanceD enhance.challenge = enhanceData.challenge; enhance.sessionId = enhanceData.sessionId; enhance.seqNum = enhanceData.seqNum; - enhance.isSceneBoard = false; if (memcpy_s(enhance.key, AES_KEY_STORAGE_LEN, enhanceData.key, AES_KEY_STORAGE_LEN) != EOK) { - return PrivacyError::ERR_CALLBACK_ALREADY_EXIST; - } - HapTokenInfo info; - if (AccessTokenKit::GetHapTokenInfo(enhance.token, info) == AccessTokenKitRet::RET_SUCCESS) { - if (info.bundleName == SCENE_BOARD_PKG_NAME) { - enhance.isSceneBoard = true; - } + return AccessTokenError::ERR_CALLBACK_ALREADY_EXIST; } secCompEnhanceData_.emplace_back(enhance); - LOGI(PRI_DOMAIN, PRI_TAG, "Register sec comp enhance success, pid %{public}d, total %{public}u.", + LOGI(ATM_DOMAIN, ATM_TAG, "Register sec comp enhance success, pid %{public}d, total %{public}u.", pid, static_cast(secCompEnhanceData_.size())); return RET_SUCCESS; } -int32_t PrivacySecCompEnhanceAgent::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) +int32_t SecCompEnhanceAgent::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) { std::lock_guard lock(secCompEnhanceMutex_); InitAppObserver(); for (auto iter = secCompEnhanceData_.begin(); iter != secCompEnhanceData_.end(); ++iter) { if (iter->pid == pid) { iter->seqNum = seqNum; - LOGI(PRI_DOMAIN, PRI_TAG, "Update pid=%{public}d data successful.", pid); + LOGI(ATM_DOMAIN, ATM_TAG, "Update pid=%{public}d data successful.", pid); return RET_SUCCESS; } } return ERR_PARAM_INVALID; } -int32_t PrivacySecCompEnhanceAgent::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhanceData) +int32_t SecCompEnhanceAgent::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhanceData) { std::lock_guard lock(secCompEnhanceMutex_); InitAppObserver(); for (auto iter = secCompEnhanceData_.begin(); iter != secCompEnhanceData_.end(); ++iter) { if (iter->pid == pid) { enhanceData = *iter; - LOGI(PRI_DOMAIN, PRI_TAG, "Get pid %{public}d data.", pid); + LOGI(ATM_DOMAIN, ATM_TAG, "Get pid %{public}d data.", pid); return RET_SUCCESS; } } return ERR_PARAM_INVALID; } - -int32_t PrivacySecCompEnhanceAgent::GetSpecialSecCompEnhance(const std::string& bundleName, - std::vector& enhanceList) -{ - std::lock_guard lock(secCompEnhanceMutex_); - for (auto iter = secCompEnhanceData_.begin(); iter != secCompEnhanceData_.end(); iter++) { - if ((*iter).isSceneBoard) { - enhanceList.emplace_back(*iter); - } - } - return RET_SUCCESS; -} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 353ad782c..9786f1d2e 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -24,6 +24,7 @@ #include "accesstoken_dfx_define.h" #include "accesstoken_id_manager.h" #include "accesstoken_info_manager.h" +#include "accesstoken_service_ipc_interface_code.h" #include "constant_common.h" #include "data_validator.h" #include "hap_token_info.h" @@ -42,6 +43,9 @@ #include "permission_manager.h" #include "permission_map.h" #include "permission_validator.h" +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE +#include "sec_comp_enhance_agent.h" +#endif #include "short_grant_manager.h" #include "string_ex.h" #include "system_ability_definition.h" @@ -1254,6 +1258,17 @@ bool AccessTokenManagerService::IsSystemAppCalling() const return TokenIdKit::IsSystemAppByFullTokenID(fullTokenId); } +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE +bool AccessTokenManagerService::IsSecCompServiceCalling() +{ + uint32_t tokenCaller = IPCSkeleton::GetCallingTokenID(); + if (secCompTokenId_ == 0) { + this->GetNativeTokenId("security_component_service", secCompTokenId_); + } + return tokenCaller == secCompTokenId_; +} +#endif + int32_t AccessTokenManagerService::CallbackEnter(uint32_t code) { ClearThreadErrorMsg(); @@ -1273,6 +1288,40 @@ int32_t AccessTokenManagerService::CallbackExit(uint32_t code, int32_t result) ReportSysCommonEventError(code, 0); return ERR_OK; } + +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE +int32_t AccessTokenManagerService::RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel) +{ + LOGI(ATM_DOMAIN, ATM_TAG, "Pid: %{public}d", enhanceParcel.enhanceData.pid); + return SecCompEnhanceAgent::GetInstance().RegisterSecCompEnhance(enhanceParcel.enhanceData); +} + +int32_t AccessTokenManagerService::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) +{ + if (!IsSecCompServiceCalling()) { + return AccessTokenError::ERR_PERMISSION_DENIED; + } + + return SecCompEnhanceAgent::GetInstance().UpdateSecCompEnhance(pid, seqNum); +} + +int32_t AccessTokenManagerService::GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) +{ + if (!IsSecCompServiceCalling()) { + return AccessTokenError::ERR_PERMISSION_DENIED; + } + + SecCompEnhanceData enhanceData; + int32_t res = SecCompEnhanceAgent::GetInstance().GetSecCompEnhance(pid, enhanceData); + if (res != RET_SUCCESS) { + LOGW(ATM_DOMAIN, ATM_TAG, "Pid: %{public}d get enhance failed ", pid); + return res; + } + + enhanceParcel.enhanceData = enhanceData; + return RET_SUCCESS; +} +#endif } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn index f77373b51..a397ebdb7 100644 --- a/services/privacymanager/BUILD.gn +++ b/services/privacymanager/BUILD.gn @@ -61,9 +61,6 @@ ohos_source_set("privacy_manager_proxy") { ] cflags_cc = [] - if (security_component_enhance_enable) { - cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] - } subsystem_name = "security" part_name = "access_token" @@ -103,9 +100,6 @@ ohos_source_set("privacy_manager_stub") { ] cflags_cc = [] - if (security_component_enhance_enable) { - cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] - } subsystem_name = "security" part_name = "access_token" @@ -245,12 +239,6 @@ if (is_standard_system && ability_base_enable == true) { sources += [ "src/common/privacy_common_event_subscriber.cpp" ] } - if (security_component_enhance_enable == true) { - cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] - include_dirs += [ "include/seccomp" ] - sources += [ "src/seccomp/privacy_sec_comp_enhance_agent.cpp" ] - } - if (window_manager_enable && access_token_camera_float_window_enable) { cflags_cc += [ "-DCAMERA_FLOAT_WINDOW_ENABLE" ] include_dirs += diff --git a/services/privacymanager/idl/IPrivacyManager.idl b/services/privacymanager/idl/IPrivacyManager.idl index 19884439f..4a238fdf5 100644 --- a/services/privacymanager/idl/IPrivacyManager.idl +++ b/services/privacymanager/idl/IPrivacyManager.idl @@ -20,7 +20,6 @@ sequenceable OHOS.Security.AccessToken.AddPermParamInfoParcel; sequenceable OHOS.Security.AccessToken.PermissionUsedTypeInfoParcel; sequenceable OHOS.Security.AccessToken.PermissionUsedRequestParcel; sequenceable OHOS.Security.AccessToken.PermissionUsedResultParcel; -sequenceable OHOS.Security.AccessToken.SecCompEnhanceDataParcel; interface OHOS.Security.AccessToken.IPrivacyManager { [ipccode 1] void AddPermissionUsedRecord([in] AddPermParamInfoParcel infoParcel); @@ -39,8 +38,4 @@ interface OHOS.Security.AccessToken.IPrivacyManager { [ipccode 14] void SetHapWithFGReminder([in] unsigned int tokenId, [in] boolean isAllowed); [ipccode 15] void SetPermissionUsedRecordToggleStatus([in] int userID, [in] boolean status); [ipccode 16] void GetPermissionUsedRecordToggleStatus([in] int userID, [out] boolean status); - [ipccode 101, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE, oneway] void RegisterSecCompEnhance([in] SecCompEnhanceDataParcel enhanceParcel); - [ipccode 102, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void UpdateSecCompEnhance([in] int pid, [in] unsigned int seqNum); - [ipccode 103, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void GetSecCompEnhance([in] int pid, [out] SecCompEnhanceDataParcel enhanceParcel); - [ipccode 104, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void GetSpecialSecCompEnhance([in] String bundleName, [out] List enhanceParcelList); } diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h index ed4a70e44..9cd117d47 100644 --- a/services/privacymanager/include/service/privacy_manager_service.h +++ b/services/privacymanager/include/service/privacy_manager_service.h @@ -57,13 +57,6 @@ public: int32_t RegisterPermActiveStatusCallback( const std::vector& permList, const sptr& callback) override; int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) override; -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE - int32_t RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel) override; - int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) override; - int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) override; - int32_t GetSpecialSecCompEnhance(const std::string& bundleName, - std::vector& enhanceParcelList) override; -#endif int32_t IsAllowedUsingPermission( AccessTokenID tokenId, const std::string& permissionName, int32_t pid, bool& isAllowed) override; int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index b953cb250..39a324d7e 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -32,9 +32,6 @@ #include "permission_record_manager.h" #include "privacy_error.h" #include "privacy_manager_proxy_death_param.h" -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -#include "privacy_sec_comp_enhance_agent.h" -#endif #include "system_ability_definition.h" #include "string_ex.h" #include "tokenid_kit.h" @@ -335,57 +332,6 @@ int32_t PrivacyManagerService::RegisterPermActiveStatusCallback( IPCSkeleton::GetCallingTokenID(), permList, callback); } -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -int32_t PrivacyManagerService::RegisterSecCompEnhance(const SecCompEnhanceDataParcel& enhanceParcel) -{ - LOGI(PRI_DOMAIN, PRI_TAG, "Pid: %{public}d", enhanceParcel.enhanceData.pid); - return PrivacySecCompEnhanceAgent::GetInstance().RegisterSecCompEnhance(enhanceParcel.enhanceData); -} - -int32_t PrivacyManagerService::UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) -{ - if (!IsSecCompServiceCalling()) { - return PrivacyError::ERR_PERMISSION_DENIED; - } - - return PrivacySecCompEnhanceAgent::GetInstance().UpdateSecCompEnhance(pid, seqNum); -} - -int32_t PrivacyManagerService::GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) -{ - if (!IsSecCompServiceCalling()) { - return PrivacyError::ERR_PERMISSION_DENIED; - } - - SecCompEnhanceData enhanceData; - int32_t res = PrivacySecCompEnhanceAgent::GetInstance().GetSecCompEnhance(pid, enhanceData); - if (res != RET_SUCCESS) { - LOGW(PRI_DOMAIN, PRI_TAG, "Pid: %{public}d get enhance failed ", pid); - return res; - } - - enhanceParcel.enhanceData = enhanceData; - return RET_SUCCESS; -} - -int32_t PrivacyManagerService::GetSpecialSecCompEnhance(const std::string& bundleName, - std::vector& enhanceParcelList) -{ - if (!IsSecCompServiceCalling()) { - return PrivacyError::ERR_PERMISSION_DENIED; - } - - std::vector enhanceList; - PrivacySecCompEnhanceAgent::GetInstance().GetSpecialSecCompEnhance(bundleName, enhanceList); - for (const auto& enhance : enhanceList) { - SecCompEnhanceDataParcel parcel; - parcel.enhanceData = enhance; - enhanceParcelList.emplace_back(parcel); - } - return RET_SUCCESS; -} -#endif - int32_t PrivacyManagerService::ResponseDumpCommand(int32_t fd, const std::vector& args) { if (args.size() < 2) { // 2 :need two args 0:command 1:tokenId @@ -570,17 +516,6 @@ bool PrivacyManagerService::Initialize() return true; } -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE -bool PrivacyManagerService::IsSecCompServiceCalling() -{ - uint32_t tokenCaller = IPCSkeleton::GetCallingTokenID(); - if (secCompTokenId_ == 0) { - secCompTokenId_ = AccessTokenKit::GetNativeTokenId("security_component_service"); - } - return tokenCaller == secCompTokenId_; -} -#endif - bool PrivacyManagerService::IsPrivilegedCalling() const { // shell process is root in debug mode. diff --git a/test/fuzztest/innerkits/accesstoken/BUILD.gn b/test/fuzztest/innerkits/accesstoken/BUILD.gn index 8b1334097..6231bb4e9 100644 --- a/test/fuzztest/innerkits/accesstoken/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/BUILD.gn @@ -60,4 +60,11 @@ group("fuzztest") { "verifyaccesstoken_fuzzer:VerifyAccessTokenFuzzTest", "verifyaccesstokenwithlist_fuzzer:VerifyAccessTokenWithListFuzzTest", ] + if (security_component_enhance_enable) { + deps += [ + "getseccompenhance_fuzzer:GetSecCompEnhanceFuzzTest", + "registerseccompenhance_fuzzer:RegisterSecCompEnhanceFuzzTest", + "updateseccompenhance_fuzzer:UpdateSecCompEnhanceFuzzTest", + ] + } } diff --git a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/BUILD.gn similarity index 88% rename from test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/BUILD.gn rename to test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/BUILD.gn index e3d12b3ac..d5bd56875 100644 --- a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/BUILD.gn @@ -16,7 +16,7 @@ import("//build/test.gni") import("../../../../../access_token.gni") ohos_fuzztest("GetSecCompEnhanceFuzzTest") { - module_out_path = module_output_path_interface_privacy + module_out_path = module_output_path_interface_access_token fuzz_config_file = "." include_dirs = [ "${access_token_path}/interfaces/innerkits/accesstoken/include", @@ -30,7 +30,9 @@ ohos_fuzztest("GetSecCompEnhanceFuzzTest") { ] sources = [ "getseccompenhance_fuzzer.cpp" ] - deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] + deps = [ + "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + ] configs = [ "${access_token_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/corpus/init similarity index 100% rename from test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/corpus/init rename to test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/corpus/init diff --git a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp similarity index 91% rename from test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp rename to test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp index e8722acb7..50a3f7dfe 100644 --- a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp +++ b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/getseccompenhance_fuzzer.cpp @@ -22,7 +22,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "privacy_kit.h" +#include "accesstoken_kit.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -38,7 +38,7 @@ namespace OHOS { SecCompEnhanceData secData; - return PrivacyKit::GetSecCompEnhance(fuzzData.GetData(), secData) == 0; + return AccessTokenKit::GetSecCompEnhance(fuzzData.GetData(), secData) == 0; } } diff --git a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/getseccompenhance_fuzzer.h b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/getseccompenhance_fuzzer.h similarity index 100% rename from test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/getseccompenhance_fuzzer.h rename to test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/getseccompenhance_fuzzer.h diff --git a/test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/project.xml similarity index 100% rename from test/fuzztest/innerkits/privacy/getseccompenhance_fuzzer/project.xml rename to test/fuzztest/innerkits/accesstoken/getseccompenhance_fuzzer/project.xml diff --git a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/BUILD.gn similarity index 89% rename from test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/BUILD.gn rename to test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/BUILD.gn index d63a7d3a7..37949c4d7 100644 --- a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/BUILD.gn @@ -16,7 +16,7 @@ import("//build/test.gni") import("../../../../../access_token.gni") ohos_fuzztest("RegisterSecCompEnhanceFuzzTest") { - module_out_path = module_output_path_interface_privacy + module_out_path = module_output_path_interface_access_token fuzz_config_file = "." include_dirs = [ "${access_token_path}/interfaces/innerkits/accesstoken/include", @@ -30,7 +30,9 @@ ohos_fuzztest("RegisterSecCompEnhanceFuzzTest") { ] sources = [ "registerseccompenhance_fuzzer.cpp" ] - deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] + deps = [ + "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + ] configs = [ "${access_token_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/corpus/init similarity index 100% rename from test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/corpus/init rename to test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/corpus/init diff --git a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/project.xml similarity index 100% rename from test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/project.xml rename to test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/project.xml diff --git a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp similarity index 94% rename from test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp rename to test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp index dbd328e09..b18d9fa51 100644 --- a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp +++ b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.cpp @@ -22,7 +22,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "privacy_kit.h" +#include "accesstoken_kit.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -44,7 +44,7 @@ namespace OHOS { secData.sessionId = fuzzData.GetData(); secData.seqNum = fuzzData.GetData(); - return PrivacyKit::RegisterSecCompEnhance(secData) == 0; + return AccessTokenKit::RegisterSecCompEnhance(secData) == 0; } } diff --git a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.h b/test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.h similarity index 100% rename from test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.h rename to test/fuzztest/innerkits/accesstoken/registerseccompenhance_fuzzer/registerseccompenhance_fuzzer.h diff --git a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/BUILD.gn similarity index 88% rename from test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/BUILD.gn rename to test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/BUILD.gn index 8793950f8..2c7dfa6a5 100644 --- a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/BUILD.gn @@ -16,7 +16,7 @@ import("//build/test.gni") import("../../../../../access_token.gni") ohos_fuzztest("UpdateSecCompEnhanceFuzzTest") { - module_out_path = module_output_path_interface_privacy + module_out_path = module_output_path_interface_access_token fuzz_config_file = "." include_dirs = [ "${access_token_path}/interfaces/innerkits/accesstoken/include", @@ -30,7 +30,9 @@ ohos_fuzztest("UpdateSecCompEnhanceFuzzTest") { ] sources = [ "updateseccompenhance_fuzzer.cpp" ] - deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] + deps = [ + "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + ] configs = [ "${access_token_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/corpus/init similarity index 100% rename from test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/corpus/init rename to test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/corpus/init diff --git a/test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/project.xml similarity index 100% rename from test/fuzztest/innerkits/privacy/registerseccompenhance_fuzzer/project.xml rename to test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/project.xml diff --git a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp similarity index 89% rename from test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp rename to test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp index 8dcf3b376..ae4fcaf3f 100644 --- a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp +++ b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.cpp @@ -22,7 +22,7 @@ #include "accesstoken_fuzzdata.h" #undef private -#include "privacy_kit.h" +#include "accesstoken_kit.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -36,7 +36,7 @@ namespace OHOS { AccessTokenFuzzData fuzzData(data, size); - return PrivacyKit::UpdateSecCompEnhance(fuzzData.GetData(), fuzzData.GetData()) == 0; + return AccessTokenKit::UpdateSecCompEnhance(fuzzData.GetData(), fuzzData.GetData()) == 0; } } diff --git a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.h b/test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.h similarity index 100% rename from test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.h rename to test/fuzztest/innerkits/accesstoken/updateseccompenhance_fuzzer/updateseccompenhance_fuzzer.h diff --git a/test/fuzztest/innerkits/privacy/BUILD.gn b/test/fuzztest/innerkits/privacy/BUILD.gn index cce6b6df9..8d25a97a4 100644 --- a/test/fuzztest/innerkits/privacy/BUILD.gn +++ b/test/fuzztest/innerkits/privacy/BUILD.gn @@ -32,13 +32,5 @@ group("fuzztest") { "stopusingpermission_fuzzer:StopUsingPermissionFuzzTest", "unregisterpermactivestatuscallback_fuzzer:UnRegisterPermActiveStatusCallbackFuzzTest", ] - if (security_component_enhance_enable) { - deps += [ - "getseccompenhance_fuzzer:GetSecCompEnhanceFuzzTest", - "getspecialseccompenhance_fuzzer:GetSpecialSecCompEnhanceFuzzTest", - "registerseccompenhance_fuzzer:RegisterSecCompEnhanceFuzzTest", - "updateseccompenhance_fuzzer:UpdateSecCompEnhanceFuzzTest", - ] - } } } diff --git a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/BUILD.gn b/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/BUILD.gn deleted file mode 100644 index 96844110a..000000000 --- a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/BUILD.gn +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/config/features.gni") -import("//build/test.gni") -import("../../../../../access_token.gni") - -ohos_fuzztest("GetSpecialSecCompEnhanceFuzzTest") { - module_out_path = module_output_path_interface_privacy - fuzz_config_file = "." - include_dirs = [ - "${access_token_path}/interfaces/innerkits/accesstoken/include", - "${access_token_path}/test/fuzztest/common", - ] - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - sources = [ "getspecialseccompenhance_fuzzer.cpp" ] - - deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] - - configs = [ "${access_token_path}/config:coverage_flags" ] - - cflags_cc = [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] - - external_deps = [ - "c_utils:utils", - "hilog:libhilog", - "ipc:ipc_core", - ] -} diff --git a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.cpp b/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.cpp deleted file mode 100644 index 85bea67be..000000000 --- a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.cpp +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "getspecialseccompenhance_fuzzer.h" - -#include -#include -#include -#include - -#include "accesstoken_fuzzdata.h" -#undef private -#include "privacy_kit.h" - -using namespace std; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { - bool GetSpecialSecCompEnhanceFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - - AccessTokenFuzzData fuzzData(data, size); - - std::vector enhanceList; - - return PrivacyKit::GetSpecialSecCompEnhance(fuzzData.GenerateStochasticString(), enhanceList) == 0; - } -} - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) -{ - /* Run your code on data */ - OHOS::GetSpecialSecCompEnhanceFuzzTest(data, size); - return 0; -} diff --git a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.h b/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.h deleted file mode 100644 index adb87a6ee..000000000 --- a/test/fuzztest/innerkits/privacy/getspecialseccompenhance_fuzzer/getspecialseccompenhance_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TEST_FUZZTEST_GETSPECIALSECCOMPENHANCE_FUZZER_H -#define TEST_FUZZTEST_GETSPECIALSECCOMPENHANCE_FUZZER_H - -#define FUZZ_PROJECT_NAME "getspecialseccompenhance_fuzzer" - -#endif // TEST_FUZZTEST_GETSPECIALSECCOMPENHANCE_FUZZER_H diff --git a/test/fuzztest/services/accesstoken/BUILD.gn b/test/fuzztest/services/accesstoken/BUILD.gn index 99767dcd1..b5c13d910 100644 --- a/test/fuzztest/services/accesstoken/BUILD.gn +++ b/test/fuzztest/services/accesstoken/BUILD.gn @@ -70,4 +70,11 @@ group("fuzztest") { "setfirstcallertokenid_fuzzer:SetFirstCallerTokenIDFuzzTest", ] } + if (security_component_enhance_enable) { + deps += [ + "getseccompenhancestub_fuzzer:GetSecCompEnhanceStubFuzzTest", + "registerseccompenhancestub_fuzzer:RegisterSecCompEnhanceStubFuzzTest", + "updateseccompenhancestub_fuzzer:UpdateSecCompEnhanceStubFuzzTest", + ] + } } diff --git a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni index c0406e4aa..37402c406 100644 --- a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni +++ b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni @@ -17,8 +17,9 @@ import("../../../../access_token.gni") access_token_include_dirs = [ "${access_token_path}/services/accesstokenmanager/main/cpp/include", "${access_token_path}/services/accesstokenmanager/main/cpp/include/callback", - "${access_token_path}/services/accesstokenmanager/main/cpp/include/service", "${access_token_path}/services/accesstokenmanager/main/cpp/include/form_manager", + "${access_token_path}/services/accesstokenmanager/main/cpp/include/seccomp", + "${access_token_path}/services/accesstokenmanager/main/cpp/include/service", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", "${access_token_path}/services/accesstokenmanager/main/cpp/include/permission", "${access_token_path}/services/accesstokenmanager/main/cpp/include/database", @@ -31,7 +32,9 @@ access_token_include_dirs = [ "${access_token_path}/services/tokensyncmanager/include/protocol", "${access_token_path}/frameworks/common/include", "${access_token_path}/frameworks/accesstoken/include", + "${access_token_path}/frameworks/privacy/include", "${access_token_path}/interfaces/innerkits/privacy/include", + "${access_token_path}/interfaces/innerkits/privacy/src", "${access_token_path}/interfaces/innerkits/tokensync/src", "${access_token_path}/services/common/ability_manager/include", "${access_token_path}/services/common/app_manager/include", diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/BUILD.gn similarity index 65% rename from test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/BUILD.gn rename to test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/BUILD.gn index 91d09a472..f9f4a283b 100644 --- a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/BUILD.gn @@ -14,10 +14,10 @@ import("//build/config/features.gni") import("//build/test.gni") import("../../../../../access_token.gni") -import("../privacy_service_fuzz.gni") +import("../access_token_service_fuzz.gni") ohos_fuzztest("GetSecCompEnhanceStubFuzzTest") { - module_out_path = module_output_path_service_privacy + module_out_path = module_output_path_service_access_token fuzz_config_file = "." sources = [ "getseccompenhancestub_fuzzer.cpp" ] @@ -31,22 +31,18 @@ ohos_fuzztest("GetSecCompEnhanceStubFuzzTest") { configs = [ "${access_token_path}/config:coverage_flags", - "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", ] - include_dirs = privacy_include_dirs + include_dirs = access_token_include_dirs - sources += privacy_sources - sources += [ "${access_token_path}/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp" ] + sources += access_token_sources + sources += [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp" ] - defines = privacy_defines - - cflags_cc = privacy_cflags_cc + cflags_cc = access_token_cflags_cc cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] - deps = privacy_deps - - deps += [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] + deps = access_token_deps - external_deps = privacy_external_deps + external_deps = access_token_external_deps } diff --git a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/corpus/init similarity index 100% rename from test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/corpus/init rename to test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/corpus/init diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp similarity index 81% rename from test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp rename to test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp index fb6b46af6..90b41c25d 100644 --- a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.cpp @@ -20,13 +20,13 @@ #include #include "accesstoken_fuzzdata.h" +#include "accesstoken_manager_service.h" #undef private #include "errors.h" -#include "iprivacy_manager.h" +#include "iaccess_token_manager.h" #include "on_permission_used_record_callback_stub.h" #include "permission_used_request.h" #include "permission_used_request_parcel.h" -#include "privacy_manager_service.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -41,16 +41,16 @@ namespace OHOS { AccessTokenFuzzData fuzzData(data, size); MessageParcel datas; - datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!datas.WriteInt32(fuzzData.GetData())) { return false; } - uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_GET_SEC_COMP_ENHANCE); + uint32_t code = static_cast(IAccessTokenManagerIpcCode::COMMAND_GET_SEC_COMP_ENHANCE); MessageParcel reply; MessageOption option; - DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); + DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); return true; } diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.h b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.h similarity index 100% rename from test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.h rename to test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/getseccompenhancestub_fuzzer.h diff --git a/test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/project.xml b/test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/project.xml similarity index 100% rename from test/fuzztest/innerkits/privacy/updateseccompenhance_fuzzer/project.xml rename to test/fuzztest/services/accesstoken/getseccompenhancestub_fuzzer/project.xml diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/BUILD.gn similarity index 66% rename from test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/BUILD.gn rename to test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/BUILD.gn index 1eef34967..dff5a98d7 100644 --- a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/BUILD.gn @@ -14,10 +14,10 @@ import("//build/config/features.gni") import("//build/test.gni") import("../../../../../access_token.gni") -import("../privacy_service_fuzz.gni") +import("../access_token_service_fuzz.gni") ohos_fuzztest("RegisterSecCompEnhanceStubFuzzTest") { - module_out_path = module_output_path_service_privacy + module_out_path = module_output_path_service_access_token fuzz_config_file = "." sources = [ "registerseccompenhancestub_fuzzer.cpp" ] @@ -31,25 +31,21 @@ ohos_fuzztest("RegisterSecCompEnhanceStubFuzzTest") { configs = [ "${access_token_path}/config:coverage_flags", - "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", ] - include_dirs = privacy_include_dirs + include_dirs = access_token_include_dirs - sources += privacy_sources - sources += [ "${access_token_path}/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp" ] + sources += access_token_sources + sources += [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp" ] - defines = privacy_defines - - cflags_cc = privacy_cflags_cc + cflags_cc = access_token_cflags_cc cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE", "-DTOKEN_SYNC_ENABLE", ] - deps = privacy_deps - - deps += [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] + deps = access_token_deps - external_deps = privacy_external_deps + external_deps = access_token_external_deps } diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/corpus/init similarity index 100% rename from test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/corpus/init rename to test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/corpus/init diff --git a/test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/project.xml b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/project.xml similarity index 100% rename from test/fuzztest/services/privacy/getseccompenhancestub_fuzzer/project.xml rename to test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/project.xml diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp similarity index 89% rename from test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp rename to test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp index de6cfaee5..fcc5821c9 100644 --- a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.cpp @@ -21,14 +21,14 @@ #include "accesstoken_callbacks.h" #include "accesstoken_fuzzdata.h" +#include "accesstoken_manager_service.h" #undef private #include "errors.h" #include "hap_token_info.h" -#include "iprivacy_manager.h" +#include "iaccess_token_manager.h" #include "on_permission_used_record_callback_stub.h" #include "permission_used_request.h" #include "permission_used_request_parcel.h" -#include "privacy_manager_service.h" #include "securec.h" #include "token_sync_kit_interface.h" @@ -86,16 +86,16 @@ public: enhance.enhanceData = secData; MessageParcel datas; - datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!datas.WriteParcelable(&enhance)) { return false; } - uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_REGISTER_SEC_COMP_ENHANCE); + uint32_t code = static_cast(IAccessTokenManagerIpcCode::COMMAND_REGISTER_SEC_COMP_ENHANCE); MessageParcel reply; MessageOption option; - DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); + DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); return true; } diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.h b/test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.h similarity index 100% rename from test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.h rename to test/fuzztest/services/accesstoken/registerseccompenhancestub_fuzzer/registerseccompenhancestub_fuzzer.h diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/BUILD.gn similarity index 65% rename from test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/BUILD.gn rename to test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/BUILD.gn index f432f9793..e0a547359 100644 --- a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/BUILD.gn @@ -14,10 +14,10 @@ import("//build/config/features.gni") import("//build/test.gni") import("../../../../../access_token.gni") -import("../privacy_service_fuzz.gni") +import("../access_token_service_fuzz.gni") ohos_fuzztest("UpdateSecCompEnhanceStubFuzzTest") { - module_out_path = module_output_path_service_privacy + module_out_path = module_output_path_service_access_token fuzz_config_file = "." sources = [ "updateseccompenhancestub_fuzzer.cpp" ] @@ -31,22 +31,18 @@ ohos_fuzztest("UpdateSecCompEnhanceStubFuzzTest") { configs = [ "${access_token_path}/config:coverage_flags", - "${access_token_path}/services/privacymanager:privacy_manager_gen_config", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", ] - include_dirs = privacy_include_dirs + include_dirs = access_token_include_dirs - sources += privacy_sources - sources += [ "${access_token_path}/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp" ] + sources += access_token_sources + sources += [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp" ] - defines = privacy_defines - - cflags_cc = privacy_cflags_cc + cflags_cc = access_token_cflags_cc cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] - deps = privacy_deps - - deps += [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] + deps = access_token_deps - external_deps = privacy_external_deps + external_deps = access_token_external_deps } diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/corpus/init similarity index 100% rename from test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/corpus/init rename to test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/corpus/init diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/project.xml b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/project.xml similarity index 100% rename from test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/project.xml rename to test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/project.xml diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp similarity index 82% rename from test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp rename to test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp index c203ebb84..c8ecc626e 100644 --- a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.cpp @@ -20,13 +20,13 @@ #include #include "accesstoken_fuzzdata.h" +#include "accesstoken_manager_service.h" #undef private #include "errors.h" -#include "iprivacy_manager.h" +#include "iaccess_token_manager.h" #include "on_permission_used_record_callback_stub.h" #include "permission_used_request.h" #include "permission_used_request_parcel.h" -#include "privacy_manager_service.h" using namespace std; using namespace OHOS::Security::AccessToken; @@ -41,7 +41,7 @@ namespace OHOS { AccessTokenFuzzData fuzzData(data, size); MessageParcel datas; - datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!datas.WriteInt32(fuzzData.GetData())) { return false; } @@ -50,11 +50,11 @@ namespace OHOS { return false; } - uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_UPDATE_SEC_COMP_ENHANCE); + uint32_t code = static_cast(IAccessTokenManagerIpcCode::COMMAND_UPDATE_SEC_COMP_ENHANCE); MessageParcel reply; MessageOption option; - DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); + DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); return true; } diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.h b/test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.h similarity index 100% rename from test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.h rename to test/fuzztest/services/accesstoken/updateseccompenhancestub_fuzzer/updateseccompenhancestub_fuzzer.h diff --git a/test/fuzztest/services/privacy/BUILD.gn b/test/fuzztest/services/privacy/BUILD.gn index a978c1437..eca096db6 100644 --- a/test/fuzztest/services/privacy/BUILD.gn +++ b/test/fuzztest/services/privacy/BUILD.gn @@ -35,14 +35,5 @@ group("fuzztest") { "stopusingpermissionstub_fuzzer:StopUsingPermissionStubFuzzTest", "unregisterpermactivestatuscallbackstub_fuzzer:UnRegisterPermActiveStatusCallbackStubFuzzTest", ] - - if (security_component_enhance_enable) { - deps += [ - "getseccompenhancestub_fuzzer:GetSecCompEnhanceStubFuzzTest", - "getspecialseccompenhancestub_fuzzer:GetSpecialSecCompEnhanceStubFuzzTest", - "registerseccompenhancestub_fuzzer:RegisterSecCompEnhanceStubFuzzTest", - "updateseccompenhancestub_fuzzer:UpdateSecCompEnhanceStubFuzzTest", - ] - } } } diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/BUILD.gn deleted file mode 100644 index f3f0eae63..000000000 --- a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/BUILD.gn +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright (c) 2024-2025 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/config/features.gni") -import("//build/test.gni") -import("../../../../../access_token.gni") -import("../privacy_service_fuzz.gni") - -ohos_fuzztest("GetSpecialSecCompEnhanceStubFuzzTest") { - module_out_path = module_output_path_service_privacy - fuzz_config_file = "." - - sources = [ "getspecialseccompenhancestub_fuzzer.cpp" ] - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - configs = [ - "${access_token_path}/config:coverage_flags", - "${access_token_path}/services/privacymanager:privacy_manager_gen_config", - ] - - include_dirs = privacy_include_dirs - - sources += privacy_sources - sources += [ "${access_token_path}/services/privacymanager/src/seccomp/privacy_sec_comp_enhance_agent.cpp" ] - - defines = privacy_defines - - cflags_cc = privacy_cflags_cc - cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] - - deps = privacy_deps - - deps += [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] - - external_deps = privacy_external_deps -} diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.cpp b/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.cpp deleted file mode 100644 index aaf7a81bc..000000000 --- a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.cpp +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 2024-2025 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "getspecialseccompenhancestub_fuzzer.h" - -#include -#include -#include - -#include "accesstoken_fuzzdata.h" -#undef private -#include "errors.h" -#include "iprivacy_manager.h" -#include "on_permission_used_record_callback_stub.h" -#include "permission_used_request.h" -#include "permission_used_request_parcel.h" -#include "privacy_manager_service.h" - -using namespace std; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { - bool GetSpecialSecCompEnhanceStubFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - - AccessTokenFuzzData fuzzData(data, size); - - MessageParcel datas; - datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!datas.WriteString(fuzzData.GenerateStochasticString())) { - return false; - } - - uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_GET_SPECIAL_SEC_COMP_ENHANCE); - - MessageParcel reply; - MessageOption option; - DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); - - return true; - } -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) -{ - /* Run your code on data */ - OHOS::GetSpecialSecCompEnhanceStubFuzzTest(data, size); - return 0; -} diff --git a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.h b/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.h deleted file mode 100644 index 5b4a35f82..000000000 --- a/test/fuzztest/services/privacy/getspecialseccompenhancestub_fuzzer/getspecialseccompenhancestub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TEST_FUZZTEST_GETSPECIALSECCOMPENHANCESTUB_FUZZER_H -#define TEST_FUZZTEST_GETSPECIALSECCOMPENHANCESTUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "getspecialseccompenhancestub_fuzzer" - -#endif // TEST_FUZZTEST_GETSPECIALSECCOMPENHANCESTUB_FUZZER_H diff --git a/test/fuzztest/services/privacy/privacy_service_fuzz.gni b/test/fuzztest/services/privacy/privacy_service_fuzz.gni index 285586d63..f833e8657 100644 --- a/test/fuzztest/services/privacy/privacy_service_fuzz.gni +++ b/test/fuzztest/services/privacy/privacy_service_fuzz.gni @@ -25,7 +25,6 @@ privacy_include_dirs = [ "${access_token_path}/services/privacymanager/include/common", "${access_token_path}/services/privacymanager/include/database", "${access_token_path}/services/privacymanager/include/record", - "${access_token_path}/services/privacymanager/include/seccomp", "${access_token_path}/services/privacymanager/include/service", "${access_token_path}/services/privacymanager/include/proxy", "${access_token_path}/services/privacymanager/include/sensitive", diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/corpus/init b/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/corpus/init deleted file mode 100644 index e7c3fecd8..000000000 --- a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/corpus/init +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FUZZ \ No newline at end of file diff --git a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/project.xml b/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/project.xml deleted file mode 100644 index 7133b2b92..000000000 --- a/test/fuzztest/services/privacy/registerseccompenhancestub_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/corpus/init b/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/corpus/init deleted file mode 100644 index e7c3fecd8..000000000 --- a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/corpus/init +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FUZZ \ No newline at end of file diff --git a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/project.xml b/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/project.xml deleted file mode 100644 index 7133b2b92..000000000 --- a/test/fuzztest/services/privacy/updateseccompenhancestub_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - -- Gitee From c987db1d8342ab4d98a51b1eaea731332ba63cbd Mon Sep 17 00:00:00 2001 From: dingqiaoqiao Date: Fri, 25 Apr 2025 16:53:27 +0800 Subject: [PATCH 072/103] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E4=BE=9D=E8=B5=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: dingqiaoqiao Change-Id: Ibfcc67e02bc0cbeb2101a24d2171ffed36b7e85f --- services/common/screenlock_manager/BUILD.gn | 1 + 1 file changed, 1 insertion(+) diff --git a/services/common/screenlock_manager/BUILD.gn b/services/common/screenlock_manager/BUILD.gn index 8a03c4ba4..e0c9501a3 100644 --- a/services/common/screenlock_manager/BUILD.gn +++ b/services/common/screenlock_manager/BUILD.gn @@ -45,6 +45,7 @@ ohos_shared_library("accesstoken_screenlock_manager") { "c_utils:utils", "ipc:ipc_core", "screenlock_mgr:screenlock_client", + "eventhandler:libeventhandler", ] } } -- Gitee From d26de648f0c1734a85496a405b9b4c754fb87d77 Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Sun, 27 Apr 2025 16:54:03 +0800 Subject: [PATCH 073/103] =?UTF-8?q?=E8=A6=86=E7=9B=96=E7=8E=87=E7=94=A8?= =?UTF-8?q?=E4=BE=8B=E7=AD=89=E7=BA=A7=E8=B0=83=E6=95=B4250427?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: Ie4b78feb3d5492883329e286262efb560be08ff2 --- .../accesstoken_kit_coverage_test.cpp | 30 ++++----- .../accesstoken_database_coverage_test.cpp | 10 +-- .../permission_manager_coverage_test.cpp | 10 +-- .../test/unittest/cjson_utils_test.cpp | 30 ++++----- .../test/unittest/json_parse_loader_test.cpp | 8 +-- ...ermission_record_manager_coverage_test.cpp | 66 +++++++++---------- .../sensitive_manager_coverage_test.cpp | 8 +-- 7 files changed, 81 insertions(+), 81 deletions(-) diff --git a/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp index 5e3274cab..fda0ef88b 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/Coverage/accesstoken_kit_coverage_test.cpp @@ -94,7 +94,7 @@ public: * @tc.type: FUNC * @tc.require: issueI61NS6 */ -HWTEST_F(AccessTokenCoverageTest, PermStateChangeCallback001, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, PermStateChangeCallback001, TestSize.Level4) { PermStateChangeInfo result = { .permStateChangeType = 0, @@ -129,7 +129,7 @@ public: * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(AccessTokenCoverageTest, OnRemoteRequest001, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, OnRemoteRequest001, TestSize.Level4) { PermStateChangeInfo info = { .permStateChangeType = 0, @@ -164,7 +164,7 @@ HWTEST_F(AccessTokenCoverageTest, OnRemoteRequest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(AccessTokenCoverageTest, CreatePermStateChangeCallback001, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, CreatePermStateChangeCallback001, TestSize.Level4) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.GET_SENSITIVE_PERMISSIONS"); @@ -201,7 +201,7 @@ HWTEST_F(AccessTokenCoverageTest, CreatePermStateChangeCallback001, TestSize.Lev * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(AccessTokenCoverageTest, InitProxy001, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, InitProxy001, TestSize.Level4) { ASSERT_NE(nullptr, AccessTokenManagerClient::GetInstance().proxy_); OHOS::sptr proxy = AccessTokenManagerClient::GetInstance().proxy_; // backup @@ -217,7 +217,7 @@ HWTEST_F(AccessTokenCoverageTest, InitProxy001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(AccessTokenCoverageTest, AllocHapToken001, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, AllocHapToken001, TestSize.Level4) { HapInfoParams info; HapPolicyParams policy; @@ -232,7 +232,7 @@ HWTEST_F(AccessTokenCoverageTest, AllocHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(AccessTokenCoverageTest, VerifyAccessToken005, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, VerifyAccessToken005, TestSize.Level4) { HapInfoParams info = { .userID = TEST_USER_ID, @@ -285,7 +285,7 @@ HWTEST_F(AccessTokenCoverageTest, VerifyAccessToken005, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI7MOA1 */ -HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest001, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest001, TestSize.Level4) { uint64_t validTokenID = GetSelfTokenID(); uint64_t retTokenId = validTokenID; @@ -301,7 +301,7 @@ HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI7MOA1 */ -HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest002, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest002, TestSize.Level4) { uint64_t invalidTokenID = 0; uint64_t retTokenId = 1; /* 1, for testing purposes */ @@ -316,7 +316,7 @@ HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest003, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, GetRenderTokenIDTest003, TestSize.Level4) { uint64_t invalidTokenID = 0; uint64_t retTokenId = 1; /* 1, for testing purposes */ @@ -379,7 +379,7 @@ public: * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest001, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest001, TestSize.Level4) { TokenSyncCallbackStubTest callback; @@ -400,7 +400,7 @@ HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest002, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest002, TestSize.Level4) { TokenSyncCallbackStubTest callback; OHOS::MessageParcel data; @@ -418,7 +418,7 @@ HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest003, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest003, TestSize.Level4) { TokenSyncCallbackStubTest callback; OHOS::MessageParcel data; @@ -450,7 +450,7 @@ HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest004, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest004, TestSize.Level4) { setuid(3020); // ACCESSTOKEN_UID @@ -492,7 +492,7 @@ HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackStubTest004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackTest001, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackTest001, TestSize.Level4) { TokenSyncCallback callback(nullptr); EXPECT_EQ(nullptr, callback.tokenSyncCallback_); // test input @@ -513,7 +513,7 @@ HWTEST_F(AccessTokenCoverageTest, TokenSyncCallbackTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenCoverageTest, GetPermissionManagerInfo001, TestSize.Level1) +HWTEST_F(AccessTokenCoverageTest, GetPermissionManagerInfo001, TestSize.Level4) { PermissionGrantInfo info; AccessTokenKit::GetPermissionManagerInfo(info); diff --git a/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp b/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp index 55603f5ce..6d78206d9 100644 --- a/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp +++ b/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp @@ -67,7 +67,7 @@ void AccessTokenDatabaseCoverageTest::TearDown() {} * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDatabaseCoverageTest, ToRdbValueBuckets001, TestSize.Level1) +HWTEST_F(AccessTokenDatabaseCoverageTest, ToRdbValueBuckets001, TestSize.Level4) { std::vector values; GenericValues value; @@ -83,7 +83,7 @@ HWTEST_F(AccessTokenDatabaseCoverageTest, ToRdbValueBuckets001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDatabaseCoverageTest, TranslationIntoPermissionStatus001, TestSize.Level1) +HWTEST_F(AccessTokenDatabaseCoverageTest, TranslationIntoPermissionStatus001, TestSize.Level4) { GenericValues value; value.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, 1); @@ -105,7 +105,7 @@ HWTEST_F(AccessTokenDatabaseCoverageTest, TranslationIntoPermissionStatus001, Te * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDatabaseCoverageTest, OnUpgrade001, TestSize.Level1) +HWTEST_F(AccessTokenDatabaseCoverageTest, OnUpgrade001, TestSize.Level4) { AccessTokenOpenCallback callback; uint32_t flag = 0; @@ -155,7 +155,7 @@ HWTEST_F(AccessTokenDatabaseCoverageTest, OnUpgrade001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDatabaseCoverageTest, Modify001, TestSize.Level1) +HWTEST_F(AccessTokenDatabaseCoverageTest, Modify001, TestSize.Level4) { AtmDataType type = static_cast(NOT_EXSIT_ATM_TYPE); GenericValues modifyValue; @@ -194,7 +194,7 @@ HWTEST_F(AccessTokenDatabaseCoverageTest, Modify001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDatabaseCoverageTest, Find001, TestSize.Level1) +HWTEST_F(AccessTokenDatabaseCoverageTest, Find001, TestSize.Level4) { AtmDataType type = static_cast(NOT_EXSIT_ATM_TYPE); GenericValues conditionValue; diff --git a/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp b/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp index 39c357004..6dda09ac9 100644 --- a/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp +++ b/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp @@ -91,7 +91,7 @@ void PermissionRecordManagerCoverageTest::TearDown() {} * @tc.type: FUNC * @tc.require: issueI5RWXF */ -HWTEST_F(PermissionRecordManagerCoverageTest, RegisterAddObserverTest001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerCoverageTest, RegisterAddObserverTest001, TestSize.Level4) { AccessTokenID selfTokenId = GetSelfTokenID(); AccessTokenID nativeToken = AccessTokenInfoManager::GetInstance().GetNativeTokenId("privacy_service"); @@ -116,7 +116,7 @@ HWTEST_F(PermissionRecordManagerCoverageTest, RegisterAddObserverTest001, TestSi * @tc.type: FUNC * @tc.require: issueI5RWXF */ -HWTEST_F(PermissionRecordManagerCoverageTest, FormMgrDiedHandle001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerCoverageTest, FormMgrDiedHandle001, TestSize.Level4) { FormManagerAccessClient::GetInstance().OnRemoteDiedHandle(); ASSERT_EQ(nullptr, FormManagerAccessClient::GetInstance().proxy_); @@ -144,7 +144,7 @@ public: * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerCoverageTest, OnRemoteRequest001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerCoverageTest, OnRemoteRequest001, TestSize.Level4) { PermissionRecordManagerCoverTestCb1 callback; @@ -184,7 +184,7 @@ HWTEST_F(PermissionRecordManagerCoverageTest, OnRemoteRequest001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerCoverageTest, UpdateCapStateToDatabase001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerCoverageTest, UpdateCapStateToDatabase001, TestSize.Level4) { AccessTokenIDEx tokenIdEx = {0}; ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_info, g_policy, tokenIdEx)); @@ -202,7 +202,7 @@ HWTEST_F(PermissionRecordManagerCoverageTest, UpdateCapStateToDatabase001, TestS * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerCoverageTest, RestorePermissionPolicy001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerCoverageTest, RestorePermissionPolicy001, TestSize.Level4) { GenericValues value1; value1.Put(TokenFiledConst::FIELD_TOKEN_ID, 123); // 123 is random input diff --git a/services/common/json_parse/test/unittest/cjson_utils_test.cpp b/services/common/json_parse/test/unittest/cjson_utils_test.cpp index b87787688..c9cbc3fb0 100644 --- a/services/common/json_parse/test/unittest/cjson_utils_test.cpp +++ b/services/common/json_parse/test/unittest/cjson_utils_test.cpp @@ -44,7 +44,7 @@ void CJsonUtilsTest::TearDown() {} * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level4) { std::string test; EXPECT_EQ(nullptr, CreateJsonFromString(test)); @@ -56,7 +56,7 @@ HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, PackJsonToStringTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, PackJsonToStringTest001, TestSize.Level4) { std::string res = PackJsonToString(nullptr); EXPECT_EQ(res.size(), 0); @@ -70,7 +70,7 @@ HWTEST_F(CJsonUtilsTest, PackJsonToStringTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetObjFromJsonTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, GetObjFromJsonTest001, TestSize.Level4) { std::string test; EXPECT_EQ(nullptr, GetObjFromJson(nullptr, test)); @@ -90,7 +90,7 @@ HWTEST_F(CJsonUtilsTest, GetObjFromJsonTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetArrayFromJsonTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, GetArrayFromJsonTest001, TestSize.Level4) { std::string test; EXPECT_EQ(nullptr, GetArrayFromJson(nullptr, test)); @@ -110,7 +110,7 @@ HWTEST_F(CJsonUtilsTest, GetArrayFromJsonTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetStringFromJsonTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, GetStringFromJsonTest001, TestSize.Level4) { std::string test; std::string res; @@ -134,7 +134,7 @@ HWTEST_F(CJsonUtilsTest, GetStringFromJsonTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetIntFromJsonTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, GetIntFromJsonTest001, TestSize.Level4) { std::string test; int32_t res; @@ -155,7 +155,7 @@ HWTEST_F(CJsonUtilsTest, GetIntFromJsonTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetUnsignedIntFromJsonTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, GetUnsignedIntFromJsonTest001, TestSize.Level4) { std::string test; uint32_t res; @@ -176,7 +176,7 @@ HWTEST_F(CJsonUtilsTest, GetUnsignedIntFromJsonTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest001, TestSize.Level4) { std::string test; bool res; @@ -197,7 +197,7 @@ HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest002, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest002, TestSize.Level4) { std::string test = "test1"; bool res; @@ -214,7 +214,7 @@ HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddObjToJsonTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, AddObjToJsonTest001, TestSize.Level4) { ASSERT_EQ(false, AddObjToJson(nullptr, "", nullptr)); std::string test = "test1"; @@ -235,7 +235,7 @@ HWTEST_F(CJsonUtilsTest, AddObjToJsonTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddObjToArrayTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, AddObjToArrayTest001, TestSize.Level4) { ASSERT_EQ(false, AddObjToArray(nullptr, nullptr)); @@ -249,7 +249,7 @@ HWTEST_F(CJsonUtilsTest, AddObjToArrayTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level4) { ASSERT_EQ(false, AddStringToJson(nullptr, "", "")); ASSERT_EQ(false, AddStringToJson(nullptr, "test0", "test0")); @@ -266,7 +266,7 @@ HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level4) { ASSERT_EQ(false, AddBoolToJson(nullptr, "", true)); ASSERT_EQ(false, AddBoolToJson(nullptr, "test0", true)); @@ -283,7 +283,7 @@ HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level4) { ASSERT_EQ(false, AddIntToJson(nullptr, "", 0)); ASSERT_EQ(false, AddIntToJson(nullptr, "test0", 0)); @@ -300,7 +300,7 @@ HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddUnsignedIntToJsonTest001, TestSize.Level1) +HWTEST_F(CJsonUtilsTest, AddUnsignedIntToJsonTest001, TestSize.Level4) { ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "", 0)); ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "test0", 0)); diff --git a/services/common/json_parse/test/unittest/json_parse_loader_test.cpp b/services/common/json_parse/test/unittest/json_parse_loader_test.cpp index 5f90945fb..4da1bc534 100644 --- a/services/common/json_parse/test/unittest/json_parse_loader_test.cpp +++ b/services/common/json_parse/test/unittest/json_parse_loader_test.cpp @@ -51,7 +51,7 @@ void JsonParseLoaderTest::TearDown() {} * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(JsonParseLoaderTest, IsDirExsitTest001, TestSize.Level1) +HWTEST_F(JsonParseLoaderTest, IsDirExsitTest001, TestSize.Level4) { ConfigPolicLoader loader; EXPECT_FALSE(loader.IsDirExsit("")); @@ -68,7 +68,7 @@ HWTEST_F(JsonParseLoaderTest, IsDirExsitTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(JsonParseLoaderTest, GetConfigValueFromFileTest001, TestSize.Level1) +HWTEST_F(JsonParseLoaderTest, GetConfigValueFromFileTest001, TestSize.Level4) { ConfigPolicLoader loader; AccessTokenConfigValue config; @@ -82,7 +82,7 @@ HWTEST_F(JsonParseLoaderTest, GetConfigValueFromFileTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(JsonParseLoaderTest, ParserNativeRawDataTest001, TestSize.Level1) +HWTEST_F(JsonParseLoaderTest, ParserNativeRawDataTest001, TestSize.Level4) { ConfigPolicLoader loader; std::vector tokenInfos; @@ -95,7 +95,7 @@ HWTEST_F(JsonParseLoaderTest, ParserNativeRawDataTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(JsonParseLoaderTest, ParserDlpPermsRawDataTest001, TestSize.Level1) +HWTEST_F(JsonParseLoaderTest, ParserDlpPermsRawDataTest001, TestSize.Level4) { ConfigPolicLoader loader; std::vector dlpPerms; diff --git a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp index b23457fed..1cc14c11e 100644 --- a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp +++ b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp @@ -186,7 +186,7 @@ static PermissionUsedTypeInfo MakeInfo(AccessTokenID tokenId, int32_t pid, const * @tc.type: FUNC * @tc.require: issueI5RWX8 */ -HWTEST_F(PermissionRecordManagerTest, OnAppStateChanged001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, OnAppStateChanged001, TestSize.Level4) { PrivacyAppStateObserver observer; AppStateData appStateData; @@ -203,7 +203,7 @@ HWTEST_F(PermissionRecordManagerTest, OnAppStateChanged001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5SZHG */ -HWTEST_F(PermissionRecordManagerTest, AppStatusListener001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, AppStatusListener001, TestSize.Level4) { AccessTokenIDEx tokenIdEx1 = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -260,7 +260,7 @@ HWTEST_F(PermissionRecordManagerTest, AppStatusListener001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest001, TestSize.Level4) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.CAMERA"); @@ -292,7 +292,7 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest001, Tes * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest002, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest002, TestSize.Level4) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -318,7 +318,7 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest002, Tes * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest003, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest003, TestSize.Level4) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -343,7 +343,7 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest003, Tes * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest004, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest004, TestSize.Level4) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -368,7 +368,7 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest004, Tes * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PermissionRecordManagerTest, ExecuteCameraCallbackAsyncTest001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, ExecuteCameraCallbackAsyncTest001, TestSize.Level4) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -427,7 +427,7 @@ public: * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, OnRemoteDied001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, OnRemoteDied001, TestSize.Level4) { auto recipient = std::make_shared(); ASSERT_NE(nullptr, recipient); @@ -458,7 +458,7 @@ HWTEST_F(PermissionRecordManagerTest, OnRemoteDied001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, OnApplicationStateChanged001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, OnApplicationStateChanged001, TestSize.Level4) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -493,7 +493,7 @@ HWTEST_F(PermissionRecordManagerTest, OnApplicationStateChanged001, TestSize.Lev * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, RemoveCallback001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, RemoveCallback001, TestSize.Level4) { std::vector permList; sptr callback; @@ -535,7 +535,7 @@ HWTEST_F(PermissionRecordManagerTest, RemoveCallback001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, UpdateRecords001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, UpdateRecords001, TestSize.Level4) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -583,7 +583,7 @@ HWTEST_F(PermissionRecordManagerTest, UpdateRecords001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartList001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartList001, TestSize.Level4) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -620,7 +620,7 @@ HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartList001, TestSize.Lev * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, PermissionListFilter001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, PermissionListFilter001, TestSize.Level4) { std::vector listSrc; std::vector listRes; @@ -646,7 +646,7 @@ HWTEST_F(PermissionRecordManagerTest, PermissionListFilter001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, Unregister001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, Unregister001, TestSize.Level4) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -669,7 +669,7 @@ HWTEST_F(PermissionRecordManagerTest, Unregister001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, TranslationIntoPermissionRecord001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, TranslationIntoPermissionRecord001, TestSize.Level4) { GenericValues values; values.Put(PrivacyFiledConst::FIELD_TOKEN_ID, static_cast(10086)); @@ -718,7 +718,7 @@ void AddRecord(int32_t num, std::vector& values) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PermissionRecordManagerTest, GetRecords002, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, GetRecords002, TestSize.Level4) { std::vector values; int32_t num = MAX_DETAIL_NUM + 1; @@ -789,7 +789,7 @@ static void GeneratePermissionRecord(AccessTokenID tokenID) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, GetRecords003, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, GetRecords003, TestSize.Level4) { MockNativeToken mock("privacy_service"); AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( @@ -843,7 +843,7 @@ HWTEST_F(PermissionRecordManagerTest, GetRecords003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, GetRecords004, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, GetRecords004, TestSize.Level4) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -868,7 +868,7 @@ HWTEST_F(PermissionRecordManagerTest, GetRecords004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, GetRecords005, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, GetRecords005, TestSize.Level4) { PermissionRecordManager::GetInstance().UpdatePermRecImmediately(); @@ -886,7 +886,7 @@ HWTEST_F(PermissionRecordManagerTest, GetRecords005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level4) { MockNativeToken mock("privacy_service"); @@ -914,7 +914,7 @@ HWTEST_F(PermissionRecordManagerTest, SetPermissionUsedRecordToggleStatus001, Te * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level4) { bool res = true; EXPECT_EQ(Constant::SUCCESS, PermissionRecordManager::GetInstance().GetPermissionUsedRecordToggleStatus(0, res)); @@ -938,7 +938,7 @@ public: * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordsAsync001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordsAsync001, TestSize.Level4) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -960,7 +960,7 @@ HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordsAsync001, TestSize * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, GetLockScreenStatus001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, GetLockScreenStatus001, TestSize.Level4) { EXPECT_NE(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().GetLockScreenStatus(true)); } @@ -971,7 +971,7 @@ HWTEST_F(PermissionRecordManagerTest, GetLockScreenStatus001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetHapWithFGReminder001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetHapWithFGReminder001, TestSize.Level4) { EXPECT_NE(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().SetHapWithFGReminder(123, true)); @@ -992,7 +992,7 @@ HWTEST_F(PermissionRecordManagerTest, SetHapWithFGReminder001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest001, TestSize.Level4) { PermissionUsedRequest request; request.tokenId = 0; @@ -1008,7 +1008,7 @@ HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest001, TestSize.Lev * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest002, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest002, TestSize.Level4) { PermissionUsedRequest request; request.tokenId = g_selfTokenId; @@ -1025,7 +1025,7 @@ HWTEST_F(PermissionRecordManagerTest, GetRecordsFromLocalDBTest002, TestSize.Lev * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedStatusIfNeeded001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedStatusIfNeeded001, TestSize.Level4) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::DataType::PERMISSION_USED_RECORD_TOGGLE_STATUS; bool ret = PermissionRecordManager::GetInstance().AddOrUpdateUsedStatusIfNeeded(TEST_USER_ID_11, false); @@ -1062,7 +1062,7 @@ HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedStatusIfNeeded001, TestSize * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedTypeIfNeeded001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedTypeIfNeeded001, TestSize.Level4) { int32_t tokenId = static_cast(RANDOM_TOKENID); int32_t opCode = static_cast(Constant::OpCode::OP_ANSWER_CALL); @@ -1125,7 +1125,7 @@ HWTEST_F(PermissionRecordManagerTest, AddOrUpdateUsedTypeIfNeeded001, TestSize.L * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, DeletePermissionRecord001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, DeletePermissionRecord001, TestSize.Level4) { int32_t recordSize = PermissionRecordManager::GetInstance().recordSizeMaximum_; PermissionRecordManager::GetInstance().recordSizeMaximum_ = MAX_DETAIL_NUM; @@ -1148,7 +1148,7 @@ HWTEST_F(PermissionRecordManagerTest, DeletePermissionRecord001, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartListTest001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartListTest001, TestSize.Level4) { std::set startRecordList = PermissionRecordManager::GetInstance().startRecordList_; PermissionRecordManager::GetInstance().startRecordList_.clear(); @@ -1175,7 +1175,7 @@ HWTEST_F(PermissionRecordManagerTest, RemoveRecordFromStartListTest001, TestSize * @tc.type: FUNC * @tc.require: issueI5RWXF */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Level4) { EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); @@ -1202,7 +1202,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, CreatePermissionUsedTypeTable001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, CreatePermissionUsedTypeTable001, TestSize.Level4) { ASSERT_EQ(0, PermissionUsedRecordDb::GetInstance().CreatePermissionUsedTypeTable()); @@ -1220,7 +1220,7 @@ HWTEST_F(PermissionRecordManagerTest, CreatePermissionUsedTypeTable001, TestSize * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, InsertPermissionUsedTypeColumn001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, InsertPermissionUsedTypeColumn001, TestSize.Level4) { ASSERT_EQ(Constant::SUCCESS, PermissionUsedRecordDb::GetInstance().InsertPermissionUsedTypeColumn()); diff --git a/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp b/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp index 392eea355..cac6ec22d 100644 --- a/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp +++ b/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp @@ -70,7 +70,7 @@ public: * @tc.type: FUNC * @tc.require: */ -HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest001, TestSize.Level1) +HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest001, TestSize.Level4) { AppStateData appData; SensitiveManagerCoverageTestCb1 callback; @@ -91,7 +91,7 @@ HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest002, TestSize.Level1) +HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest002, TestSize.Level4) { AppStateData appData; SensitiveManagerCoverageTestCb1 callback; @@ -146,7 +146,7 @@ HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest003, TestSize.Level1) +HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest003, TestSize.Level4) { AppStateData appData; SensitiveManagerCoverageTestCb1 callback; @@ -169,7 +169,7 @@ HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest004, TestSize.Level1) +HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest004, TestSize.Level4) { SensitiveManagerCoverageTestCb1 callback; -- Gitee From 617f77cf565e9f475fe60d268e93ba01ffcd0263 Mon Sep 17 00:00:00 2001 From: wang_mingxu Date: Tue, 29 Apr 2025 10:23:13 +0800 Subject: [PATCH 074/103] fix softbus permission Signed-off-by: wang_mingxu --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index b7f3b161e..4d6455a92 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -1284,7 +1284,7 @@ "name": "ohos.permission.DISTRIBUTED_SOFTBUS_CENTER", "grantMode": "system_grant", "availableLevel": "system_basic", - "availableType": "NORMAL", + "availableType": "SYSTEM", "since": 9, "deprecated": "", "provisionEnable": false, -- Gitee From fd42dbd345aa526a32524a6016e3ab3be4e317b0 Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Wed, 30 Apr 2025 11:38:15 +0800 Subject: [PATCH 075/103] =?UTF-8?q?DT=E5=91=8A=E8=AD=A6=E4=BF=AE=E6=94=B92?= =?UTF-8?q?50430?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: Ifadfb86397988dbb9825785b6f279437d3e5cd6b --- .../test/unittest/src/privacy_kit_test.cpp | 27 +++++++++---------- .../unittest/src/tokensetproc_kit_test.cpp | 5 ++++ .../unittest/short_grant_manager_test.cpp | 25 +++++++++-------- 3 files changed, 30 insertions(+), 27 deletions(-) diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index b24f9a7d1..d440f889a 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -1490,10 +1490,10 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission004, TestSize.Level1) ASSERT_EQ(0, ret); if (list.empty()) { GTEST_LOG_(INFO) << "GetForegroundApplications empty "; - return; + } else { + uint32_t tokenIdForeground = list[0].accessTokenId; + ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName)); } - uint32_t tokenIdForeground = list[0].accessTokenId; - ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName)); } /** @@ -1508,18 +1508,17 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission005, TestSize.Level1) ASSERT_EQ(0, AppManagerAccessClient::GetInstance().GetForegroundApplications(list)); if (list.empty()) { GTEST_LOG_(INFO) << "GetForegroundApplications empty "; - return; + } else { + uint32_t tokenIdForeground = list[0].accessTokenId; + int32_t pidForground = list[0].pid; + std::string permissionName = "ohos.permission.MICROPHONE"; + ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID)); + ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground)); + + permissionName = "ohos.permission.CAMERA"; + ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID)); + ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground)); } - - uint32_t tokenIdForeground = list[0].accessTokenId; - int32_t pidForground = list[0].pid; - std::string permissionName = "ohos.permission.MICROPHONE"; - ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID)); - ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground)); - - permissionName = "ohos.permission.CAMERA"; - ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, NOT_EXSIT_PID)); - ASSERT_EQ(true, PrivacyKit::IsAllowedUsingPermission(tokenIdForeground, permissionName, pidForground)); } /** diff --git a/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp b/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp index 92a6df1e3..0d138e61d 100644 --- a/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp +++ b/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp @@ -427,6 +427,8 @@ static void *ThreadTestFunc02(void *args) HWTEST_F(TokensetprocKitTest, Mulitpulthread001, TestSize.Level1) { setuid(ACCESS_TOKEN_UID); + int64_t beginTime = std::chrono::duration_cast( + std::chrono::system_clock::now().time_since_epoch()).count(); pthread_t tid[2]; (void)pthread_create(&tid[0], nullptr, &ThreadTestFunc01, nullptr); (void)pthread_create(&tid[1], nullptr, &ThreadTestFunc01, nullptr); @@ -437,8 +439,11 @@ HWTEST_F(TokensetprocKitTest, Mulitpulthread001, TestSize.Level1) (void)pthread_create(&tid[1], nullptr, &ThreadTestFunc02, nullptr); (void)pthread_join(tid[0], nullptr); (void)pthread_join(tid[1], nullptr); + int64_t endTime = std::chrono::duration_cast( + std::chrono::system_clock::now().time_since_epoch()).count(); setuid(g_selfUid); + ASSERT_TRUE(endTime - beginTime < 1000 * 100); } /** diff --git a/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp b/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp index 3c79b55d3..80643d02b 100644 --- a/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp @@ -224,20 +224,19 @@ HWTEST_F(ShortGrantManagerTest, RefreshPermission004, TestSize.Level1) ASSERT_EQ(PERMISSION_GRANTED, AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenID, SHORT_TEMP_PERMISSION)); - if (appStateObserver_ != nullptr) { - return; + if (appStateObserver_ == nullptr) { + appStateObserver_ = sptr::MakeSptr(); + AppStateData appStateData; + appStateData.state = static_cast(ApplicationState::APP_STATE_TERMINATED); + appStateData.accessTokenId = tokenID; + appStateObserver_->OnAppStopped(appStateData); + + EXPECT_EQ(PERMISSION_DENIED, + AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenID, SHORT_TEMP_PERMISSION)); + + ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); } - appStateObserver_ = sptr::MakeSptr(); - AppStateData appStateData; - appStateData.state = static_cast(ApplicationState::APP_STATE_TERMINATED); - appStateData.accessTokenId = tokenID; - appStateObserver_->OnAppStopped(appStateData); - - EXPECT_EQ(PERMISSION_DENIED, - AccessTokenInfoManager::GetInstance().VerifyAccessToken(tokenID, SHORT_TEMP_PERMISSION)); - - ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenID); - ASSERT_EQ(RET_SUCCESS, ret); } } // namespace AccessToken } // namespace Security -- Gitee From 6375558d80301b43eedf9d213267f3d14010b010 Mon Sep 17 00:00:00 2001 From: zc Date: Tue, 22 Apr 2025 11:21:49 +0800 Subject: [PATCH 076/103] =?UTF-8?q?=E4=BF=AE=E6=94=B9MANAGE=5FAPP=5FUNINST?= =?UTF-8?q?ALL=2018=E6=9D=83=E9=99=90=E7=89=88=E6=9C=AC=20Signed-off-by:?= =?UTF-8?q?=20zc=20?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- services/accesstokenmanager/permission_definitions.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 6512eb699..375d41f52 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -2847,7 +2847,7 @@ "grantMode": "system_grant", "availableLevel": "system_basic", "availableType": "SYSTEM", - "since": 18, + "since": 19, "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false -- Gitee From 7c39d27a5f58557d693792f84c4a6abebe623d20 Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Wed, 7 May 2025 16:00:13 +0800 Subject: [PATCH 077/103] =?UTF-8?q?=E5=B7=AE=E5=BC=82=E5=A4=84=E7=90=86250?= =?UTF-8?q?507?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: I78077886c12bb8859c136ebe6d24f6c7078ab1cd --- test/fuzztest/innerkits/accesstoken/BUILD.gn | 2 - .../registertokensynccallback_fuzzer/BUILD.gn | 45 ---------- .../corpus/init | 13 --- .../project.xml | 25 ------ .../registertokensynccallback_fuzzer.cpp | 82 ------------------- .../registertokensynccallback_fuzzer.h | 21 ----- .../BUILD.gn | 45 ---------- .../corpus/init | 13 --- .../project.xml | 25 ------ .../unregistertokensynccallback_fuzzer.cpp | 58 ------------- .../unregistertokensynccallback_fuzzer.h | 21 ----- 11 files changed, 350 deletions(-) delete mode 100644 test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/BUILD.gn delete mode 100644 test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/corpus/init delete mode 100644 test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/project.xml delete mode 100644 test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.cpp delete mode 100644 test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.h delete mode 100644 test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/BUILD.gn delete mode 100644 test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/corpus/init delete mode 100644 test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/project.xml delete mode 100644 test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.cpp delete mode 100644 test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.h diff --git a/test/fuzztest/innerkits/accesstoken/BUILD.gn b/test/fuzztest/innerkits/accesstoken/BUILD.gn index 6231bb4e9..3891e7499 100644 --- a/test/fuzztest/innerkits/accesstoken/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/BUILD.gn @@ -47,14 +47,12 @@ group("fuzztest") { "grantpermissionforspecifiedtime_fuzzer:GrantPermissionForSpecifiedTimeFuzzTest", "inithaptoken_fuzzer:InitHapTokenFuzzTest", "registerpermstatechangecallback_fuzzer:RegisterPermStateChangeCallbackFuzzTest", - "registertokensynccallback_fuzzer:RegisterTokenSyncCallbackFuzzTest", "requestapppermonsetting_fuzzer:RequestAppPermOnSettingFuzzTest", "revokeusergrantedpermission_fuzzer:RevokeUserGrantedPermissionFuzzTest", "setpermdialogcap_fuzzer:SetPermDialogCapFuzzTest", "setpermissionrequesttogglestatus_fuzzer:SetPermissionRequestToggleStatusFuzzTest", "setremotehaptokeninfo_fuzzer:SetRemoteHapTokenInfoFuzzTest", "unregisterpermstatechangecallback_fuzzer:UnRegisterPermStateChangeCallbackFuzzTest", - "unregistertokensynccallback_fuzzer:UnRegisterTokenSyncCallbackFuzzTest", "updatehaptoken_fuzzer:UpdateHapTokenFuzzTest", "verifyaccesstoken001_fuzzer:VerifyAccessToken001FuzzTest", "verifyaccesstoken_fuzzer:VerifyAccessTokenFuzzTest", diff --git a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/BUILD.gn deleted file mode 100644 index 836076e04..000000000 --- a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/BUILD.gn +++ /dev/null @@ -1,45 +0,0 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/config/features.gni") -import("//build/test.gni") -import("../../../../../access_token.gni") - -ohos_fuzztest("RegisterTokenSyncCallbackFuzzTest") { - module_out_path = module_output_path_interface_access_token - fuzz_config_file = "." - include_dirs = - [ "${access_token_path}/interfaces/innerkits/accesstoken/include" ] - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - sources = [ "registertokensynccallback_fuzzer.cpp" ] - deps = [ - "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", - "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc", - ] - - configs = [ "${access_token_path}/config:coverage_flags" ] - - external_deps = [ - "c_utils:utils", - "hilog:libhilog", - ] - - if (token_sync_enable == true) { - cflags_cc = [ "-DTOKEN_SYNC_ENABLE" ] - } -} diff --git a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/corpus/init deleted file mode 100644 index f7880ef1a..000000000 --- a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/corpus/init +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/project.xml deleted file mode 100644 index 7133b2b92..000000000 --- a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - diff --git a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.cpp deleted file mode 100644 index 44e735b51..000000000 --- a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.cpp +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "registertokensynccallback_fuzzer.h" - -#include "accesstoken_kit.h" -#include "token_setproc.h" -#include "token_sync_kit_interface.h" - -using namespace std; -using namespace OHOS::Security::AccessToken; -namespace { -class TokenSyncCallback : public TokenSyncKitInterface { -public: - ~TokenSyncCallback() = default; - int32_t GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) const override - { - return TokenSyncError::TOKEN_SYNC_OPENSOURCE_DEVICE; // TOKEN_SYNC_OPENSOURCE_DEVICE is a test - }; - - int32_t DeleteRemoteHapTokenInfo(AccessTokenID tokenID) const override - { - return TokenSyncError::TOKEN_SYNC_SUCCESS; // TOKEN_SYNC_SUCCESS is a test - }; - - int32_t UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) const override - { - return TokenSyncError::TOKEN_SYNC_SUCCESS; // TOKEN_SYNC_SUCCESS is a test - }; -}; - -#ifdef TOKEN_SYNC_ENABLE -static bool NativeTokenGet() -{ - AccessTokenID token = AccessTokenKit::GetNativeTokenId("token_sync_service"); - if (token == 0) { - return false; - } - SetSelfTokenID(token); - return true; -} -#endif -}; - -namespace OHOS { - bool RegisterTokenSyncCallbackFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - #ifdef TOKEN_SYNC_ENABLE - std::shared_ptr callback = std::make_shared(); - int32_t result = AccessTokenKit::RegisterTokenSyncCallback(callback); - return result == RET_SUCCESS; - #else - return true; - #endif // TOKEN_SYNC_ENABLE - } -} - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) -{ - /* Run your code on data */ -#ifdef TOKEN_SYNC_ENABLE - NativeTokenGet(); -#endif - OHOS::RegisterTokenSyncCallbackFuzzTest(data, size); - return 0; -} \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.h b/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.h deleted file mode 100644 index 85e27d079..000000000 --- a/test/fuzztest/innerkits/accesstoken/registertokensynccallback_fuzzer/registertokensynccallback_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TEST_FUZZTEST_REGISTERTOKENSYNCCALLBACK_FUZZER_H -#define TEST_FUZZTEST_REGISTERTOKENSYNCCALLBACK_FUZZER_H - -#define FUZZ_PROJECT_NAME "registertokensynccallback_fuzzer" - -#endif // TEST_FUZZTEST_REGISTERTOKENSYNCCALLBACK_FUZZER_H \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/BUILD.gn deleted file mode 100644 index d55da6283..000000000 --- a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/BUILD.gn +++ /dev/null @@ -1,45 +0,0 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/config/features.gni") -import("//build/test.gni") -import("../../../../../access_token.gni") - -ohos_fuzztest("UnRegisterTokenSyncCallbackFuzzTest") { - module_out_path = module_output_path_interface_access_token - fuzz_config_file = "." - include_dirs = - [ "${access_token_path}/interfaces/innerkits/accesstoken/include" ] - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - sources = [ "unregistertokensynccallback_fuzzer.cpp" ] - deps = [ - "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", - "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc", - ] - - configs = [ "${access_token_path}/config:coverage_flags" ] - - external_deps = [ - "c_utils:utils", - "hilog:libhilog", - ] - - if (token_sync_enable == true) { - cflags_cc = [ "-DTOKEN_SYNC_ENABLE" ] - } -} diff --git a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/corpus/init deleted file mode 100644 index f7880ef1a..000000000 --- a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/corpus/init +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/project.xml deleted file mode 100644 index 7133b2b92..000000000 --- a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - diff --git a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.cpp deleted file mode 100644 index 69d1dc55a..000000000 --- a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.cpp +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "unregistertokensynccallback_fuzzer.h" - -#include "accesstoken_kit.h" -#include "token_setproc.h" -#include "token_sync_kit_interface.h" - -using namespace std; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { - bool NativeTokenGet() - { - AccessTokenID token = AccessTokenKit::GetNativeTokenId("token_sync_service"); - if (token == 0) { - return false; - } - SetSelfTokenID(token); - return true; - } - bool RegisterTokenSyncCallbackFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - #ifdef TOKEN_SYNC_ENABLE - int32_t result = AccessTokenKit::UnRegisterTokenSyncCallback(); - return result == RET_SUCCESS; - #else - return true; - #endif // TOKEN_SYNC_ENABLE - } -} - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) -{ -#ifdef TOKEN_SYNC_ENABLE - OHOS::NativeTokenGet(); -#endif - /* Run your code on data */ - OHOS::RegisterTokenSyncCallbackFuzzTest(data, size); - return 0; -} \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.h b/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.h deleted file mode 100644 index 6ea07787a..000000000 --- a/test/fuzztest/innerkits/accesstoken/unregistertokensynccallback_fuzzer/unregistertokensynccallback_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TEST_FUZZTEST_UNREGISTERTOKENSYNCCALLBACK_FUZZER_H -#define TEST_FUZZTEST_UNREGISTERTOKENSYNCCALLBACK_FUZZER_H - -#define FUZZ_PROJECT_NAME "unregistertokensynccallback_fuzzer" - -#endif // TEST_FUZZTEST_UNREGISTERTOKENSYNCCALLBACK_FUZZER_H \ No newline at end of file -- Gitee From 2b022d76d373404b3afe5174ae9e22ea6353e1bf Mon Sep 17 00:00:00 2001 From: zhouyan Date: Thu, 8 May 2025 15:58:44 +0800 Subject: [PATCH 078/103] =?UTF-8?q?=E5=91=8A=E8=AD=A6=E6=B8=85=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: zhouyan Change-Id: Ia3b80c126a6439c4738f8f492fb8a5885a2585ec --- .../main/cpp/include/dfx/hisysevent_adapter.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h b/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h index 953fff70a..4e58271b2 100644 --- a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h +++ b/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h @@ -60,7 +60,7 @@ struct AccessTokenDfxInfo { std::string aclInfo; std::string preauthInfo; std::string extendInfo; - uint64_t duration; + int64_t duration; int32_t errorCode; int32_t pid; uint32_t hapSize; -- Gitee From 910f1e59b8aff65fd965216ed9443cbbcbd5a712 Mon Sep 17 00:00:00 2001 From: bigtea Date: Tue, 15 Apr 2025 15:52:10 +0800 Subject: [PATCH 079/103] Add GetSelfPermissionStatus master Signed-off-by: bigtea --- .../napi/accesstoken/src/napi_atmanager.cpp | 116 +++- .../accesstoken/include/accesstoken_kit.h | 7 + .../accesstoken/libaccesstoken_sdk.map | 1 + .../accesstoken/src/accesstoken_kit.cpp | 9 + .../src/accesstoken_manager_client.cpp | 18 + .../src/accesstoken_manager_client.h | 1 + .../accesstoken/test/unittest/BUILD.gn | 1 + .../get_self_permission_status_test.cpp | 560 ++++++++++++++++++ .../get_self_permission_status_test.h | 42 ++ .../ProxyMockTest/accesstoken_mock_test.cpp | 13 + .../cj/accesstoken/include/at_manager_impl.h | 2 +- .../cj/accesstoken/src/at_manager_impl.cpp | 2 +- .../napi/accesstoken/include/napi_atmanager.h | 13 +- .../accesstokenmanager/etc/access_token.para | 5 +- .../etc/access_token.para.dac | 3 +- .../idl/IAccessTokenManager.idl | 1 + .../include/permission/permission_manager.h | 4 + .../service/accesstoken_manager_service.h | 1 + .../cpp/src/permission/permission_manager.cpp | 28 +- .../service/accesstoken_manager_service.cpp | 15 + test/fuzztest/innerkits/accesstoken/BUILD.gn | 1 + .../getselfpermissionstatus_fuzzer/BUILD.gn | 42 ++ .../corpus/init | 13 + .../getselfpermissionstatus_fuzzer.cpp | 50 ++ .../getselfpermissionstatus_fuzzer.h | 28 + .../project.xml | 25 + test/fuzztest/services/accesstoken/BUILD.gn | 1 + .../BUILD.gn | 50 ++ .../corpus/init | 14 + .../getselfpermissionstatusstub_fuzzer.cpp | 60 ++ .../getselfpermissionstatusstub_fuzzer.h | 21 + .../project.xml | 25 + 32 files changed, 1148 insertions(+), 24 deletions(-) create mode 100644 interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp create mode 100644 interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h create mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn create mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init create mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp create mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h create mode 100644 test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml create mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn create mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init create mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp create mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h create mode 100644 test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml diff --git a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp index be03a8066..9a12d0cc0 100644 --- a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp +++ b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp @@ -31,12 +31,16 @@ namespace AccessToken { std::mutex g_lockForPermStateChangeRegisters; std::vector g_permStateChangeRegisters; std::mutex g_lockCache; -std::map g_cache; +std::map g_cache; +std::mutex g_lockStatusCache; +std::map g_statusCache; static PermissionParamCache g_paramCache; +static PermissionParamCache g_paramFlagCache; static std::atomic g_cnt = 0; constexpr uint32_t REPORT_CNT = 10; namespace { static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change"; +static const char* PERMISSION_STATUS_FLAG_CHANGE_KEY = "accesstoken.permission.flagchange"; static const char* REGISTER_PERMISSION_STATE_CHANGE_TYPE = "permissionStateChange"; static const char* REGISTER_SELF_PERMISSION_STATE_CHANGE_TYPE = "selfPermissionStateChange"; constexpr uint32_t THIRD_PARAM = 2; @@ -238,6 +242,7 @@ napi_value NapiAtManager::Init(napi_env env, napi_value exports) DECLARE_NAPI_FUNCTION("requestPermissionOnSetting", NapiRequestPermissionOnSetting::RequestPermissionOnSetting), DECLARE_NAPI_FUNCTION("requestGlobalSwitch", NapiRequestGlobalSwitch::RequestGlobalSwitch), DECLARE_NAPI_FUNCTION("requestPermissionOnApplicationSetting", RequestAppPermOnSetting), + DECLARE_NAPI_FUNCTION("getSelfPermissionStatus", GetSelfPermissionStatusSync), }; napi_value cons = nullptr; @@ -533,36 +538,36 @@ napi_value NapiAtManager::CheckAccessToken(napi_env env, napi_callback_info info return result; } -std::string NapiAtManager::GetPermParamValue() +std::string NapiAtManager::GetPermParamValue(PermissionParamCache& paramCache, const char* paramKey) { long long sysCommitId = GetSystemCommitId(); - if (sysCommitId == g_paramCache.sysCommitIdCache) { + if (sysCommitId == paramCache.sysCommitIdCache) { LOGD(ATM_DOMAIN, ATM_TAG, "SysCommitId = %{public}lld", sysCommitId); - return g_paramCache.sysParamCache; + return paramCache.sysParamCache; } - g_paramCache.sysCommitIdCache = sysCommitId; - if (g_paramCache.handle == PARAM_DEFAULT_VALUE) { - int32_t handle = static_cast(FindParameter(PERMISSION_STATUS_CHANGE_KEY)); + paramCache.sysCommitIdCache = sysCommitId; + if (paramCache.handle == PARAM_DEFAULT_VALUE) { + int32_t handle = static_cast(FindParameter(paramKey)); if (handle == PARAM_DEFAULT_VALUE) { LOGE(ATM_DOMAIN, ATM_TAG, "FindParameter failed"); return "-1"; } - g_paramCache.handle = handle; + paramCache.handle = handle; } - int32_t currCommitId = static_cast(GetParameterCommitId(g_paramCache.handle)); - if (currCommitId != g_paramCache.commitIdCache) { + int32_t currCommitId = static_cast(GetParameterCommitId(paramCache.handle)); + if (currCommitId != paramCache.commitIdCache) { char value[NapiContextCommon::VALUE_MAX_LEN] = {0}; - auto ret = GetParameterValue(g_paramCache.handle, value, NapiContextCommon::VALUE_MAX_LEN - 1); + auto ret = GetParameterValue(paramCache.handle, value, NapiContextCommon::VALUE_MAX_LEN - 1); if (ret < 0) { LOGE(ATM_DOMAIN, ATM_TAG, "Return default value, ret=%{public}d", ret); return "-1"; } std::string resStr(value); - g_paramCache.sysParamCache = resStr; - g_paramCache.commitIdCache = currCommitId; + paramCache.sysParamCache = resStr; + paramCache.commitIdCache = currCommitId; } - return g_paramCache.sysParamCache; + return paramCache.sysParamCache; } void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext) @@ -570,7 +575,7 @@ void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext) std::lock_guard lock(g_lockCache); auto iter = g_cache.find(syncContext->permissionName); if (iter != g_cache.end()) { - std::string currPara = GetPermParamValue(); + std::string currPara = GetPermParamValue(g_paramCache, PERMISSION_STATUS_CHANGE_KEY); if (currPara != iter->second.paramValue) { syncContext->result = AccessTokenKit::VerifyAccessToken( syncContext->tokenId, syncContext->permissionName); @@ -583,7 +588,7 @@ void NapiAtManager::UpdatePermissionCache(AtManagerSyncContext* syncContext) } else { syncContext->result = AccessTokenKit::VerifyAccessToken(syncContext->tokenId, syncContext->permissionName); g_cache[syncContext->permissionName].status = syncContext->result; - g_cache[syncContext->permissionName].paramValue = GetPermParamValue(); + g_cache[syncContext->permissionName].paramValue = GetPermParamValue(g_paramCache, PERMISSION_STATUS_CHANGE_KEY); LOGD(ATM_DOMAIN, ATM_TAG, "G_cacheParam set %{public}s", g_cache[syncContext->permissionName].paramValue.c_str()); } @@ -1244,6 +1249,85 @@ napi_value NapiAtManager::RequestAppPermOnSetting(napi_env env, napi_callback_in return result; } +bool NapiAtManager::ParseInputGetPermStatus(const napi_env env, const napi_callback_info info, + AtManagerSyncContext& syncContext) +{ + size_t argc = NapiContextCommon::MAX_PARAMS_ONE; + napi_value argv[NapiContextCommon::MAX_PARAMS_ONE] = {nullptr}; + napi_value thisVar = nullptr; + + void *data = nullptr; + NAPI_CALL_BASE(env, napi_get_cb_info(env, info, &argc, argv, &thisVar, &data), false); + if (argc < NapiContextCommon::MAX_PARAMS_ONE) { + NAPI_CALL_BASE(env, napi_throw(env, GenerateBusinessError(env, + JsErrorCode::JS_ERROR_PARAM_ILLEGAL, "Parameter is missing.")), false); + return false; + } + + syncContext.env = env; + if (!ParseString(env, argv[0], syncContext.permissionName)) { + std::string errMsg = GetParamErrorMsg("permissionName", "Permissions"); + NAPI_CALL_BASE(env, + napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_ILLEGAL, errMsg)), false); + return false; + } + return true; +} + +napi_value NapiAtManager::GetSelfPermissionStatusSync(napi_env env, napi_callback_info info) +{ + auto* syncContext = new (std::nothrow) AtManagerSyncContext(); + if (syncContext == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "New struct fail."); + return nullptr; + } + + std::unique_ptr context {syncContext}; + if (!ParseInputGetPermStatus(env, info, *syncContext)) { + return nullptr; + } + + if ((syncContext->permissionName.empty()) || + ((syncContext->permissionName.length() > NapiContextCommon::MAX_LENGTH))) { + std::string errMsg = "Invalid parameter. The permissionName is empty or exceeds 256 characters."; + NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, JS_ERROR_PARAM_INVALID, errMsg))); + return nullptr; + } + + { + std::lock_guard lock(g_lockStatusCache); + auto iter = g_statusCache.find(syncContext->permissionName); + if (iter != g_statusCache.end()) { + std::string currPara = GetPermParamValue(g_paramFlagCache, PERMISSION_STATUS_FLAG_CHANGE_KEY); + if (currPara != iter->second.paramValue) { + syncContext->result = AccessTokenKit::GetSelfPermissionStatus(syncContext->permissionName, + syncContext->permissionsState); + iter->second.status = syncContext->permissionsState; + iter->second.paramValue = currPara; + } else { + syncContext->result = RET_SUCCESS; + syncContext->permissionsState = iter->second.status; + } + } else { + syncContext->result = AccessTokenKit::GetSelfPermissionStatus(syncContext->permissionName, + syncContext->permissionsState); + g_statusCache[syncContext->permissionName].status = syncContext->permissionsState; + g_statusCache[syncContext->permissionName].paramValue = GetPermParamValue( + g_paramFlagCache, PERMISSION_STATUS_FLAG_CHANGE_KEY); + } + } + + if (syncContext->result != RET_SUCCESS) { + int32_t jsCode = NapiContextCommon::GetJsErrorCode(syncContext->result); + NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, jsCode, GetErrorMessage(jsCode)))); + return nullptr; + } + + napi_value result = nullptr; + NAPI_CALL(env, napi_create_int32(env, static_cast(syncContext->permissionsState), &result)); + return result; +} + bool NapiAtManager::FillPermStateChangeInfo(const napi_env env, const napi_value* argv, const std::string& type, const napi_value thisVar, RegisterPermStateChangeInfo& registerPermStateChangeInfo) { diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index c35fc7cc6..d5d12b485 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -300,6 +300,13 @@ public: * @return error code, see access_token_error.h */ static int32_t RequestAppPermOnSetting(AccessTokenID tokenID); + /** + * @brief Get self permission status + * @param permissionName permission name quote + * @param status the permission status + * @return error code, see access_token_error.h + */ + static int32_t GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status); /** * @brief Get requsted permission grant result * @param permList PermissionListState list quote, as input and query result diff --git a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map index d4cad6a2e..0b12ea5f3 100644 --- a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map +++ b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map @@ -86,6 +86,7 @@ "OHOS::Security::AccessToken::AccessTokenKit::UpdateSecCompEnhance(int, unsigned int)"; "OHOS::Security::AccessToken::AccessTokenKit::GetSecCompEnhance(int, OHOS::Security::AccessToken::SecCompEnhanceData&)"; "OHOS::Security::AccessToken::AccessTokenKit::GetKernelPermissions(unsigned int, std::__h::vector>&)"; + "OHOS::Security::AccessToken::AccessTokenKit::GetSelfPermissionStatus(std::__h::basic_string, std::__h::allocator> const&, OHOS::Security::AccessToken::TypePermissionOper&)"; OHOS::Security::AccessToken::AccessTokenKit::IsSystemAppByFullTokenID*; OHOS::Security::AccessToken::AccessTokenKit::GetRenderTokenID*; ""; diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 09ca1bc9b..79aa7a09f 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -37,6 +37,7 @@ static const uint64_t SYSTEM_APP_MASK = (static_cast(1) << 32); static const uint64_t TOKEN_ID_LOWMASK = 0xffffffff; static const int INVALID_DLP_TOKEN_FLAG = -1; static const int FIRSTCALLER_TOKENID_DEFAULT = 0; +static const int MAX_LENGTH = 256; } // namespace PermUsedTypeEnum AccessTokenKit::GetPermissionUsedType( @@ -279,6 +280,14 @@ int AccessTokenKit::GetNativeTokenInfo( return AccessTokenManagerClient::GetInstance().GetNativeTokenInfo(tokenID, nativeTokenInfoRes); } +int32_t AccessTokenKit::GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status) +{ + if (permissionName.empty() || permissionName.size() > MAX_LENGTH) { + return ERR_PARAM_INVALID; + } + return AccessTokenManagerClient::GetInstance().GetSelfPermissionStatus(permissionName, status); +} + PermissionOper AccessTokenKit::GetSelfPermissionsState(std::vector& permList, PermissionGrantInfo& info) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index ca709ae32..9046ac722 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -213,6 +213,24 @@ int AccessTokenManagerClient::GetPermissionFlag( return result; } +int32_t AccessTokenManagerClient::GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status) +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null."); + status = INVALID_OPER; + return AccessTokenError::ERR_SERVICE_ABNORMAL; + } + int32_t retStatus = INVALID_OPER; + int32_t result = proxy->GetSelfPermissionStatus(permissionName, retStatus); + if (result != RET_SUCCESS) { + result = ConvertResult(result); + } + status = static_cast(retStatus); + LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d, status=%{public}d).", result, retStatus); + return result; +} + PermissionOper AccessTokenManagerClient::GetSelfPermissionsState(std::vector& permList, PermissionGrantInfo& info) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index 869a441a8..021dfcd4e 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -60,6 +60,7 @@ public: int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, int32_t userID); int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, int32_t userID); int32_t RequestAppPermOnSetting(AccessTokenID tokenID); + int32_t GetSelfPermissionStatus(const std::string& permissionName, PermissionOper& status); PermissionOper GetSelfPermissionsState(std::vector& permList, PermissionGrantInfo& info); int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector& permList); diff --git a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn index c8267ecdb..973d2c7a3 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn @@ -60,6 +60,7 @@ ohos_unittest("libaccesstoken_sdk_test") { "PermDenyTest/accesstoken_deny_test.cpp", "PermisionDialogTest/accesstoken_location_request_test.cpp", "PermisionDialogTest/get_self_permission_state_test.cpp", + "PermisionDialogTest/get_self_permission_status_test.cpp", "PermisionDialogTest/request_permission_on_setting_test.cpp", "PermisionDialogTest/set_perm_dialog_cap_test.cpp", "PermissionsTest/check_permission_map_test.cpp", diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp new file mode 100644 index 000000000..cd529a108 --- /dev/null +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp @@ -0,0 +1,560 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "get_self_permission_status_test.h" +#include "access_token_error.h" +#include "nativetoken_kit.h" +#include "test_common.h" +#include "token_setproc.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +using namespace testing::ext; +namespace { +static const std::string TEST_BUNDLE_NAME = "ohos"; +static const int TEST_USER_ID = 0; +static const std::string APPROXIMATELY_LOCATION_PERMISSION = "ohos.permission.APPROXIMATELY_LOCATION"; +static const std::string LOCATION_PERMISSION = "ohos.permission.LOCATION"; + +PermissionStateFull g_permTestState1 = { + .permissionName = APPROXIMATELY_LOCATION_PERMISSION, + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}, +}; + +PermissionStateFull g_permTestState2 = { + .permissionName = "ohos.permission.MICROPHONE", + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_USER_SET} +}; + +PermissionStateFull g_permTestState3 = { + .permissionName = "ohos.permission.WRITE_CALENDAR", + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_USER_FIXED} +}; + +PermissionStateFull g_permTestState4 = { + .permissionName = "ohos.permission.READ_IMAGEVIDEO", + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .grantFlags = {PermissionFlag::PERMISSION_USER_SET} +}; + +PermissionStateFull g_permTestState5 = { + .permissionName = LOCATION_PERMISSION, + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}, +}; + +PermissionStateFull g_permTestState6 = { + .permissionName = "ohos.permission.READ_CALENDAR", + .isGeneral = true, + .resDeviceID = {"local"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG}, +}; + +HapPolicyParams g_policy = { + .apl = APL_NORMAL, + .domain = "domain", + .permStateList = {g_permTestState1, g_permTestState2, g_permTestState3, g_permTestState4, g_permTestState5, + g_permTestState6} +}; + +static uint64_t g_selfTokenId = 0; +} + +void GetSelfPermissionStatusTest::SetUpTestCase() +{ + g_selfTokenId = GetSelfTokenID(); + TestCommon::SetTestEvironment(g_selfTokenId); +} + +void GetSelfPermissionStatusTest::TearDownTestCase() +{ + ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(g_selfTokenId)); + TestCommon::ResetTestEvironment(); +} + +void GetSelfPermissionStatusTest::SetUp() +{ + HapInfoParams info = { + .userID = TEST_USER_ID, + .bundleName = TEST_BUNDLE_NAME, + .instIndex = 0, + .appIDDesc = "appIDDesc", + .apiVersion = 20 // 20: api version + }; + + AccessTokenIDEx tokenIdEx = TestCommon::AllocAndGrantHapTokenByTest(info, g_policy); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(tokenId, INVALID_TOKENID); + ASSERT_EQ(RET_SUCCESS, SetSelfTokenID(tokenIdEx.tokenIDEx)); +} + +void GetSelfPermissionStatusTest::TearDown() +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + if (tokenId != INVALID_TOKENID) { + EXPECT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenId)); + } +} + +/** + * @tc.name: GetSelfPermissionStatus001 + * @tc.desc: default permission status + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus001, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user set DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user fixed DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + // user set GRANTED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); + + // not request permission CAMERA + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus002 + * @tc.desc: forbidden permission status + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus002, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG"); + MockHapToken mock("GetSelfPermissionStatus002", reqPerm, true); + + HapBaseInfo hapBaseInfo = { + .userID = TEST_USER_ID, + .bundleName = TEST_BUNDLE_NAME, + .instIndex = 0, + }; + + ASSERT_EQ(0, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true)); + } + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(FORBIDDEN_OPER, status); + + // user set DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(FORBIDDEN_OPER, status); + + // user fixed DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(FORBIDDEN_OPER, status); + + // user set GRANTED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(FORBIDDEN_OPER, status); + + // not request permission CAMERA + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus003 + * @tc.desc: grant permission status + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus003, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus003", reqPerm, true); + + // grant user set + ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET)); + } + + // grant permission + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); + + // user set DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user fixed DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + // user set GRANTED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); + + // not request permission CAMERA + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus004 + * @tc.desc: revoke user set permission status + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus004, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus004", reqPerm, true); + + // revoke user set + ASSERT_EQ(0, AccessTokenKit::RevokePermission(tokenID, "ohos.permission.READ_IMAGEVIDEO", PERMISSION_USER_SET)); + } + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user set DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user fixed DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + // revoke user set + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // not request permission CAMERA + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus005 + * @tc.desc: revoke user fixed permission status + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus005, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus005", reqPerm, true); + + // revoke user fixed + ASSERT_EQ(0, + AccessTokenKit::RevokePermission(tokenID, "ohos.permission.READ_IMAGEVIDEO", PERMISSION_USER_FIXED)); + } + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user set DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.MICROPHONE", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // user fixed DENIED + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + // revoke user fixed + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_IMAGEVIDEO", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + // not request permission CAMERA + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.CAMERA", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus006 + * @tc.desc: invalid permission + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus006, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + PermissionOper status; + // invalid permission + int32_t ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.TTTTT", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); + + // not request permission + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.ACCESS_NEARLINK", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); + + // empty permission + std::string testPerm1; + ret = AccessTokenKit::GetSelfPermissionStatus(testPerm1, status); + EXPECT_EQ(ERR_PARAM_INVALID, ret); + + // oversize permission + std::string testPerm2(257, 'a'); + ret = AccessTokenKit::GetSelfPermissionStatus(testPerm2, status); + EXPECT_EQ(ERR_PARAM_INVALID, ret); +} + +/** + * @tc.name: GetSelfPermissionStatus007 + * @tc.desc: location permission test + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus007, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // APPROXIMATELY_LOCATION not set, LOCATION status is INVALID_OPER + ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(INVALID_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus0071", reqPerm, true); + + // grant user set + ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET)); + } + + // grant permission + ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); + + // APPROXIMATELY_LOCATION already set, LOCATION status is DYNAMIC_OPER + ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus0072", reqPerm, true); + + // grant user set + ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, LOCATION_PERMISSION, PERMISSION_USER_SET)); + } + + // grant permission + ret = AccessTokenKit::GetSelfPermissionStatus(LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus008 + * @tc.desc: only change flag + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus008, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + // default flag, user not operation + PermissionOper status; + int32_t ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus0081", reqPerm, true); + + // grant user set + ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_SET)); + } + + // grant permission + ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus0082", reqPerm, true); + + // revoke user fixed + ASSERT_EQ(0, AccessTokenKit::RevokePermission( + tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_USER_FIXED)); + } + + // revoke permission + ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus0083", reqPerm, true); + + // revoke to default flag + ASSERT_EQ(0, AccessTokenKit::RevokePermission( + tokenID, APPROXIMATELY_LOCATION_PERMISSION, PERMISSION_DEFAULT_FLAG)); + } + + ret = AccessTokenKit::GetSelfPermissionStatus(APPROXIMATELY_LOCATION_PERMISSION, status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); +} + +/** + * @tc.name: GetSelfPermissionStatus009 + * @tc.desc: test permission group + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus009, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(INVALID_TOKENID, tokenID); + + PermissionOper status; + + // default + int32_t ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // default denied + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(SETTING_OPER, status); + + { + std::vector reqPerm; + reqPerm.emplace_back("ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); + MockHapToken mock("GetSelfPermissionStatus009", reqPerm, true); + + // grant user set + ASSERT_EQ(0, AccessTokenKit::GrantPermission(tokenID, "ohos.permission.WRITE_CALENDAR", PERMISSION_USER_SET)); + } + + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.READ_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(DYNAMIC_OPER, status); + + // no change + ret = AccessTokenKit::GetSelfPermissionStatus("ohos.permission.WRITE_CALENDAR", status); + EXPECT_EQ(RET_SUCCESS, ret); + EXPECT_EQ(PASS_OPER, status); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h new file mode 100644 index 000000000..58ee97f3e --- /dev/null +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.h @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef GET_SELF_PERMISSION_STATUS_TEST_H +#define GET_SELF_PERMISSION_STATUS_TEST_H + +#include + +#include "access_token.h" +#include "accesstoken_kit.h" +#include "permission_def.h" +#include "permission_state_full.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class GetSelfPermissionStatusTest : public testing::Test { +public: + static void SetUpTestCase(); + static void TearDownTestCase(); + void SetUp(); + void TearDown(); + unsigned int GetAccessTokenID(int userID, std::string bundleName, int instIndex); + AccessTokenID AllocTestToken(const HapInfoParams& hapInfo, const HapPolicyParams& hapPolicy) const; + void DeleteTestToken() const; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // GET_SELF_PERMISSION_STATUS_TEST_H diff --git a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp index 1678ab82f..6d919b20c 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp @@ -341,6 +341,19 @@ HWTEST_F(AccessTokenMockTest, GetPermissionRequestToggleStatus001, TestSize.Leve status, userID)); } +/** + * @tc.name: GetSelfPermissionStatus001 + * @tc.desc: GetSelfPermissionStatus with proxy is null + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenMockTest, GetSelfPermissionStatus001, TestSize.Level1) +{ + std::string permission = "ohos.permission.CAMERA"; + PermissionOper status; + ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::GetSelfPermissionStatus(permission, status)); +} + /** * @tc.name: GetSelfPermissionsState001 * @tc.desc: GetSelfPermissionsState with proxy is null diff --git a/interfaces/kits/cj/accesstoken/include/at_manager_impl.h b/interfaces/kits/cj/accesstoken/include/at_manager_impl.h index 512f66d93..96e92dae8 100644 --- a/interfaces/kits/cj/accesstoken/include/at_manager_impl.h +++ b/interfaces/kits/cj/accesstoken/include/at_manager_impl.h @@ -57,7 +57,7 @@ const int AT_PERM_OPERA_FAIL = -1; const int AT_PERM_OPERA_SUCC = 0; const int32_t PARAM_DEFAULT_VALUE = -1; -struct PermissionStatusCache { +struct GrantStatusCache { int32_t status; std::string paramValue; }; diff --git a/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp b/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp index 6cf2e6c12..9165560ce 100644 --- a/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp +++ b/interfaces/kits/cj/accesstoken/src/at_manager_impl.cpp @@ -33,7 +33,7 @@ namespace CJSystemapi { std::mutex g_lockForPermStateChangeRegisters; std::vector g_permStateChangeRegisters; std::mutex g_lockCache; -std::map g_cache; +std::map g_cache; static PermissionParamCache g_paramCache; std::mutex g_lockForPermRequestCallbacks; static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change"; diff --git a/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h b/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h index d36729b27..5545ecaa2 100644 --- a/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h +++ b/interfaces/kits/js/napi/accesstoken/include/napi_atmanager.h @@ -93,13 +93,19 @@ struct AtManagerSyncContext { std::string permissionName; int32_t result = RET_FAILED; int32_t errorCode = 0; + PermissionOper permissionsState = PermissionOper::INVALID_OPER; }; -struct PermissionStatusCache { +struct GrantStatusCache { int32_t status; std::string paramValue; }; +struct PermissionStatusCache { + PermissionOper status; + std::string paramValue; +}; + struct PermissionParamCache { long long sysCommitIdCache = PARAM_DEFAULT_VALUE; int32_t commitIdCache = PARAM_DEFAULT_VALUE; @@ -124,6 +130,7 @@ private: static napi_value SetPermissionRequestToggleStatus(napi_env env, napi_callback_info info); static napi_value GetPermissionRequestToggleStatus(napi_env env, napi_callback_info info); static napi_value RequestAppPermOnSetting(napi_env env, napi_callback_info info); + static napi_value GetSelfPermissionStatusSync(napi_env env, napi_callback_info info); static bool ParseInputVerifyPermissionOrGetFlag(const napi_env env, const napi_callback_info info, AtManagerAsyncContext& asyncContext); @@ -133,6 +140,8 @@ private: AtManagerAsyncContext& asyncContext); static bool ParseInputGetToggleStatus(const napi_env env, const napi_callback_info info, AtManagerAsyncContext& asyncContext); + static bool ParseInputGetPermStatus(const napi_env env, const napi_callback_info info, + AtManagerSyncContext& syncContext); static void VerifyAccessTokenExecute(napi_env env, void *data); static void VerifyAccessTokenComplete(napi_env env, napi_status status, void *data); static void CheckAccessTokenExecute(napi_env env, void* data); @@ -172,7 +181,7 @@ private: std::vector& batchPermStateChangeRegisters, const napi_env env); static void DeleteRegisterFromVector(const PermStateChangeScope& scopeInfo, const napi_env env, napi_ref subscriberRef); - static std::string GetPermParamValue(); + static std::string GetPermParamValue(PermissionParamCache& paramCache, const char* paramKey); static void UpdatePermissionCache(AtManagerSyncContext* syncContext); }; } // namespace AccessToken diff --git a/services/accesstokenmanager/etc/access_token.para b/services/accesstokenmanager/etc/access_token.para index c9f7458a9..27ad49588 100644 --- a/services/accesstokenmanager/etc/access_token.para +++ b/services/accesstokenmanager/etc/access_token.para @@ -1,4 +1,4 @@ -# Copyright (c) 2022 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -13,4 +13,5 @@ accesstoken.permission.change = 0 -accesstoken.permission.init = 0 \ No newline at end of file +accesstoken.permission.init = 0 +accesstoken.permission.flagchange = 0 \ No newline at end of file diff --git a/services/accesstokenmanager/etc/access_token.para.dac b/services/accesstokenmanager/etc/access_token.para.dac index 33de56a3e..15b0be5d2 100644 --- a/services/accesstokenmanager/etc/access_token.para.dac +++ b/services/accesstokenmanager/etc/access_token.para.dac @@ -1,4 +1,4 @@ -# Copyright (c) 2022 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -13,3 +13,4 @@ accesstoken.permission.change="access_token:access_token:0774" accesstoken.permission.init="access_token:access_token:0774" +accesstoken.permission.flagchange="access_token:access_token:0774" diff --git a/services/accesstokenmanager/idl/IAccessTokenManager.idl b/services/accesstokenmanager/idl/IAccessTokenManager.idl index 5e7c3c775..c72dfa48e 100644 --- a/services/accesstokenmanager/idl/IAccessTokenManager.idl +++ b/services/accesstokenmanager/idl/IAccessTokenManager.idl @@ -87,6 +87,7 @@ interface OHOS.Security.AccessToken.IAccessTokenManager{ [ipccode 67] void GetKernelPermissions([in] unsigned int tokenId, [out] List kernelPermIdlList); [ipccode 68] void GetReqPermissionByName([in] unsigned int tokenId, [in] String permissionName, [out] String value); [ipccode 80] void VerifyAccessToken([in] unsigned int tokenID, [in] List permissionList, [out] List permStateList); + [ipccode 81] void GetSelfPermissionStatus([in] String permissionName, [out] int status); [ipccode 101, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE, oneway] void RegisterSecCompEnhance([in] SecCompEnhanceDataParcel enhanceParcel); [ipccode 102, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void UpdateSecCompEnhance([in] int pid, [in] unsigned int seqNum); [ipccode 103, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void GetSecCompEnhance([in] int pid, [out] SecCompEnhanceDataParcel enhanceParcel); diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h index 14cd8a00a..8fd5fef42 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h @@ -85,6 +85,7 @@ public: std::vector& permsList, int32_t apiVersion); void NotifyPermGrantStoreResult(bool result, uint64_t timestamp); void ParamUpdate(const std::string& permissionName, uint32_t flag, bool filtered); + void ParamFlagUpdate(); void NotifyWhenPermissionStateUpdated(AccessTokenID tokenID, const std::string& permissionName, bool isGranted, uint32_t flag, const std::shared_ptr& infoPtr); void AddNativePermToKernel( @@ -125,6 +126,9 @@ private: OHOS::Utils::RWLock permParamSetLock_; uint64_t paramValue_ = 0; + OHOS::Utils::RWLock permFlagParamSetLock_; + uint64_t paramFlagValue_ = 0; + OHOS::Utils::RWLock permToggleStateLock_; DISALLOW_COPY_AND_MOVE(PermissionManager); diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index e022ad446..f1f6796d1 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -58,6 +58,7 @@ public: int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; int GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; + int32_t GetSelfPermissionStatus(const std::string& permissionName, int32_t& status) override; int32_t GetSelfPermissionsState(std::vector& reqPermList, PermissionGrantInfoParcel& infoParcel, int32_t& permOper) override; int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector& reqPermList) override; diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index e8f12d457..24e1a9336 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -50,6 +50,7 @@ namespace Security { namespace AccessToken { namespace { static const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change"; +static const char* PERMISSION_STATUS_FLAG_CHANGE_KEY = "accesstoken.permission.flagchange"; static constexpr int32_t VALUE_MAX_LEN = 32; static const std::vector g_notDisplayedPerms = { "ohos.permission.ANSWER_CALL", @@ -92,9 +93,18 @@ PermissionManager::PermissionManager() if (ret < 0) { LOGE(ATM_DOMAIN, ATM_TAG, "Return default value, ret=%{public}d", ret); paramValue_ = 0; + } else { + paramValue_ = static_cast(std::atoll(value)); + } + + char flagValue[VALUE_MAX_LEN] = {0}; + ret = GetParameter(PERMISSION_STATUS_FLAG_CHANGE_KEY, "", flagValue, VALUE_MAX_LEN - 1); + if (ret < 0) { + LOGE(ATM_DOMAIN, ATM_TAG, "Return default flag value, ret=%{public}d", ret); + paramFlagValue_ = 0; return; } - paramValue_ = static_cast(std::atoll(value)); + paramFlagValue_ = static_cast(std::atoll(flagValue)); } PermissionManager::~PermissionManager() @@ -318,6 +328,18 @@ void PermissionManager::ParamUpdate(const std::string& permissionName, uint32_t } } +void PermissionManager::ParamFlagUpdate() +{ + Utils::UniqueWriteGuard infoGuard(this->permFlagParamSetLock_); + paramFlagValue_++; + LOGD(ATM_DOMAIN, ATM_TAG, + "paramFlagValue_ change %{public}llu", static_cast(paramFlagValue_)); + int32_t res = SetParameter(PERMISSION_STATUS_FLAG_CHANGE_KEY, std::to_string(paramFlagValue_).c_str()); + if (res != 0) { + LOGE(ATM_DOMAIN, ATM_TAG, "SetParameter failed %{public}d", res); + } +} + void PermissionManager::NotifyWhenPermissionStateUpdated(AccessTokenID tokenID, const std::string& permissionName, bool isGranted, uint32_t flag, const std::shared_ptr& infoPtr) { @@ -367,6 +389,10 @@ int32_t PermissionManager::UpdateTokenPermissionState( "INT_VAL2", static_cast(flag), "NEED_KILL", needKill); return ret; } + + // notify flag change + ParamFlagUpdate(); + if (statusChanged) { NotifyWhenPermissionStateUpdated(id, permission, isGranted, flag, infoPtr); // To notify kill process when perm is revoke diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 9797e912b..060055da9 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -269,6 +269,21 @@ int AccessTokenManagerService::GetReqPermissions( return ret; } +int32_t AccessTokenManagerService::GetSelfPermissionStatus(const std::string& permissionName, int32_t& status) +{ + status = INVALID_OPER; + AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID(); + PermissionListStateParcel parcel; + parcel.permsState.permissionName = permissionName; + parcel.permsState.state = INVALID_OPER; + std::vector list{parcel}; + (void)GetPermissionsState(callingTokenID, list); + if (!list.empty()) { + status = static_cast(list[0].permsState.state); + } + return ERR_OK; +} + int32_t AccessTokenManagerService::GetSelfPermissionsState(std::vector& reqPermList, PermissionGrantInfoParcel& infoParcel, int32_t& permOper) { diff --git a/test/fuzztest/innerkits/accesstoken/BUILD.gn b/test/fuzztest/innerkits/accesstoken/BUILD.gn index 3891e7499..646d954f9 100644 --- a/test/fuzztest/innerkits/accesstoken/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/BUILD.gn @@ -40,6 +40,7 @@ group("fuzztest") { "getrendertokenid_fuzzer:GetRenderTokenIdFuzzTest", "getreqpermissions_fuzzer:GetReqPermissionsFuzzTest", "getselfpermissionsstate_fuzzer:GetSelfPermissionsStateFuzzTest", + "getselfpermissionstatus_fuzzer:GetSelfPermissionStatusFuzzTest", "gettokenidbyuserid_fuzzer:GetTokenIDByUserIDFuzzTest", "gettokentype_fuzzer:GetTokenTypeFuzzTest", "gettokentypeflag_fuzzer:GetTokenTypeFlagFuzzTest", diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn new file mode 100644 index 000000000..2968c428b --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/BUILD.gn @@ -0,0 +1,42 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../access_token.gni") + +ohos_fuzztest("GetSelfPermissionStatusFuzzTest") { + module_out_path = module_output_path_interface_access_token + fuzz_config_file = "." + include_dirs = [ + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/test/fuzztest/common", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "getselfpermissionstatus_fuzzer.cpp" ] + deps = [ + "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + ] + + configs = [ "${access_token_path}/config:coverage_flags" ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + ] +} diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init new file mode 100644 index 000000000..8f37f0925 --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp new file mode 100644 index 000000000..a9b21bd23 --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.cpp @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "getselfpermissionstatus_fuzzer.h" + +#include +#include +#include +#include "accesstoken_fuzzdata.h" +#undef private +#include "accesstoken_kit.h" + +using namespace std; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { + bool GetSelfPermissionStatusFuzzTest(const uint8_t* data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + AccessTokenFuzzData fuzzData(data, size); + std::string permissionName = fuzzData.GenerateStochasticString(); + PermissionOper status; + + AccessTokenKit::GetSelfPermissionStatus(permissionName, status); + return true; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::GetSelfPermissionStatusFuzzTest(data, size); + return 0; +} diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h new file mode 100644 index 000000000..46854bbce --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/getselfpermissionstatus_fuzzer.h @@ -0,0 +1,28 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H +#define TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H + +#define FUZZ_PROJECT_NAME "getselfpermissionstatus_fuzzer" + +#include +#include +#include +#include +#include +#include + +#endif // TEST_FUZZTEST_GETSELFPERMISSIONSTATUS_FUZZER_H \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml new file mode 100644 index 000000000..66e1dcac4 --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/getselfpermissionstatus_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/services/accesstoken/BUILD.gn b/test/fuzztest/services/accesstoken/BUILD.gn index b5c13d910..af89fb3ed 100644 --- a/test/fuzztest/services/accesstoken/BUILD.gn +++ b/test/fuzztest/services/accesstoken/BUILD.gn @@ -39,6 +39,7 @@ group("fuzztest") { "getreqpermissionbynamestub_fuzzer:GetReqPermissionByNameStubFuzzTest", "getreqpermissionsstub_fuzzer:GetReqPermissionsStubFuzzTest", "getselfpermissionsstatestub_fuzzer:GetSelfPermissionsStateStubFuzzTest", + "getselfpermissionstatusstub_fuzzer:GetSelfPermissionStatusStubFuzzTest", "gettokenidbyuseridstub_fuzzer:GetTokenIDByUserIDStubFuzzTest", "gettokentypestub_fuzzer:GetTokenTypeStubFuzzTest", "grantpermissionforspecifiedtimestub_fuzzer:GrantPermissionForSpecifiedTimeStubFuzzTest", diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn new file mode 100644 index 000000000..4e1b33289 --- /dev/null +++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/BUILD.gn @@ -0,0 +1,50 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../access_token.gni") +import("../access_token_service_fuzz.gni") + +ohos_fuzztest("GetSelfPermissionStatusStubFuzzTest") { + module_out_path = module_output_path_service_access_token + fuzz_config_file = "." + + sources = [ "getselfpermissionstatusstub_fuzzer.cpp" ] + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + include_dirs = access_token_include_dirs + + deps = access_token_deps + + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] + + external_deps = access_token_external_deps + + include_dirs += access_token_impl_include_dirs + + cflags_cc = access_token_cflags_cc + + sources += access_token_sources + + sources += access_token_impl_sources +} diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init new file mode 100644 index 000000000..65af8ee8d --- /dev/null +++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp new file mode 100644 index 000000000..5587af8d2 --- /dev/null +++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.cpp @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "getselfpermissionstatusstub_fuzzer.h" + +#include +#include +#include +#undef private +#include "accesstoken_fuzzdata.h" +#include "accesstoken_manager_service.h" +#include "iaccess_token_manager.h" + +using namespace std; +using namespace OHOS; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { + bool GetSelfPermissionStatusStubFuzzTest(const uint8_t* data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + AccessTokenFuzzData fuzzData(data, size); + std::string permissionName = fuzzData.GenerateStochasticString(); + MessageParcel datas; + datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!datas.WriteString(permissionName)) { + return false; + } + + uint32_t code = static_cast( + IAccessTokenManagerIpcCode::COMMAND_GET_SELF_PERMISSION_STATUS); + MessageParcel reply; + MessageOption option; + DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); + return true; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::GetSelfPermissionStatusStubFuzzTest(data, size); + return 0; +} + diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h new file mode 100644 index 000000000..6c3de023f --- /dev/null +++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/getselfpermissionstatusstub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H +#define TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "getselfpermissionstatusstub_fuzzer" + +#endif // TEST_FUZZTEST_GETSELFPERMISSIONSTATUSSTUB_FUZZER_H diff --git a/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml new file mode 100644 index 000000000..66e1dcac4 --- /dev/null +++ b/test/fuzztest/services/accesstoken/getselfpermissionstatusstub_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + -- Gitee From 7763d9323308a04822ea4fc6a382c3fa0c3dbd44 Mon Sep 17 00:00:00 2001 From: wuliushuan Date: Sat, 12 Apr 2025 18:16:36 +0800 Subject: [PATCH 080/103] =?UTF-8?q?=E6=94=AF=E6=8C=81=E5=85=83=E6=9C=8D?= =?UTF-8?q?=E5=8A=A1250508=20master?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wuliushuan Change-Id: I7bb9839eec961df98976ee0446a370d3e470eaa5 --- .../accesstoken/src/hap_info_parcel.cpp | 2 + .../accesstoken/include/accesstoken_kit.h | 7 ++ .../accesstoken/include/hap_token_info.h | 4 + .../accesstoken/libaccesstoken_sdk.map | 1 + .../accesstoken/src/accesstoken_kit.cpp | 22 +++-- .../src/accesstoken_manager_client.cpp | 1 + .../HapTokenTest/init_hap_token_test.cpp | 85 +++++++++++++++++++ services/accesstokenmanager/idl/IdlCommon.idl | 2 + .../service/accesstoken_manager_service.cpp | 1 + .../src/token/accesstoken_info_manager.cpp | 9 ++ .../cpp/src/token/hap_token_info_inner.cpp | 9 ++ 11 files changed, 137 insertions(+), 6 deletions(-) diff --git a/frameworks/accesstoken/src/hap_info_parcel.cpp b/frameworks/accesstoken/src/hap_info_parcel.cpp index bac45bdb6..3025e3777 100644 --- a/frameworks/accesstoken/src/hap_info_parcel.cpp +++ b/frameworks/accesstoken/src/hap_info_parcel.cpp @@ -33,6 +33,7 @@ bool HapInfoParcel::Marshalling(Parcel& out) const if (this->hapInfoParameter.isRestore) { RETURN_IF_FALSE(out.WriteUint32(this->hapInfoParameter.tokenID)); } + RETURN_IF_FALSE(out.WriteBool(this->hapInfoParameter.isAtomicService)); return true; } @@ -54,6 +55,7 @@ HapInfoParcel* HapInfoParcel::Unmarshalling(Parcel& in) if (hapInfoParcel->hapInfoParameter.isRestore) { RELEASE_IF_FALSE(in.ReadUint32(hapInfoParcel->hapInfoParameter.tokenID), hapInfoParcel); } + RELEASE_IF_FALSE(in.ReadBool(hapInfoParcel->hapInfoParameter.isAtomicService), hapInfoParcel); return hapInfoParcel; } } // namespace AccessToken diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index c35fc7cc6..18e501992 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -538,6 +538,13 @@ public: */ static int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance); #endif + + /** + * Whether it is a atomic service + * @param tokenId token id. + * @return bool + */ + static bool IsAtomicServiceByFullTokenID(uint64_t tokenId); }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h index 0292fc395..24e098201 100644 --- a/interfaces/innerkits/accesstoken/include/hap_token_info.h +++ b/interfaces/innerkits/accesstoken/include/hap_token_info.h @@ -74,6 +74,8 @@ public: std::string appDistributionType; bool isRestore = false; AccessTokenID tokenID = INVALID_TOKENID; + /** Whether hap is a atomic-service */ + bool isAtomicService = false; }; /** @@ -88,6 +90,8 @@ public: bool isSystemApp; /* app type */ std::string appDistributionType; + /** Whether hap is a atomic-service */ + bool isAtomicService = false; }; /** diff --git a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map index d4cad6a2e..01cb29cab 100644 --- a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map +++ b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map @@ -88,6 +88,7 @@ "OHOS::Security::AccessToken::AccessTokenKit::GetKernelPermissions(unsigned int, std::__h::vector>&)"; OHOS::Security::AccessToken::AccessTokenKit::IsSystemAppByFullTokenID*; OHOS::Security::AccessToken::AccessTokenKit::GetRenderTokenID*; + OHOS::Security::AccessToken::AccessTokenKit::IsAtomicServiceByFullTokenID*; ""; ""; }; diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 09ca1bc9b..1bb7baadc 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -14,6 +14,7 @@ */ #include "accesstoken_kit.h" +#include #include #include #include "accesstoken_common_log.h" @@ -34,6 +35,7 @@ namespace Security { namespace AccessToken { namespace { static const uint64_t SYSTEM_APP_MASK = (static_cast(1) << 32); +static const uint64_t ATOMIC_SERVICE_MASK = (static_cast(1) << 33); static const uint64_t TOKEN_ID_LOWMASK = 0xffffffff; static const int INVALID_DLP_TOKEN_FLAG = -1; static const int FIRSTCALLER_TOKENID_DEFAULT = 0; @@ -89,8 +91,9 @@ AccessTokenIDEx AccessTokenKit::AllocHapToken(const HapInfoParams& info, const H { AccessTokenIDEx res = {0}; LOGI(ATM_DOMAIN, ATM_TAG, "UserID: %{public}d, bundleName :%{public}s, \ -permList: %{public}zu, stateList: %{public}zu, checkIgnore: %{public}d", - info.userID, info.bundleName.c_str(), policy.permList.size(), policy.permStateList.size(), policy.checkIgnore); +permList: %{public}zu, stateList: %{public}zu, checkIgnore: %{public}d, isAtomicService: %{public}d", + info.userID, info.bundleName.c_str(), policy.permList.size(), policy.permStateList.size(), policy.checkIgnore, + info.isAtomicService); if ((!DataValidator::IsUserIdValid(info.userID)) || !DataValidator::IsAppIDDescValid(info.appIDDesc) || !DataValidator::IsBundleNameValid(info.bundleName) || !DataValidator::IsAplNumValid(policy.apl) || !DataValidator::IsDomainValid(policy.domain) || !DataValidator::IsDlpTypeValid(info.dlpType)) { @@ -113,9 +116,9 @@ int32_t AccessTokenKit::InitHapToken(const HapInfoParams& info, HapPolicyParams& AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) { LOGI(ATM_DOMAIN, ATM_TAG, "UserID: %{public}d, bundleName :%{public}s, permList: %{public}zu, " - "stateList: %{public}zu, aclExtendedMap: %{public}zu, checkIgnore: %{public}d", + "stateList: %{public}zu, aclExtendedMap: %{public}zu, checkIgnore: %{public}d, isAtomicService: %{public}d", info.userID, info.bundleName.c_str(), policy.permList.size(), policy.permStateList.size(), - policy.aclExtendedMap.size(), policy.checkIgnore); + policy.aclExtendedMap.size(), policy.checkIgnore, info.isAtomicService); if ((!DataValidator::IsUserIdValid(info.userID)) || !DataValidator::IsAppIDDescValid(info.appIDDesc) || !DataValidator::IsBundleNameValid(info.bundleName) || !DataValidator::IsAplNumValid(policy.apl) || !DataValidator::IsDomainValid(policy.domain) || !DataValidator::IsDlpTypeValid(info.dlpType) || @@ -153,9 +156,10 @@ int32_t AccessTokenKit::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateH const HapPolicyParams& policy, HapInfoCheckResult& result) { LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d, isSystemApp: %{public}d, \ -permList: %{public}zu, stateList: %{public}zu, aclExtendedMap: %{public}zu, checkIgnore: %{public}d", +permList: %{public}zu, stateList: %{public}zu, aclExtendedMap: %{public}zu, checkIgnore: %{public}d, \ +isAtomicService: %{public}d", tokenIdEx.tokenIdExStruct.tokenID, info.isSystemApp, policy.permList.size(), policy.permStateList.size(), - policy.aclExtendedMap.size(), policy.checkIgnore); + policy.aclExtendedMap.size(), policy.checkIgnore, info.isAtomicService); if ((tokenIdEx.tokenIdExStruct.tokenID == INVALID_TOKENID) || (!DataValidator::IsAppIDDescValid(info.appIDDesc)) || (!DataValidator::IsAplNumValid(policy.apl)) || !DataValidator::IsAclExtendedMapSizeValid(policy.aclExtendedMap)) { @@ -838,6 +842,12 @@ int32_t AccessTokenKit::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhan return AccessTokenManagerClient::GetInstance().GetSecCompEnhance(pid, enhance); } #endif + +bool AccessTokenKit::IsAtomicServiceByFullTokenID(uint64_t tokenId) +{ + LOGI(ATM_DOMAIN, ATM_TAG, "Called, tokenId=%{public}" PRId64, tokenId); + return (tokenId & ATOMIC_SERVICE_MASK) == ATOMIC_SERVICE_MASK; +} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index ca709ae32..31a9e1b7f 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -665,6 +665,7 @@ int32_t AccessTokenManagerClient::UpdateHapToken(AccessTokenIDEx& tokenIdEx, con infoIdl.apiVersion = info.apiVersion; infoIdl.isSystemApp = info.isSystemApp; infoIdl.appDistributionType = info.appDistributionType; + infoIdl.isAtomicService = info.isAtomicService; HapInfoCheckResultIdl resultInfoIdl; uint64_t fullTokenId = tokenIdEx.tokenIDEx; int32_t res = proxy->UpdateHapToken(fullTokenId, infoIdl, hapPolicyParcel, resultInfoIdl); diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp index 6f1c99888..491e6a074 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp @@ -34,6 +34,9 @@ namespace OHOS { namespace Security { namespace AccessToken { namespace { +static constexpr uint32_t NUMBER_ONE = 1; +static constexpr uint32_t NUMBER_TWO = 2; +static constexpr uint32_t NUMBER_THREE = 3; static uint64_t g_selfTokenId = 0; static constexpr int32_t THIRTY_TIME_CYCLES = 30; static constexpr int32_t MAX_EXTENDED_MAP_SIZE = 512; @@ -387,6 +390,88 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest007, TestSize.Level1) ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID)); } +/** + * @tc.name: InitHapTokenFuncTest008 + * @tc.desc: Install atomic app success + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest008, TestSize.Level1) +{ + LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest008"); + MockNativeToken mock("foundation"); + + HapInfoParams infoParams; + HapPolicyParams policyParams; + TestCommon::GetHapParams(infoParams, policyParams); + infoParams.isSystemApp = false; + infoParams.isAtomicService = true; + infoParams.bundleName = "install.atomic.service.test"; + AccessTokenIDEx fullTokenId; + HapInfoCheckResult result; + ASSERT_EQ(RET_SUCCESS, AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId, result)); + ASSERT_TRUE(AccessTokenKit::IsAtomicServiceByFullTokenID(static_cast(fullTokenId.tokenIDEx))); + + AccessTokenIDEx tokenIDEx = AccessTokenKit::GetHapTokenIDEx( + infoParams.userID, infoParams.bundleName, infoParams.instIndex); + ASSERT_TRUE(AccessTokenKit::IsAtomicServiceByFullTokenID(static_cast(tokenIDEx.tokenIDEx))); + EXPECT_EQ(tokenIDEx.tokenIDEx, fullTokenId.tokenIDEx); + + AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID; + HapTokenInfo hapTokenInfoRes; + ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes)); + EXPECT_EQ(NUMBER_TWO, hapTokenInfoRes.tokenAttr); + + ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID)); +} + +/** + * @tc.name: InitHapTokenFuncTest009 + * @tc.desc: Install the system service app and update it as a atomic service + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest009, TestSize.Level1) +{ + LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest009"); + MockNativeToken mock("foundation"); + + HapInfoParams infoParams; + HapPolicyParams policyParams; + TestCommon::GetHapParams(infoParams, policyParams); + infoParams.isSystemApp = true; + infoParams.bundleName = "update.atomic.service.test"; + AccessTokenIDEx fullTokenId; + HapInfoCheckResult result; + ASSERT_EQ(RET_SUCCESS, AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId, result)); + ASSERT_TRUE(AccessTokenKit::IsSystemAppByFullTokenID(static_cast(fullTokenId.tokenIDEx))); + ASSERT_FALSE(AccessTokenKit::IsAtomicServiceByFullTokenID(static_cast(fullTokenId.tokenIDEx))); + + UpdateHapInfoParams info; + info.appIDDesc = infoParams.appIDDesc; + info.apiVersion = infoParams.apiVersion; + info.isSystemApp = infoParams.isSystemApp; + info.appDistributionType = infoParams.appDistributionType; + info.isAtomicService = true; + ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(fullTokenId, info, policyParams)); + ASSERT_TRUE(AccessTokenKit::IsSystemAppByFullTokenID(static_cast(fullTokenId.tokenIDEx))); + ASSERT_TRUE(AccessTokenKit::IsAtomicServiceByFullTokenID(static_cast(fullTokenId.tokenIDEx))); + + AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID; + HapTokenInfo hapTokenInfoRes; + ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes)); + EXPECT_EQ(NUMBER_THREE, hapTokenInfoRes.tokenAttr); + + info.isAtomicService = false; + ASSERT_EQ(RET_SUCCESS, AccessTokenKit::UpdateHapToken(fullTokenId, info, policyParams)); + ASSERT_TRUE(AccessTokenKit::IsSystemAppByFullTokenID(static_cast(fullTokenId.tokenIDEx))); + ASSERT_FALSE(AccessTokenKit::IsAtomicServiceByFullTokenID(static_cast(fullTokenId.tokenIDEx))); + ASSERT_EQ(RET_SUCCESS, AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes)); + EXPECT_EQ(NUMBER_ONE, hapTokenInfoRes.tokenAttr); + + ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID)); +} + /** * @tc.name: InitHapTokenSpecsTest001 * @tc.desc: Test request the high-level permission authorized by acl. diff --git a/services/accesstokenmanager/idl/IdlCommon.idl b/services/accesstokenmanager/idl/IdlCommon.idl index a95766a4e..384c7aee5 100644 --- a/services/accesstokenmanager/idl/IdlCommon.idl +++ b/services/accesstokenmanager/idl/IdlCommon.idl @@ -35,6 +35,8 @@ struct UpdateHapInfoParamsIdl { boolean isSystemApp; /* app type */ String appDistributionType; + /** Whether hap is a atomic service */ + boolean isAtomicService; }; enum PermissionRulesEnumIdl { diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 9797e912b..870ffe131 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -867,6 +867,7 @@ int32_t AccessTokenManagerService::UpdateHapToken(uint64_t& fullTokenId, const U info.apiVersion = infoIdl.apiVersion; info.isSystemApp = infoIdl.isSystemApp; info.appDistributionType = infoIdl.appDistributionType; + info.isAtomicService = infoIdl.isAtomicService; int64_t beginTime = TimeUtil::GetCurrentTimestamp(); HapTokenInfo hapInfo; diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index e5d1ba764..608bae333 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -57,6 +57,7 @@ namespace AccessToken { namespace { std::recursive_mutex g_instanceMutex; static const unsigned int SYSTEM_APP_FLAG = 0x0001; +static const unsigned int ATOMIC_SERVICE_FLAG = 0x0002; static constexpr int32_t BASE_USER_RANGE = 200000; #ifdef TOKEN_SYNC_ENABLE static const int MAX_PTHREAD_NAME_LEN = 15; // pthread name max length @@ -616,6 +617,9 @@ int AccessTokenInfoManager::AllocAccessTokenIDEx( if (info.isSystemApp) { tokenIdEx.tokenIdExStruct.tokenAttr |= SYSTEM_APP_FLAG; } + if (info.isAtomicService) { + tokenIdEx.tokenIdExStruct.tokenAttr |= ATOMIC_SERVICE_FLAG; + } return RET_SUCCESS; } @@ -711,6 +715,11 @@ int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const } else { tokenIdEx.tokenIdExStruct.tokenAttr &= ~SYSTEM_APP_FLAG; } + if (info.isAtomicService) { + tokenIdEx.tokenIdExStruct.tokenAttr |= ATOMIC_SERVICE_FLAG; + } else { + tokenIdEx.tokenIdExStruct.tokenAttr &= ~ATOMIC_SERVICE_FLAG; + } { Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); infoPtr->Update(info, permStateList, hapPolicy); diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index aac064b31..82b304acb 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -37,6 +37,7 @@ namespace AccessToken { namespace { static const std::string DEFAULT_DEVICEID = "0"; static const unsigned int SYSTEM_APP_FLAG = 0x0001; +static const unsigned int ATOMIC_SERVICE_FLAG = 0x0002; } HapTokenInfoInner::HapTokenInfoInner() : permUpdateTimestamp_(0), isRemote_(false) @@ -60,6 +61,9 @@ HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id, if (info.isSystemApp) { tokenInfoBasic_.tokenAttr |= SYSTEM_APP_FLAG; } + if (info.isAtomicService) { + tokenInfoBasic_.tokenAttr |= ATOMIC_SERVICE_FLAG; + } tokenInfoBasic_.bundleName = info.bundleName; tokenInfoBasic_.apiVersion = GetApiVersion(info.apiVersion); tokenInfoBasic_.instIndex = info.instIndex; @@ -98,6 +102,11 @@ void HapTokenInfoInner::Update(const UpdateHapInfoParams& info, const std::vecto } else { tokenInfoBasic_.tokenAttr &= ~SYSTEM_APP_FLAG; } + if (info.isAtomicService) { + tokenInfoBasic_.tokenAttr |= ATOMIC_SERVICE_FLAG; + } else { + tokenInfoBasic_.tokenAttr &= ~ATOMIC_SERVICE_FLAG; + } Utils::UniqueWriteGuard infoGuard(this->policySetLock_); PermissionDataBrief::GetInstance().Update(tokenInfoBasic_.tokenID, permStateList, hapPolicy.aclExtendedMap); } -- Gitee From cc4ff836d27aa375ccbbb3ae7cab9dc4ed9632bd Mon Sep 17 00:00:00 2001 From: lihehe Date: Fri, 9 May 2025 16:14:00 +0800 Subject: [PATCH 081/103] add device types and generate permissions from security_access_token Signed-off-by: lihehe Change-Id: Ie5e58cfb9bc4ffe0621252059741e87056a27fe1 --- frameworks/common/BUILD.gn | 22 +- frameworks/common/permission_check.py | 117 +++++++++ .../common/permission_definition_parser.py | 46 +++- .../accesstoken/test/unittest/BUILD.gn | 1 - .../check_permission_map_test.cpp | 227 ------------------ .../check_permission_map_test.h | 45 ---- .../permission_definitions.json | 17 +- 7 files changed, 185 insertions(+), 290 deletions(-) create mode 100755 frameworks/common/permission_check.py delete mode 100644 interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.cpp delete mode 100644 interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.h diff --git a/frameworks/common/BUILD.gn b/frameworks/common/BUILD.gn index a970dab5e..30c9f2b95 100644 --- a/frameworks/common/BUILD.gn +++ b/frameworks/common/BUILD.gn @@ -19,6 +19,20 @@ config("accesstoken_common_cxx_public_config") { include_dirs = [ "include" ] } +action("permission_definition_check") { + script = "permission_check.py" + args = [ + "--source-root-dir", + rebase_path("//", root_build_dir), + "--input-full-permissions", + rebase_path("${access_token_path}") + + "/services/accesstokenmanager/permission_definitions.json", + ] + inputs = [ rebase_path("${access_token_path}") + + "/services/accesstokenmanager/permission_definitions.json" ] + outputs = [ "$target_out_dir" ] +} + action("permission_definition_parse") { script = "permission_definition_parser.py" inputs = [ rebase_path("${access_token_path}") + @@ -29,8 +43,13 @@ action("permission_definition_parse") { "/services/accesstokenmanager/permission_definitions.json", "--output-path", rebase_path(target_out_dir) + "/permission_map_constant.h", + "--target-platform", + target_platform, ] - outputs = [ "$target_out_dir" ] + outputs = [ "$target_out_dir" + "/permission_map_constant.h" ] + if (!ohos_indep_compiler_enable) { + deps = [ ":permission_definition_check" ] + } } ohos_static_library("accesstoken_static_log") { @@ -96,6 +115,7 @@ ohos_shared_library("accesstoken_common_cxx") { ":accesstoken_static_log", ":permission_definition_parse", ] + external_deps = [ "c_utils:utils", "hilog:libhilog", diff --git a/frameworks/common/permission_check.py b/frameworks/common/permission_check.py new file mode 100755 index 000000000..4cbcce5fa --- /dev/null +++ b/frameworks/common/permission_check.py @@ -0,0 +1,117 @@ +#!/usr/bin/env python +# coding: utf-8 + +""" +Copyright (c) 2025 Huawei Device Co., Ltd. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +""" + +import json +import argparse +import os + + +REQUIRED_ATTRS = [ + "name", + "grantMode", + "availableLevel", + "since", + "provisionEnable", + "distributedSceneEnable" +] + + +ATTRS_ONLY_IN_RESOURCE = [ + "label", + "description" +] + + +def parse_definition_json(path): + permission_maps = {} + with open(path, "r", encoding="utf-8") as f: + data = json.load(f) + for perm in data["definePermissions"]: + permission_maps[perm["name"]] = perm + return permission_maps + + +def parse_module_json(path): + permission_maps = {} + if not os.path.exists(path): + return {} + with open(path, "r", encoding="utf-8") as f: + data = json.load(f) + for perm in data["module"]["definePermissions"]: + permission_maps[perm["name"]] = perm + return permission_maps + + +def check_required_param(defs, filename): + for attr in REQUIRED_ATTRS: + if not attr in defs: + raise Exception("Not found {} of {} in {}".format( + attr, defs["name"], filename)) + + +def check_consistency(def_in_module, full_def): + for attr, value in full_def.items(): + if not attr in def_in_module: + continue + if not value == def_in_module[attr]: + raise Exception("{} of {} is inconsistent in module.json and permission_definition.json".format( + attr, def_in_module["name"])) + + for attr in def_in_module.keys(): + if attr in ATTRS_ONLY_IN_RESOURCE: + continue + elif not attr in full_def: + raise Exception("{} of {} should be define in permission_definition.json".format(attr, + def_in_module["name"])) + + +def check_maps(module_map, definition_map): + for name, perm_def in definition_map.items(): + if not "availableType" in perm_def: + raise Exception("Cannot define permission {} without availableType " \ + "in permission_definition.json".format(name)) + if perm_def["availableType"] == "SERVICE": + if name in module_map: + raise Exception("Cannot define permission {} for SERVICE in module.json".format(name)) + continue + if not name in module_map: + raise Exception("To add permission definition of {} in system_global_resource.".format(name)) + check_required_param(module_map[name], "module.json") + check_required_param(definition_map[name], "permission_definition.json") + check_consistency(module_map[name], definition_map[name]) + + +def parse_args(): + parser = argparse.ArgumentParser() + parser.add_argument('--source-root-dir', help='build root dir', required=True) + parser.add_argument('--input-full-permissions', help='json file for permission definition', required=True) + return parser.parse_args() + + +if __name__ == "__main__": + input_args = parse_args() + module_json_path = os.path.join("base/global/system_resources/systemres/main", "module.json") + module_json_path = os.path.join(input_args.source_root_dir, module_json_path) + module_json_map = parse_module_json(module_json_path) + if not module_json_map: + print("Not found {}, no need to check consistency.".format(module_json_path)) + exit(0) + full_permissions_map = parse_definition_json(input_args.input_full_permissions) + check_maps(module_json_map, full_permissions_map) + print("Check permission consistency pass!") \ No newline at end of file diff --git a/frameworks/common/permission_definition_parser.py b/frameworks/common/permission_definition_parser.py index 924f3734f..014e65fea 100755 --- a/frameworks/common/permission_definition_parser.py +++ b/frameworks/common/permission_definition_parser.py @@ -82,6 +82,15 @@ JSON_VALUE_CONVERT_TO_CPP_DICT = { "system_core": "APL_SYSTEM_CORE", } +CONVERT_TARGET_PLATFORM = { + "phone": "phone", + "watch": "wearable", + "tablet": "tablet", + "pc": "2in1", + "tv": "tv", + "car": "car", +} + class PermissionDef(object): def __init__(self, permission_def_dict, code): @@ -114,6 +123,17 @@ class PermissionDef(object): else: self.has_value = "false" + if permission_def_dict["since"] >= 20 and not "deviceTypes" in permission_def_dict: + raise Exception("No deviceTypes in permission difinition of {}".format(self.name)) + + if "deviceTypes" in permission_def_dict: + if isinstance(permission_def_dict["deviceTypes"], list) and len(permission_def_dict["deviceTypes"]) > 0: + self.device_types = permission_def_dict["deviceTypes"] + else: + raise Exception("Must be filled with available device type list, name = {}".format(self.name)) + else: + self.device_types = ["general"] + self.code = code def dump_permission_name(self): @@ -129,8 +149,15 @@ class PermissionDef(object): ) return entry + def check_device_type(self, target_platform): + if "general" in self.device_types: + return True + if target_platform in self.device_types: + return True + return False + -def parse_json(path): +def parse_json(path, platform): extend_perm = { 'name' : 'ohos.permission.KERNEL_ATM_SELF_USE', 'grantMode' : 'system_grant', @@ -149,12 +176,11 @@ def parse_json(path): with open(path, "r", encoding="utf-8") as f: data = json.load(f) index = 0 - for perm in data["systemGrantPermissions"]: - permission_list.append(PermissionDef(perm, index)) - index += 1 - - for perm in data["userGrantPermissions"]: - permission_list.append(PermissionDef(perm, index)) + for perm in data["definePermissions"]: + perm_def = PermissionDef(perm, index) + if not perm_def.check_device_type(platform): + continue + permission_list.append(perm_def) index += 1 permission_list.append(PermissionDef(extend_perm, index)) return permission_list @@ -177,10 +203,14 @@ def parse_args(): parser = argparse.ArgumentParser() parser.add_argument('--output-path', help='the output cpp path', required=True) parser.add_argument('--input-json', help='json file for permission difinition', required=True) + parser.add_argument('--target-platform', help='build target platform', required=True) return parser.parse_args() if __name__ == "__main__": input_args = parse_args() - permission_list = parse_json(input_args.input_json) + curr_platform = "general" + if input_args.target_platform in CONVERT_TARGET_PLATFORM: + curr_platform = CONVERT_TARGET_PLATFORM[input_args.target_platform] + permission_list = parse_json(input_args.input_json, curr_platform) convert_to_cpp(input_args.output_path, permission_list) \ No newline at end of file diff --git a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn index c8267ecdb..54a0bce2c 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn @@ -62,7 +62,6 @@ ohos_unittest("libaccesstoken_sdk_test") { "PermisionDialogTest/get_self_permission_state_test.cpp", "PermisionDialogTest/request_permission_on_setting_test.cpp", "PermisionDialogTest/set_perm_dialog_cap_test.cpp", - "PermissionsTest/check_permission_map_test.cpp", "PermissionsTest/clear_user_granted__permission_state_test.cpp", "PermissionsTest/get_permission_test.cpp", "PermissionsTest/grant_permission_for_specified_time_test.cpp", diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.cpp deleted file mode 100644 index bb184830e..000000000 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.cpp +++ /dev/null @@ -1,227 +0,0 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "check_permission_map_test.h" -#include "gtest/gtest.h" -#include -#include -#include -#include -#include -#include -#include -#include - -#include "access_token.h" -#include "cJSON.h" - -#include "permission_def.h" -#include "permission_map.h" - -using namespace testing::ext; -typedef cJSON CJson; -typedef std::unique_ptr> CJsonUnique; -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static const std::string DEFINE_PERMISSION_FILE = "/system/etc/access_token/permission_definitions.json"; -static const std::string SYSTEM_GRANT_DEFINE_PERMISSION = "systemGrantPermissions"; -static const std::string USER_GRANT_DEFINE_PERMISSION = "userGrantPermissions"; -static const std::string PERMISSION_GRANT_MODE_SYSTEM_GRANT = "system_grant"; -constexpr int32_t MAX_NATIVE_CONFIG_FILE_SIZE = 5 * 1024 * 1024; // 5M -constexpr size_t BUFFER_SIZE = 1024; -constexpr uint32_t ACCESS_TOKEN_UID = 3020; -} - -void CheckPermissionMapTest::SetUpTestCase() -{ -} - -void CheckPermissionMapTest::TearDownTestCase() -{ -} - -void CheckPermissionMapTest::SetUp() -{ -} - -void CheckPermissionMapTest::TearDown() -{ -} - -static int32_t GetPermissionGrantMode(const std::string &mode) -{ - if (mode == PERMISSION_GRANT_MODE_SYSTEM_GRANT) { - return AccessToken::GrantMode::SYSTEM_GRANT; - } - return AccessToken::GrantMode::USER_GRANT; -} - -static bool ReadCfgFile(const std::string& file, std::string& rawData) -{ - int32_t selfUid = getuid(); - setuid(ACCESS_TOKEN_UID); - char filePath[PATH_MAX] = {0}; - if (realpath(file.c_str(), filePath) == NULL) { - setuid(selfUid); - return false; - } - int32_t fd = open(filePath, O_RDONLY); - if (fd < 0) { - setuid(selfUid); - return false; - } - struct stat statBuffer; - - if (fstat(fd, &statBuffer) != 0) { - close(fd); - setuid(selfUid); - return false; - } - - if (statBuffer.st_size == 0) { - close(fd); - setuid(selfUid); - return false; - } - if (statBuffer.st_size > MAX_NATIVE_CONFIG_FILE_SIZE) { - close(fd); - setuid(selfUid); - return false; - } - rawData.reserve(statBuffer.st_size); - - char buff[BUFFER_SIZE] = { 0 }; - ssize_t readLen = 0; - while ((readLen = read(fd, buff, BUFFER_SIZE)) > 0) { - rawData.append(buff, readLen); - } - close(fd); - setuid(selfUid); - return true; -} - -void FreeJson(CJson* jsonObj) -{ - cJSON_Delete(jsonObj); - jsonObj = nullptr; -} - -CJsonUnique CreateJsonFromString(const std::string& jsonStr) -{ - if (jsonStr.empty()) { - CJsonUnique aPtr(cJSON_CreateObject(), FreeJson); - return aPtr; - } - CJsonUnique aPtr(cJSON_Parse(jsonStr.c_str()), FreeJson); - return aPtr; -} - -static CJson* GetArrayFromJson(const CJson* jsonObj, const std::string& key) -{ - if (key.empty()) { - return nullptr; - } - - CJson* objValue = cJSON_GetObjectItemCaseSensitive(jsonObj, key.c_str()); - if (objValue != nullptr && cJSON_IsArray(objValue)) { - return objValue; - } - return nullptr; -} - -bool GetStringFromJson(const CJson *jsonObj, const std::string& key, std::string& out) -{ - if (jsonObj == nullptr || key.empty()) { - return false; - } - - cJSON *jsonObjTmp = cJSON_GetObjectItemCaseSensitive(jsonObj, key.c_str()); - if (jsonObjTmp != nullptr && cJSON_IsString(jsonObjTmp)) { - out = cJSON_GetStringValue(jsonObjTmp); - return true; - } - return false; -} - -static bool GetPermissionDefList(const CJsonUnique &json, const std::string& permsRawData, - const std::string& type, std::vector& permDefList) -{ - cJSON *permDefObj = GetArrayFromJson(json.get(), type); - if (permDefObj == nullptr) { - return false; - } - CJson *j = nullptr; - cJSON_ArrayForEach(j, permDefObj) { - PermissionDef result; - GetStringFromJson(j, "name", result.permissionName); - std::string grantModeStr = ""; - GetStringFromJson(j, "grantMode", grantModeStr); - result.grantMode = GetPermissionGrantMode(grantModeStr); - permDefList.emplace_back(result); - } - return true; -} - -static bool ParserPermsRawData(const std::string& permsRawData, - std::vector& permDefList) -{ - CJsonUnique jsonRes = CreateJsonFromString(permsRawData); - if (jsonRes == nullptr) { - return false; - } - - bool ret = GetPermissionDefList(jsonRes, permsRawData, SYSTEM_GRANT_DEFINE_PERMISSION, permDefList); - if (!ret) { - return false; - } - - return GetPermissionDefList(jsonRes, permsRawData, USER_GRANT_DEFINE_PERMISSION, permDefList); -} - -/** - * @tc.name: CheckPermissionMapFuncTest001 - * @tc.desc: Check if permissions in permission_definitions.json are consistent with g_permMap in permission_map.cpp - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(CheckPermissionMapTest, CheckPermissionMapFuncTest001, TestSize.Level1) -{ - std::string permsRawData; - EXPECT_TRUE(ReadCfgFile(DEFINE_PERMISSION_FILE, permsRawData)); - - std::vector permDefList; - EXPECT_TRUE(ParserPermsRawData(permsRawData, permDefList)); - - uint32_t opCode; - for (const auto& perm : permDefList) { - // Check if permissions exist - bool isExsit = TransferPermissionToOpcode(perm.permissionName, opCode); - if (!isExsit) { - GTEST_LOG_(INFO) << "permission name is " << perm.permissionName; - } - EXPECT_TRUE(isExsit); - // Check true-user_grant/false-system_grant - if (perm.grantMode == AccessToken::GrantMode::USER_GRANT) { - EXPECT_TRUE(IsUserGrantPermission(perm.permissionName)); - } else if (perm.grantMode == AccessToken::GrantMode::SYSTEM_GRANT) { - EXPECT_FALSE(IsUserGrantPermission(perm.permissionName)); - } - } -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS \ No newline at end of file diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.h b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.h deleted file mode 100644 index f539a211d..000000000 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/check_permission_map_test.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef CHECK_PERMISSION_MAP_TEST_H -#define CHECK_PERMISSION_MAP_TEST_H - -#include - -#include "access_token.h" -#include "accesstoken_kit.h" -#include "permission_def.h" -#include "permission_state_full.h" -#include "nocopyable.h" -#include "permission_def.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -struct PermissionDefParseRet { - PermissionDef permDef; - bool isSuccessful = false; -}; -class CheckPermissionMapTest : public testing::Test { -public: - static void SetUpTestCase(); - static void TearDownTestCase(); - void SetUp(); - void TearDown(); -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // CHECK_PERMISSION_MAP_TEST_H \ No newline at end of file diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 6003b4329..4f6279b9e 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -1,5 +1,5 @@ { - "systemGrantPermissions": [ + "definePermissions": [ { "name": "ohos.permission.ACCESS_BIOMETRIC", "grantMode": "system_grant", @@ -708,7 +708,8 @@ "since": 8, "deprecated": "", "provisionEnable": true, - "distributedSceneEnable": false + "distributedSceneEnable": false, + "deviceTypes": ["general"] }, { "name": "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", @@ -718,7 +719,8 @@ "since": 8, "deprecated": "", "provisionEnable": true, - "distributedSceneEnable": false + "distributedSceneEnable": false, + "deviceTypes": ["general"] }, { "name": "ohos.permission.GET_SENSITIVE_PERMISSIONS", @@ -728,7 +730,8 @@ "since": 8, "deprecated": "", "provisionEnable": true, - "distributedSceneEnable": false + "distributedSceneEnable": false, + "deviceTypes": ["general"] }, { "name": "ohos.permission.SET_TELEPHONY_STATE", @@ -1123,7 +1126,7 @@ { "name": "ohos.permission.ACCESS_CERT_MANAGER_INTERNAL", "grantMode": "system_grant", - "availableLevel": "system_basic", + "availableLevel": "system_core", "availableType": "SYSTEM", "since": 9, "deprecated": "", @@ -4551,9 +4554,7 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false - } - ], - "userGrantPermissions": [ + }, { "name": "ohos.permission.CUSTOM_SCREEN_CAPTURE", "grantMode": "user_grant", -- Gitee From 5564265ac396fb059e042ab29435952a7f73d456 Mon Sep 17 00:00:00 2001 From: xueyuanzhao Date: Fri, 9 May 2025 16:45:42 +0800 Subject: [PATCH 082/103] Signed-off-by:xueyuanzhao Signed-off-by: xueyuanzhao Change-Id: I07f8dfb1d9d5254c9dc7c1a343f68326ae2cdfbf --- services/accesstokenmanager/permission_definitions.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 6003b4329..fb93c8643 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -174,7 +174,7 @@ "name": "ohos.permission.INPUT_MONITORING", "grantMode": "system_grant", "availableLevel": "system_basic", - "availableType": "SYSTEM", + "availableType": "NORMAL", "since": 7, "deprecated": "", "provisionEnable": true, @@ -2676,7 +2676,7 @@ "name": "ohos.permission.INTERCEPT_INPUT_EVENT", "grantMode": "system_grant", "availableLevel": "system_basic", - "availableType": "SYSTEM", + "availableType": "NORMAL", "since": 11, "deprecated": "", "provisionEnable": true, -- Gitee From bd0805083bfdd4833822bc0e63cf788381519141 Mon Sep 17 00:00:00 2001 From: xia-bubai Date: Sat, 10 May 2025 13:44:26 +0800 Subject: [PATCH 083/103] modify max perm num from 1000 to 1024 Signed-off-by: xia-bubai --- .../innerkits/accesstoken/src/accesstoken_manager_client.cpp | 2 +- .../PermisionDialogTest/get_self_permission_state_test.cpp | 2 +- .../main/cpp/src/service/accesstoken_manager_service.cpp | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index cc2de1369..1b2387926 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -36,7 +36,7 @@ static constexpr int32_t VALUE_MAX_LEN = 32; static const char* ACCESS_TOKEN_SERVICE_INIT_KEY = "accesstoken.permission.init"; std::recursive_mutex g_instanceMutex; static const int32_t SA_ID_ACCESSTOKEN_MANAGER_SERVICE = 3503; -static const int MAX_PERMISSION_SIZE = 1000; +static const int MAX_PERMISSION_SIZE = 1024; static const int32_t MAX_USER_POLICY_SIZE = 1024; static const int32_t MAX_EXTENDED_VALUE_LIST_SIZE = 512; } // namespace diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp index e183d7961..c8e47b449 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp @@ -22,7 +22,7 @@ namespace Security { namespace AccessToken { using namespace testing::ext; namespace { -static const int MAX_PERMISSION_SIZE = 1000; +static const int MAX_PERMISSION_SIZE = 1024; static const std::string TEST_BUNDLE_NAME = "ohos"; static const int TEST_USER_ID = 0; static const std::string LOCATION_PERMISSION = "ohos.permission.LOCATION"; diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index ccdf0fff3..6c01fa72c 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -70,7 +70,7 @@ const char* APPLICATION_SETTING_ABILITY_NAME = "com.ohos.permissionmanager.MainA const char* DEVELOPER_MODE_STATE = "const.security.developermode.state"; const std::string MANAGE_HAP_TOKENID_PERMISSION = "ohos.permission.MANAGE_HAP_TOKENID"; -static constexpr int MAX_PERMISSION_SIZE = 1000; +static constexpr int MAX_PERMISSION_SIZE = 1024; static constexpr int32_t MAX_USER_POLICY_SIZE = 1024; const std::string GRANT_SENSITIVE_PERMISSIONS = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS"; const std::string REVOKE_SENSITIVE_PERMISSIONS = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS"; @@ -298,7 +298,7 @@ int32_t AccessTokenManagerService::GetPermissionsStatus(AccessTokenID tokenID, uint32_t size = reqPermList.size(); if (size > MAX_PERMISSION_SIZE) { LOGE(ATM_DOMAIN, ATM_TAG, "PermList size %{public}d is invalid", size); - return INVALID_OPER; + return AccessTokenError::ERR_PARAM_INVALID; } if (!AccessTokenInfoManager::GetInstance().IsTokenIdExist(tokenID)) { -- Gitee From 1ba4cff0b4266bd0e4808039ad35f2f65b65a803 Mon Sep 17 00:00:00 2001 From: lihehe Date: Sat, 10 May 2025 16:55:25 +0800 Subject: [PATCH 084/103] add self check for permission definition Signed-off-by: lihehe Change-Id: I3a8fe0dc613d20e7ebf172b64a4c046a69d6121e --- .gitee/PULL_REQUEST_TEMPLATE.zh-CN.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.gitee/PULL_REQUEST_TEMPLATE.zh-CN.md b/.gitee/PULL_REQUEST_TEMPLATE.zh-CN.md index 34c0efe84..77d3a2ac9 100644 --- a/.gitee/PULL_REQUEST_TEMPLATE.zh-CN.md +++ b/.gitee/PULL_REQUEST_TEMPLATE.zh-CN.md @@ -9,6 +9,13 @@ 3、手工用例(自验证步骤/预期结果/实际结果): +### 权限合入自检: +- [ ] 是否需要合入权限定义 + - [ ] 仅向系统服务开放的权限(availableType为SERVICE的权限)不允许合入global_system_resources仓 + - [ ] 非SERVICE的权限与global_system_resources联合构建,即两笔pr关联同一个issue + - [ ] 填入必要参数name/grantMode/availableLevel/since/provisionEnable/distributedSceneEnable, 且与global_system_resources中声明(如果有)一致 + - [ ] 声明权限生效的设备平台范围deviceTypes,以列表方式声明("deviceTypes" : [ "xxx", "xxx"]),权限在所有设备通用为"general",非全平台生效按需填写,包括但不限于"phone"、"wearable"、"tablet"、"2in1"、"tv"、"car" + ### 安全编码自检: - [ ] 裸指针避免通过隐式转换构造为sptr - [ ] json对象在取值之前必须先判断类型,避免类型不匹配 -- Gitee From f8ec735b0d55f6523768d62a8d4b4fb15cf22da5 Mon Sep 17 00:00:00 2001 From: dingqiaoqiao Date: Mon, 12 May 2025 10:18:42 +0800 Subject: [PATCH 085/103] add ohos.permission.CUSTOMIZE_SAVE_BUTTON Signed-off-by: dingqiaoqiao Change-Id: Ic0f71fa0d71d81a46c3cce5338c06574c543d6c6 --- .../accesstokenmanager/permission_definitions.json | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 4f6279b9e..5de51cac6 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6433,6 +6433,17 @@ "provisionEnable": true, "distributedSceneEnable": false }, + { + "name": "ohos.permission.CUSTOMIZE_SAVE_BUTTON", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "NORMAL", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] + }, { "name": "ohos.permission.SEND_NOTIFICATION_CROSS_USER", "grantMode": "system_grant", -- Gitee From e78c50e9470772ccd7881060e6b695e80dccaa29 Mon Sep 17 00:00:00 2001 From: fanzexuan Date: Mon, 12 May 2025 10:46:17 +0800 Subject: [PATCH 086/103] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=97=A0=E9=9A=9C?= =?UTF-8?q?=E7=A2=8D=E6=9D=83=E9=99=90=E5=90=88=E5=85=A5=E4=B8=BB=E5=B9=B2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: fanzexuan --- .../accesstokenmanager/permission_definitions.json | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 4f6279b9e..14dcfafa3 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6462,6 +6462,17 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.ACCESSIBILITY_EXTENSION_ABILITY", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["general"] } ] } -- Gitee From 281cec66b4b98ef8f053a9e03e9da50dbf87950d Mon Sep 17 00:00:00 2001 From: shenxinchen Date: Mon, 12 May 2025 10:08:08 +0800 Subject: [PATCH 087/103] add READ_PARENT_CONTROL_DATA WRITE_PARENT_CONTROL_DATA Signed-off-by: shenxinchen --- .../permission_definitions.json | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 4f6279b9e..61f842db9 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6462,6 +6462,28 @@ "deprecated": "", "provisionEnable": true, "distributedSceneEnable": false + }, + { + "name": "ohos.permission.READ_PARENT_CONTROL_DATA", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 19, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] + }, + { + "name": "ohos.permission.WRITE_PARENT_CONTROL_DATA", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 19, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] } ] } -- Gitee From 771aacbfad08d92a2ed4e6e99a1d5dbdda6f7eb1 Mon Sep 17 00:00:00 2001 From: jinduo Date: Mon, 12 May 2025 19:50:04 +0800 Subject: [PATCH 088/103] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=9D=83=E9=99=90=20?= =?UTF-8?q?ohos.permission.READ=5FSOUND=5FRECORD=5FIN=5FFILE=5FMANAGER=20o?= =?UTF-8?q?hos.permission.WRITE=5FSOUND=5FRECORD=5FIN=5FFILE=5FMANAGER?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: jinduo --- .../permission_definitions.json | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 23cc333c5..5dfb2c039 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -4555,6 +4555,28 @@ "provisionEnable": true, "distributedSceneEnable": false }, + { + "name": "ohos.permission.READ_SOUND_RECORD_IN_FILE_MANAGER", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] + }, + { + "name": "ohos.permission.WRITE_SOUND_RECORD_IN_FILE_MANAGER", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] + }, { "name": "ohos.permission.CUSTOM_SCREEN_CAPTURE", "grantMode": "user_grant", -- Gitee From 5fe512e5390746007aefca9d42500220b3d805d1 Mon Sep 17 00:00:00 2001 From: chennian Date: Mon, 12 May 2025 21:24:42 +0800 Subject: [PATCH 089/103] add dlclose of ability_manager Signed-off-by: chennian Change-Id: I92b430169528fee913855c8c920a82b14210b904 --- services/accesstokenmanager/BUILD.gn | 3 +++ .../cpp/include/permission/permission_manager.h | 2 +- .../cpp/src/permission/permission_manager.cpp | 16 +++++++++++----- services/common/json_parse/BUILD.gn | 4 ---- 4 files changed, 15 insertions(+), 10 deletions(-) diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index a77405e66..7d5f3bbd0 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -201,5 +201,8 @@ if (is_standard_system) { sources += [ "main/cpp/src/seccomp/sec_comp_enhance_agent.cpp" ] } + if ("${target_platform}" == "watch" || "${target_platform}" == "wearable") { + cflags_cc += [ "-DDYNAMIC_CLOSE_LIBS" ] + } } } diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h index 14cd8a00a..ad1e37d9b 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h @@ -116,7 +116,7 @@ private: bool GetLocationPermissionState(AccessTokenID tokenID, std::vector& reqPermList, std::vector& permsList, int32_t apiVersion, const LocationIndex& locationIndex); bool IsPermissionStateOrFlagMatched(const PermissionStatus& stata1, const PermissionStatus& stata2); - AbilityManagerAccessLoaderInterface* GetAbilityManager(); + std::shared_ptr GetAbilityManager(); PermissionGrantEvent grantEvent_; static std::recursive_mutex mutex_; diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index e8f12d457..0ed5208fb 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -263,16 +263,18 @@ int PermissionManager::GetPermissionFlag(AccessTokenID tokenID, const std::strin return ret; } -AbilityManagerAccessLoaderInterface* PermissionManager::GetAbilityManager() +std::shared_ptr PermissionManager::GetAbilityManager() { +#ifdef DYNAMIC_CLOSE_LIBS + return std::make_shared(ABILITY_MANAGER_LIBPATH); +#endif if (abilityManagerLoader_ == nullptr) { std::lock_guard lock(abilityManagerMutex_); if (abilityManagerLoader_ == nullptr) { abilityManagerLoader_ = std::make_shared(ABILITY_MANAGER_LIBPATH); } } - - return abilityManagerLoader_->GetObject(); + return abilityManagerLoader_; } int32_t PermissionManager::RequestAppPermOnSetting(const HapTokenInfo& hapInfo, @@ -290,7 +292,9 @@ int32_t PermissionManager::RequestAppPermOnSetting(const HapTokenInfo& hapInfo, .callerTokenId = IPCSkeleton::GetCallingTokenID() }; - AbilityManagerAccessLoaderInterface* abilityManager = GetAbilityManager(); + std::shared_ptr abilityManagerLoader = GetAbilityManager(); + AbilityManagerAccessLoaderInterface* abilityManager = + abilityManagerLoader->GetObject(); if (abilityManager == nullptr) { LOGE(ATM_DOMAIN, ATM_TAG, "AbilityManager is nullptr!"); return AccessTokenError::ERR_SERVICE_ABNORMAL; @@ -372,7 +376,9 @@ int32_t PermissionManager::UpdateTokenPermissionState( // To notify kill process when perm is revoke if (needKill && (!isGranted && !isSecCompGrantedBefore)) { LOGI(ATM_DOMAIN, ATM_TAG, "(%{public}s) is revoked, kill process(%{public}u).", permission.c_str(), id); - AbilityManagerAccessLoaderInterface* abilityManager = GetAbilityManager(); + std::shared_ptr abilityManagerLoader = GetAbilityManager(); + AbilityManagerAccessLoaderInterface* abilityManager = + abilityManagerLoader->GetObject(); if (abilityManager == nullptr) { LOGE(ATM_DOMAIN, ATM_TAG, "AbilityManager is nullptr!"); } else if ((ret = abilityManager->KillProcessForPermissionUpdate(id)) != ERR_OK) { diff --git a/services/common/json_parse/BUILD.gn b/services/common/json_parse/BUILD.gn index 6b340009f..52a340885 100644 --- a/services/common/json_parse/BUILD.gn +++ b/services/common/json_parse/BUILD.gn @@ -98,9 +98,5 @@ ohos_shared_library("accesstoken_cjson_utils") { "c_utils:utils", "hilog:libhilog", ] - if (customization_config_policy_enable) { - cflags_cc += [ "-DCUSTOMIZATION_CONFIG_POLICY_ENABLE" ] - external_deps += [ "config_policy:configpolicy_util" ] - } } } -- Gitee From cc6dc2fb16125af72ab5227f4ac4b05a4e61e7c5 Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 13 May 2025 13:38:16 +0800 Subject: [PATCH 090/103] =?UTF-8?q?=E8=93=9D=E9=BB=84=E5=B7=AE=E5=BC=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian Change-Id: I8bffb34ea69d5c1f56e2af47ca055168128a4fc5 --- .../include/accesstoken_service_ipc_interface_code.h | 1 - frameworks/common/permission_definition_parser.py | 1 + frameworks/js/napi/accesstoken/src/napi_atmanager.cpp | 1 - .../el5filekeymanager/include/el5_filekey_manager_kit.h | 2 +- interfaces/innerkits/accesstoken/include/access_token_error.h | 2 +- services/common/json_parse/src/json_parse_loader.cpp | 2 +- .../privacymanager/include/service/privacy_manager_service.h | 4 ++-- .../test/coverage/permission_record_manager_coverage_test.cpp | 3 +++ .../test/unittest/permission_record_manager_test.cpp | 4 ++++ services/tokensyncmanager/src/remote/soft_bus_manager.cpp | 2 ++ 10 files changed, 15 insertions(+), 7 deletions(-) diff --git a/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h b/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h index 07d0e107b..1faa90993 100644 --- a/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h +++ b/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h @@ -67,7 +67,6 @@ enum class AccessTokenInterfaceCode { DUMP_PERM_DEFINITION_INFO, GET_VERSION, GET_PERMISSION_MANAGER_INFO, - GET_NATIVE_TOKEN_NAME, INIT_USER_POLICY, UPDATE_USER_POLICY, CLEAR_USER_POLICY, diff --git a/frameworks/common/permission_definition_parser.py b/frameworks/common/permission_definition_parser.py index 014e65fea..129aff028 100755 --- a/frameworks/common/permission_definition_parser.py +++ b/frameworks/common/permission_definition_parser.py @@ -85,6 +85,7 @@ JSON_VALUE_CONVERT_TO_CPP_DICT = { CONVERT_TARGET_PLATFORM = { "phone": "phone", "watch": "wearable", + "wearable": "wearable", "tablet": "tablet", "pc": "2in1", "tv": "tv", diff --git a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp index 9a12d0cc0..3eecddd87 100644 --- a/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp +++ b/frameworks/js/napi/accesstoken/src/napi_atmanager.cpp @@ -1432,7 +1432,6 @@ napi_value NapiAtManager::RegisterPermStateChangeCallback(napi_env env, napi_cal std::string errMsg = GetErrorMessage(JsErrorCode::JS_ERROR_PARAM_INVALID); NAPI_CALL(env, napi_throw(env, GenerateBusinessError(env, JsErrorCode::JS_ERROR_PARAM_INVALID, errMsg))); } - return nullptr; } int32_t result; diff --git a/interfaces/inner_api/el5filekeymanager/include/el5_filekey_manager_kit.h b/interfaces/inner_api/el5filekeymanager/include/el5_filekey_manager_kit.h index 61b4077e5..eb833f970 100644 --- a/interfaces/inner_api/el5filekeymanager/include/el5_filekey_manager_kit.h +++ b/interfaces/inner_api/el5filekeymanager/include/el5_filekey_manager_kit.h @@ -85,7 +85,7 @@ public: */ static int32_t RegisterCallback(const sptr &callback); /** - * @brief Get key infos of the specified user. + * @brief Get all key infos of the specified user * @param userId The user id * @param keyInfos Key infos of the specified user id, as query result * @return error code, see el5_filekey_manager_error.h diff --git a/interfaces/innerkits/accesstoken/include/access_token_error.h b/interfaces/innerkits/accesstoken/include/access_token_error.h index 80c4b10f8..fd3076ec8 100644 --- a/interfaces/innerkits/accesstoken/include/access_token_error.h +++ b/interfaces/innerkits/accesstoken/include/access_token_error.h @@ -73,9 +73,9 @@ enum AccessTokenError { ERR_DATABASE_OPERATE_FAILED, ERR_SIZE_NOT_EQUAL, ERR_PERM_REQUEST_CFG_FAILED, - ERR_LOAD_SO_FAILED, ERR_USER_POLICY_INITIALIZED, ERR_USER_POLICY_NOT_INITIALIZED, + ERR_LOAD_SO_FAILED, ERR_REMOTE_CONNECTION, ERR_ADD_DEATH_RECIPIENT_FAILED, ERR_PRASE_RAW_DATA_FAILED, diff --git a/services/common/json_parse/src/json_parse_loader.cpp b/services/common/json_parse/src/json_parse_loader.cpp index 2998452af..e237e8c8f 100644 --- a/services/common/json_parse/src/json_parse_loader.cpp +++ b/services/common/json_parse/src/json_parse_loader.cpp @@ -169,7 +169,7 @@ bool GetAtCfgFromJson(const CJson* j, AccessTokenServiceConfig& a) return false; } - if (!GetStringFromJson(j, GRANT_SERVICE_ABILITY_NAME_KEY, a.grantAbilityName)) { + if (!GetStringFromJson(j, GRANT_SERVICE_ABILITY_NAME_KEY, a.grantServiceAbilityName)) { return false; } diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h index 9cd117d47..bb17b1a4c 100644 --- a/services/privacymanager/include/service/privacy_manager_service.h +++ b/services/privacymanager/include/service/privacy_manager_service.h @@ -42,12 +42,12 @@ public: int32_t AddPermissionUsedRecord(const AddPermParamInfoParcel& infoParcel) override; int32_t AddPermissionUsedRecordAsync(const AddPermParamInfoParcel& infoParcel) override; - int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) override; - int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) override; int32_t StartUsingPermission(const PermissionUsedTypeInfoParcel &infoParcel, const sptr& anonyStub) override; int32_t StartUsingPermissionCallback(const PermissionUsedTypeInfoParcel &infoParcel, const sptr& callback, const sptr& anonyStub) override; + int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status) override; + int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status) override; int32_t StopUsingPermission(AccessTokenID tokenId, int32_t pid, const std::string& permissionName) override; int32_t RemovePermissionUsedRecords(AccessTokenID tokenId) override; int32_t GetPermissionUsedRecords( diff --git a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp index 1cc14c11e..f6797bc93 100644 --- a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp +++ b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp @@ -1179,6 +1179,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Leve { EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); + bool isMuteCamera = CameraManagerAdapter::GetInstance().IsCameraMuted(); // true means close PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::CAMERA, true, RANDOM_TOKENID); @@ -1194,6 +1195,8 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Leve sleep(3); // wait for dialog disappear ASSERT_EQ(0, PermissionRecordManager::GetInstance().StopUsingPermission( tokenId, PID, "ohos.permission.CAMERA", CALLER_PID)); + PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::CAMERA, isMuteCamera, + RANDOM_TOKENID); } /* diff --git a/services/privacymanager/test/unittest/permission_record_manager_test.cpp b/services/privacymanager/test/unittest/permission_record_manager_test.cpp index 132ae91ae..9fadaf10b 100644 --- a/services/privacymanager/test/unittest/permission_record_manager_test.cpp +++ b/services/privacymanager/test/unittest/permission_record_manager_test.cpp @@ -61,6 +61,7 @@ static AccessTokenID g_selfTokenId = 0; static AccessTokenID g_nativeToken = 0; static bool g_isMicEdmMute = false; static bool g_isMicMixMute = false; +static bool g_isMicMute = false; static constexpr int32_t TEST_USER_ID_10 = 10; static constexpr int32_t TEST_INVALID_USER_ID = -1; static constexpr int32_t TEST_INVALID_USER_ID_20000 = 20000; @@ -152,6 +153,7 @@ void PermissionRecordManagerTest::SetUpTestCase() g_isMicMixMute = PermissionRecordManager::GetInstance().isMicMixMute_; PermissionRecordManager::GetInstance().isMicEdmMute_ = false; PermissionRecordManager::GetInstance().isMicMixMute_ = false; + g_isMicMute = AudioManagerAdapter::GetInstance().GetPersistentMicMuteState(); } void PermissionRecordManagerTest::TearDownTestCase() @@ -184,6 +186,8 @@ void PermissionRecordManagerTest::SetUp() void PermissionRecordManagerTest::TearDown() { + PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::PRIVACY, CallerType::MICROPHONE, g_isMicMute, + RANDOM_TOKENID); AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); PrivacyTestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID); diff --git a/services/tokensyncmanager/src/remote/soft_bus_manager.cpp b/services/tokensyncmanager/src/remote/soft_bus_manager.cpp index c89da2c5e..82cf5470a 100644 --- a/services/tokensyncmanager/src/remote/soft_bus_manager.cpp +++ b/services/tokensyncmanager/src/remote/soft_bus_manager.cpp @@ -525,6 +525,8 @@ int SoftBusManager::FulfillLocalDeviceInfo() } std::string networkId = std::string(deviceInfo.networkId); + LOGD(ATM_DOMAIN, ATM_TAG, "Call softbus finished, type:%{public}d", deviceInfo.deviceTypeId); + std::string uuid; std::string udid; -- Gitee From 94ff1c46497b445f0bd655e657e038d6f1ff4c15 Mon Sep 17 00:00:00 2001 From: niyisheng Date: Tue, 13 May 2025 15:56:28 +0800 Subject: [PATCH 091/103] add ohos.permission.ENTERPRISE_ACCESS_DLP_FILE Signed-off-by: niyisheng --- .../accesstokenmanager/permission_definitions.json | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 85761d758..5620a4fcc 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6372,6 +6372,17 @@ "provisionEnable": true, "distributedSceneEnable": true }, + { + "name": "ohos.permission.ENTERPRISE_ACCESS_DLP_FILE", + "grantMode": "system_grant", + "availableLevel": "system_core", + "availableType": "SYSTEM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["2in1"] + }, { "name": "ohos.permission.GET_FILE_ICON", "grantMode": "system_grant", -- Gitee From ea007b2da5c2dcab001a1ab9bc24b301f65ed48d Mon Sep 17 00:00:00 2001 From: jxw Date: Tue, 13 May 2025 20:11:32 +0800 Subject: [PATCH 092/103] add network simulate permission Signed-off-by: jxw --- .../accesstokenmanager/permission_definitions.json | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 4243a5385..5964abb13 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6506,6 +6506,17 @@ "provisionEnable": true, "distributedSceneEnable": false, "deviceTypes": ["phone", "2in1", "tablet"] + }, + { + "name": "ohos.permission.NETWORK_SIMULATE", + "grantMode": "system_grant", + "availableLevel": "system_core", + "availableType": "SYSTEM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone"] } ] } -- Gitee From 8af3dfab147e56ec1b7cf7ecce812bc1a2fb4891 Mon Sep 17 00:00:00 2001 From: y30045862 Date: Wed, 14 May 2025 14:47:23 +0800 Subject: [PATCH 093/103] add ALLOW_IOURING policy Signed-off-by: yangjingbo10 Change-Id: I6552a7d3fe877e31e35fc3cdf3ed57c2d2cc124a --- .../accesstokenmanager/permission_definitions.json | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 5d44c1701..2ff3eb12e 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6539,6 +6539,17 @@ "provisionEnable": true, "distributedSceneEnable": false, "deviceTypes": ["phone"] + }, + { + "name": "ohos.permission.ALLOW_IOURING", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["general"] } ] } -- Gitee From 4374fb9c84e17a28ee5a3385eb644a339786d6f6 Mon Sep 17 00:00:00 2001 From: liuhaodong <15005197537@163.com> Date: Wed, 14 May 2025 15:35:47 +0800 Subject: [PATCH 094/103] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=9D=83=E9=99=90oho?= =?UTF-8?q?s.permission.RESTORE=5FAPP=20Signed-off-by:=20liuhaodong=20<150?= =?UTF-8?q?05197537@163.com>?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../accesstokenmanager/permission_definitions.json | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 5d44c1701..0c3e04151 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6507,6 +6507,17 @@ "distributedSceneEnable": false, "deviceTypes": ["general"] }, + { + "name": "ohos.permission.RESTORE_APP", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "SYSTEM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] + }, { "name": "ohos.permission.READ_PARENT_CONTROL_DATA", "grantMode": "system_grant", -- Gitee From 3ec01eab18b8b1bb729bddd7623adccb54b33089 Mon Sep 17 00:00:00 2001 From: xia-bubai Date: Thu, 15 May 2025 09:35:34 +0800 Subject: [PATCH 095/103] add new tdd of SetMutePolicy Signed-off-by: xia-bubai --- .../test/unittest/src/privacy_kit_test.cpp | 13 +++++++ .../unittest/privacy_manager_service_test.cpp | 38 +++++++++++++++++++ 2 files changed, 51 insertions(+) diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index d440f889a..05534b091 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -2664,6 +2664,19 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest004, TestSize.Level1) PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID)); } +/** + * @tc.name: SetMutePolicyTest005 + * @tc.desc: hdcd without SET_MUTE_POLICY permission + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyKitTest, SetMutePolicyTest005, TestSize.Level1) +{ + MockNativeToken mock("hdcd"); + ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, + PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID)); +} + /** * @tc.name: SetHapWithFGReminder01 * @tc.desc: SetHapWithFGReminder with valid tokenId. diff --git a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp index 24060de25..055a4df11 100644 --- a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp +++ b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp @@ -1183,6 +1183,44 @@ HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner002, TestSize.Level1) EXPECT_NE(PrivacyError::ERR_PERMISSION_DENIED, ret); } +/** + * @tc.name: SetMutePolicyInner003 + * @tc.desc: SetMutePolicyInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner003, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + uint32_t policyType = 0; + uint32_t callerType = 0; + bool isMute = false; + + MockNativeToken mock("accesstoken_service"); + + int32_t ret = privacyManagerService_->SetMutePolicy(policyType, callerType, isMute, tokenID); + EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret); +} + +/** + * @tc.name: SetMutePolicyInner004 + * @tc.desc: SetMutePolicyInner test. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner004, TestSize.Level1) +{ + AccessTokenID tokenID = 123; // 123 is invalid tokenID + uint32_t policyType = 0; + uint32_t callerType = 0; + bool isMute = false; + + MockNativeToken mock("hdcd"); + + int32_t ret = privacyManagerService_->SetMutePolicy(policyType, callerType, isMute, tokenID); + EXPECT_EQ(PrivacyError::ERR_PERMISSION_DENIED, ret); +} + /** * @tc.name: SetHapWithFGReminderInner001 * @tc.desc: SetHapWithFGReminderInner test. -- Gitee From 60beff495ebb44b451511e47ab45a5bcb21c4760 Mon Sep 17 00:00:00 2001 From: chennian Date: Thu, 15 May 2025 13:20:35 +0800 Subject: [PATCH 096/103] =?UTF-8?q?=E8=93=9D=E9=BB=84=E5=B7=AE=E5=BC=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian Change-Id: Icd3604ecabb6f77ea09fc4a7075e66306595a3c5 --- .../accesstoken/test/unittest/BUILD.gn | 5 +-- .../request_permission_on_setting_test.cpp | 6 ++-- .../include/active_change_response_info.h | 2 +- .../innerkits/privacy/include/privacy_error.h | 2 +- interfaces/innerkits/tokensync/BUILD.gn | 2 +- services/accesstokenmanager/BUILD.gn | 1 - .../cpp/src/database/access_token_db_util.cpp | 2 -- .../src/permission/short_grant_manager.cpp | 8 ++--- .../accesstokenmanager/test/coverage/BUILD.gn | 1 - .../accesstokenmanager/test/mock/BUILD.gn | 1 - .../accesstokenmanager/test/unittest/BUILD.gn | 1 - .../include/record/permission_record_config.h | 35 ------------------- 12 files changed, 11 insertions(+), 55 deletions(-) delete mode 100644 services/privacymanager/include/record/permission_record_config.h diff --git a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn index b30273ac1..256106b24 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn @@ -102,10 +102,7 @@ ohos_unittest("libaccesstoken_sdk_test") { ] if (token_sync_enable == true) { cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] - external_deps += [ - "device_manager:devicemanagersdk", - "json:nlohmann_json_static", - ] + external_deps += [ "device_manager:devicemanagersdk" ] } if (dlp_permission_enable == true) { cflags_cc += [ "-DSUPPORT_SANDBOX_APP" ] diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp index 66a33771f..d3a0dfb5b 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp @@ -77,7 +77,7 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest001, TestSiz HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest002, TestSize.Level0) { std::vector reqPerm; - MockHapToken("RequestAppPermOnSettingTest002", reqPerm, false); + MockHapToken mock("RequestAppPermOnSettingTest002", reqPerm, false); AccessTokenID tokenID = 123; ASSERT_EQ(ERR_NOT_SYSTEM_APP, AccessTokenKit::RequestAppPermOnSetting(tokenID)); @@ -92,7 +92,7 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest002, TestSiz HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest003, TestSize.Level0) { std::vector reqPerm; - MockHapToken("RequestAppPermOnSettingTest003", reqPerm, true); + MockHapToken mock("RequestAppPermOnSettingTest003", reqPerm, true); HapInfoParams infoManager = { .userID = 1, @@ -133,7 +133,7 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest003, TestSiz HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest004, TestSize.Level0) { std::vector reqPerm; - MockHapToken("RequestAppPermOnSettingTest004", reqPerm, true); + MockHapToken mock("RequestAppPermOnSettingTest004", reqPerm, true); AccessTokenKit::RequestAppPermOnSetting(GetSelfTokenID()); } diff --git a/interfaces/innerkits/privacy/include/active_change_response_info.h b/interfaces/innerkits/privacy/include/active_change_response_info.h index b8a148965..ef6d349f0 100644 --- a/interfaces/innerkits/privacy/include/active_change_response_info.h +++ b/interfaces/innerkits/privacy/include/active_change_response_info.h @@ -51,7 +51,7 @@ enum ActiveChangeType { PERM_INACTIVE = 0, PERM_ACTIVE_IN_FOREGROUND = 1, PERM_ACTIVE_IN_BACKGROUND = 2, - PERM_TEMPORARY_CALL, + PERM_TEMPORARY_CALL = 3, }; /** diff --git a/interfaces/innerkits/privacy/include/privacy_error.h b/interfaces/innerkits/privacy/include/privacy_error.h index d1b622338..dc98690a6 100644 --- a/interfaces/innerkits/privacy/include/privacy_error.h +++ b/interfaces/innerkits/privacy/include/privacy_error.h @@ -63,8 +63,8 @@ enum PrivacyError { ERR_EDM_POLICY_CHECK_FAILED, ERR_PRIVACY_POLICY_CHECK_FAILED, ERR_REMOTE_CONNECTION, - ERR_ADD_DEATH_RECIPIENT_FAILED, ERR_FIRST_CALLER_NOT_EDM, + ERR_ADD_DEATH_RECIPIENT_FAILED, PRIVACY_TOGGELE_RESTRICTED, }; } // namespace AccessToken diff --git a/interfaces/innerkits/tokensync/BUILD.gn b/interfaces/innerkits/tokensync/BUILD.gn index 4053b2bf1..f9bc463a8 100644 --- a/interfaces/innerkits/tokensync/BUILD.gn +++ b/interfaces/innerkits/tokensync/BUILD.gn @@ -38,7 +38,7 @@ if (is_standard_system) { "${access_token_path}/frameworks/common/include", "${access_token_path}/frameworks/tokensync/include", "${access_token_path}/interfaces/innerkits/accesstoken/include", - "${access_token_path}/interfaces/innerkits/tokensync/include", + "include", "src", ] diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index 7d5f3bbd0..6a9884450 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -120,7 +120,6 @@ if (is_standard_system) { "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", - "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc", "${access_token_path}/services/accesstokenmanager:access_token.rc", diff --git a/services/accesstokenmanager/main/cpp/src/database/access_token_db_util.cpp b/services/accesstokenmanager/main/cpp/src/database/access_token_db_util.cpp index 21b3d9c3a..7b47a11e7 100644 --- a/services/accesstokenmanager/main/cpp/src/database/access_token_db_util.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/access_token_db_util.cpp @@ -17,8 +17,6 @@ #include -#include "token_field_const.h" - namespace OHOS { namespace Security { namespace AccessToken { diff --git a/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp index 5f7f120ec..0dcb9012b 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp @@ -165,13 +165,13 @@ int ShortGrantManager::RefreshPermission(AccessTokenID tokenID, const std::strin return RET_SUCCESS; } - uint32_t maxRemainedTime = maxTime_ - (GetCurrentTime() - iter->firstGrantTimes); - uint32_t currRemainedTime = iter->revokeTimes > GetCurrentTime() ? (iter->revokeTimes - GetCurrentTime()) : 0; + uint32_t maxRemainedTime = maxTime_ > (GetCurrentTime() - iter->firstGrantTimes) ? + (maxTime_ - (GetCurrentTime() - iter->firstGrantTimes)) : 0; + uint32_t currRemainedTime = iter->revokeTimes > GetCurrentTime() ? + (iter->revokeTimes - GetCurrentTime()) : 0; uint32_t cancelTimes = (maxRemainedTime > onceTime) ? onceTime : maxRemainedTime; - LOGI(ATM_DOMAIN, ATM_TAG, "currRemainedTime %{public}d", currRemainedTime); if (cancelTimes > currRemainedTime) { iter->revokeTimes = GetCurrentTime() + cancelTimes; - LOGI(ATM_DOMAIN, ATM_TAG, "iter->revokeTimes %{public}d", iter->revokeTimes); ShortGrantManager::GetInstance().CancelTaskOfPermissionRevoking(taskName); int32_t ret = PermissionManager::GetInstance().GrantPermission(tokenID, permission, PERMISSION_USER_FIXED); if (ret != RET_SUCCESS) { diff --git a/services/accesstokenmanager/test/coverage/BUILD.gn b/services/accesstokenmanager/test/coverage/BUILD.gn index ecc13840b..81459e576 100644 --- a/services/accesstokenmanager/test/coverage/BUILD.gn +++ b/services/accesstokenmanager/test/coverage/BUILD.gn @@ -98,7 +98,6 @@ ohos_unittest("libaccesstoken_manager_service_coverage_test") { "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared", - "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", diff --git a/services/accesstokenmanager/test/mock/BUILD.gn b/services/accesstokenmanager/test/mock/BUILD.gn index 4accc53c0..3f7f01a45 100644 --- a/services/accesstokenmanager/test/mock/BUILD.gn +++ b/services/accesstokenmanager/test/mock/BUILD.gn @@ -99,7 +99,6 @@ ohos_unittest("libpermission_manager_mock_test") { "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared", - "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", diff --git a/services/accesstokenmanager/test/unittest/BUILD.gn b/services/accesstokenmanager/test/unittest/BUILD.gn index 1074f025e..85fb1f6fb 100644 --- a/services/accesstokenmanager/test/unittest/BUILD.gn +++ b/services/accesstokenmanager/test/unittest/BUILD.gn @@ -112,7 +112,6 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") { "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared", - "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", diff --git a/services/privacymanager/include/record/permission_record_config.h b/services/privacymanager/include/record/permission_record_config.h deleted file mode 100644 index c0b82481a..000000000 --- a/services/privacymanager/include/record/permission_record_config.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_RECORD_CONFIG_H -#define INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_RECORD_CONFIG_H - -#include - -namespace OHOS { -namespace Security { -namespace AccessToken { -class PermissionRecordConfig final { -public: - int32_t sizeMaxImum; - int32_t agingTime; - std::string globalDialogBundleName; - std::string globalDialogAbilityName; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS - -#endif // INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_RECORD_CONFIG_H -- Gitee From 10762caf3e87f5993d3bef74e8a5c137d7563f0e Mon Sep 17 00:00:00 2001 From: bigtea Date: Tue, 13 May 2025 19:32:44 +0800 Subject: [PATCH 097/103] Delete ffrt Signed-off-by: bigtea --- access_token.gni | 7 --- bundle.json | 1 - services/accesstokenmanager/BUILD.gn | 5 --- .../cpp/include/callback/callback_manager.h | 7 --- .../cpp/include/token/token_modify_notifier.h | 11 ----- .../cpp/src/callback/callback_manager.cpp | 43 ------------------ .../cpp/src/permission/permission_manager.cpp | 2 +- .../permission/temp_permission_observer.cpp | 2 + .../cpp/src/token/token_modify_notifier.cpp | 45 ------------------- 9 files changed, 3 insertions(+), 120 deletions(-) diff --git a/access_token.gni b/access_token.gni index d62e2c4a4..74996a534 100644 --- a/access_token.gni +++ b/access_token.gni @@ -98,13 +98,6 @@ if (!defined(global_parts_info) || security_component_enhance_enable = false } -if (!defined(global_parts_info) || - defined(global_parts_info.resourceschedule_ffrt)) { - resourceschedule_ffrt_enable = true -} else { - resourceschedule_ffrt_enable = false -} - if (!defined(global_parts_info) || defined(global_parts_info.customization_config_policy)) { customization_config_policy_enable = true diff --git a/bundle.json b/bundle.json index 9a569db58..f98e6ef95 100644 --- a/bundle.json +++ b/bundle.json @@ -41,7 +41,6 @@ "device_manager", "dsoftbus", "eventhandler", - "ffrt", "hicollie", "hisysevent", "hitrace", diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index 7d5f3bbd0..aae43a11f 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -176,11 +176,6 @@ if (is_standard_system) { external_deps += [ "hitrace:hitrace_meter" ] } - if (resourceschedule_ffrt_enable) { - external_deps += [ "ffrt:libffrt" ] - cflags_cc += [ "-DRESOURCESCHEDULE_FFRT_ENABLE" ] - } - if (access_token_background_task_mgr_continuous_task_enable == true) { cflags_cc += [ "-DBGTASKMGR_CONTINUOUS_TASK_ENABLE" ] include_dirs += [ diff --git a/services/accesstokenmanager/main/cpp/include/callback/callback_manager.h b/services/accesstokenmanager/main/cpp/include/callback/callback_manager.h index 56f976f7c..5999aee8f 100644 --- a/services/accesstokenmanager/main/cpp/include/callback/callback_manager.h +++ b/services/accesstokenmanager/main/cpp/include/callback/callback_manager.h @@ -21,9 +21,6 @@ #include "access_token.h" #include "accesstoken_common_log.h" -#ifdef RESOURCESCHEDULE_FFRT_ENABLE -#include "ffrt.h" -#endif #include "i_permission_state_callback.h" #include "permission_state_change_info.h" #include "accesstoken_callback_proxys.h" @@ -59,11 +56,7 @@ private: int32_t changeType); void GetCallbackObjectList(AccessTokenID tokenID, const std::string& permName, std::vector>& list); -#ifdef RESOURCESCHEDULE_FFRT_ENABLE - ffrt::mutex mutex_; -#else std::mutex mutex_; -#endif std::vector callbackInfoList_; sptr callbackDeathRecipient_; }; diff --git a/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h b/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h index 7f30196bd..bff43d416 100644 --- a/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h +++ b/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h @@ -24,9 +24,7 @@ #include "i_token_sync_callback.h" #include "nocopyable.h" #include "rwlock.h" -#ifndef RESOURCESCHEDULE_FFRT_ENABLE #include "thread_pool.h" -#endif #include "callback_death_recipients.h" namespace OHOS { @@ -44,11 +42,6 @@ public: int32_t GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID); int32_t RegisterTokenSyncCallback(const sptr& callback); int32_t UnRegisterTokenSyncCallback(); -#ifdef RESOURCESCHEDULE_FFRT_ENABLE - int32_t GetCurTaskNum(); - void AddCurTaskNum(); - void ReduceCurTaskNum(); -#endif private: TokenModifyNotifier(); @@ -58,11 +51,7 @@ private: OHOS::Utils::RWLock initLock_; OHOS::Utils::RWLock listLock_; OHOS::Utils::RWLock notifyLock_; -#ifdef RESOURCESCHEDULE_FFRT_ENABLE - std::atomic_int32_t curTaskNum_; -#else OHOS::ThreadPool notifyTokenWorker_; -#endif std::set observationSet_; std::vector deleteTokenList_; std::vector modifiedTokenList_; diff --git a/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp b/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp index 70a6d93d8..a5bb52908 100644 --- a/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp @@ -30,9 +30,7 @@ namespace Security { namespace AccessToken { namespace { static const uint32_t MAX_CALLBACK_SIZE = 1024; -#ifndef RESOURCESCHEDULE_FFRT_ENABLE static const int MAX_PTHREAD_NAME_LEN = 15; // pthread name max length -#endif std::recursive_mutex g_instanceMutex; } @@ -66,11 +64,7 @@ int32_t CallbackManager::AddCallback(const PermStateChangeScope& scopeRes, const } auto callbackScopePtr = std::make_shared(scopeRes); -#ifdef RESOURCESCHEDULE_FFRT_ENABLE - std::lock_guard lock(mutex_); -#else std::lock_guard lock(mutex_); -#endif if (callbackInfoList_.size() >= MAX_CALLBACK_SIZE) { LOGE(ATM_DOMAIN, ATM_TAG, "Callback size has reached limitation"); return AccessTokenError::ERR_CALLBACKS_EXCEED_LIMITATION; @@ -96,11 +90,7 @@ int32_t CallbackManager::RemoveCallback(const sptr& callback) return AccessTokenError::ERR_PARAM_INVALID; } -#ifdef RESOURCESCHEDULE_FFRT_ENABLE - std::lock_guard lock(mutex_); -#else std::lock_guard lock(mutex_); -#endif for (auto it = callbackInfoList_.begin(); it != callbackInfoList_.end(); ++it) { if (callback == (*it).callbackObject_) { @@ -140,23 +130,6 @@ void CallbackManager::ExecuteAllCallback(std::vector>& list, const std::string& permName, int32_t changeType) { for (auto it = list.begin(); it != list.end(); ++it) { -#ifdef RESOURCESCHEDULE_FFRT_ENABLE - auto callbackSingle = [it, tokenID, permName, changeType]() { - sptr callback = new PermissionStateChangeCallbackProxy(*it); - if (callback != nullptr) { - LOGI(ATM_DOMAIN, ATM_TAG, "Callback execute, id=%{public}u perm=%{public}s changeType=%{public}d", - tokenID, permName.c_str(), changeType); - PermStateChangeInfo resInfo; - resInfo.permStateChangeType = changeType; - resInfo.permissionName = permName; - resInfo.tokenID = tokenID; - callback->PermStateChangeCallback(resInfo); - LOGI(ATM_DOMAIN, ATM_TAG, "Callback execute end, " - "id=%{public}u perm=%{public}s changeType=%{public}d", tokenID, permName.c_str(), changeType); - } - }; - ffrt::submit(callbackSingle, {}, {}, ffrt::task_attr().qos(ffrt::qos_default)); -#else sptr callback = new PermissionStateChangeCallbackProxy(*it); if (callback != nullptr) { LOGI(ATM_DOMAIN, ATM_TAG, "Callback execute"); @@ -166,21 +139,13 @@ void CallbackManager::ExecuteAllCallback(std::vector>& list, resInfo.tokenID = tokenID; callback->PermStateChangeCallback(resInfo); } -#endif } -#ifdef RESOURCESCHEDULE_FFRT_ENABLE - ffrt::wait(); -#endif } void CallbackManager::GetCallbackObjectList(AccessTokenID tokenID, const std::string& permName, std::vector>& list) { -#ifdef RESOURCESCHEDULE_FFRT_ENABLE - std::lock_guard lock(mutex_); -#else std::lock_guard lock(mutex_); -#endif for (auto it = callbackInfoList_.begin(); it != callbackInfoList_.end(); ++it) { std::shared_ptr scopePtr = (*it).scopePtr_; if (scopePtr == nullptr) { @@ -204,23 +169,15 @@ void CallbackManager::ExecuteCallbackAsync(AccessTokenID tokenID, const std::str auto callbackStart = [this, tokenID, permName, changeType]() { LOGI(ATM_DOMAIN, ATM_TAG, "CallbackStart, id=%{public}u perm=%{public}s changeType=%{public}d", tokenID, permName.c_str(), changeType); -#ifndef RESOURCESCHEDULE_FFRT_ENABLE std::string name = "AtmCallback"; pthread_setname_np(pthread_self(), name.substr(0, MAX_PTHREAD_NAME_LEN).c_str()); -#endif std::vector> list; this->GetCallbackObjectList(tokenID, permName, list); this->ExecuteAllCallback(list, tokenID, permName, changeType); }; -#ifdef RESOURCESCHEDULE_FFRT_ENABLE - std::string taskName = "AtmCallback"; - ffrt::submit_h(callbackStart, {}, {}, - ffrt::task_attr().qos(ffrt::qos_default).name(taskName.c_str())); -#else std::packaged_task callbackTask(callbackStart); std::make_unique(std::move(callbackTask))->detach(); -#endif LOGD(ATM_DOMAIN, ATM_TAG, "The callback execution is complete"); } } // namespace AccessToken diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index 5d22d190d..7f60382a8 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -602,7 +602,7 @@ int32_t PermissionManager::AddPermStateChangeCallback( if (result != RET_SUCCESS) { return result; } - return CallbackManager::GetInstance().AddCallback(scope, callback); + return CallbackManager::GetInstance().AddCallback(scopeRes, callback); } int32_t PermissionManager::RemovePermStateChangeCallback(const sptr& callback) diff --git a/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp b/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp index 6536aa1c3..60765bbd3 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp @@ -37,7 +37,9 @@ namespace { static const std::string TASK_NAME_TEMP_PERMISSION = "atm_permission_manager_temp_permission"; static const std::string FORM_INVISIBLE_NAME = "#0"; static const std::string FORM_VISIBLE_NAME = "#1"; +#ifndef ATM_BUILD_VARIANT_USER_ENABLE static constexpr int32_t ROOT_UID = 0; +#endif static constexpr int32_t FOREGROUND_FLAG = 0; static constexpr int32_t FORMS_FLAG = 1; static constexpr int32_t CONTINUOUS_TASK_FLAG = 2; diff --git a/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp b/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp index 525a1b52b..1592e423e 100644 --- a/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp @@ -20,9 +20,6 @@ #include "accesstoken_info_manager.h" #include "accesstoken_common_log.h" #include "access_token_error.h" -#ifdef RESOURCESCHEDULE_FFRT_ENABLE -#include "ffrt.h" -#endif #include "hap_token_info.h" #include "hap_token_info_inner.h" #include "libraryloader.h" @@ -35,20 +32,14 @@ namespace { std::recursive_mutex g_instanceMutex; } -#ifdef RESOURCESCHEDULE_FFRT_ENABLE -TokenModifyNotifier::TokenModifyNotifier() : hasInited_(false), curTaskNum_(0) {} -#else TokenModifyNotifier::TokenModifyNotifier() : hasInited_(false), notifyTokenWorker_("TokenModify") {} -#endif TokenModifyNotifier::~TokenModifyNotifier() { if (!hasInited_) { return; } -#ifndef RESOURCESCHEDULE_FFRT_ENABLE this->notifyTokenWorker_.Stop(); -#endif this->hasInited_ = false; } @@ -101,9 +92,7 @@ TokenModifyNotifier& TokenModifyNotifier::GetInstance() if (!instance->hasInited_) { Utils::UniqueWriteGuard infoGuard(instance->initLock_); if (!instance->hasInited_) { -#ifndef RESOURCESCHEDULE_FFRT_ENABLE instance->notifyTokenWorker_.Start(1); -#endif instance->hasInited_ = true; } } @@ -205,41 +194,8 @@ int32_t TokenModifyNotifier::UnRegisterTokenSyncCallback() return ERR_OK; } -#ifdef RESOURCESCHEDULE_FFRT_ENABLE -int32_t TokenModifyNotifier::GetCurTaskNum() -{ - return curTaskNum_.load(); -} - -void TokenModifyNotifier::AddCurTaskNum() -{ - LOGI(ATM_DOMAIN, ATM_TAG, "Add task!"); - curTaskNum_++; -} - -void TokenModifyNotifier::ReduceCurTaskNum() -{ - LOGI(ATM_DOMAIN, ATM_TAG, "Reduce task!"); - curTaskNum_--; -} -#endif - void TokenModifyNotifier::NotifyTokenChangedIfNeed() { -#ifdef RESOURCESCHEDULE_FFRT_ENABLE - if (GetCurTaskNum() > 1) { - LOGI(ATM_DOMAIN, ATM_TAG, "Has notify task! taskNum is %{public}d.", GetCurTaskNum()); - return; - } - - std::string taskName = "TokenModify"; - auto tokenModify = []() { - TokenModifyNotifier::GetInstance().NotifyTokenSyncTask(); - TokenModifyNotifier::GetInstance().ReduceCurTaskNum(); - }; - ffrt::submit(tokenModify, {}, {}, ffrt::task_attr().qos(ffrt::qos_default).name(taskName.c_str())); - AddCurTaskNum(); -#else if (notifyTokenWorker_.GetCurTaskNum() > 1) { LOGI(ATM_DOMAIN, ATM_TAG, " has notify task! taskNum is %{public}zu.", notifyTokenWorker_.GetCurTaskNum()); return; @@ -248,7 +204,6 @@ void TokenModifyNotifier::NotifyTokenChangedIfNeed() notifyTokenWorker_.AddTask([]() { TokenModifyNotifier::GetInstance().NotifyTokenSyncTask(); }); -#endif } } // namespace AccessToken } // namespace Security -- Gitee From f1fec15f8bf5cdec097b81179c6622ae13c6f22b Mon Sep 17 00:00:00 2001 From: yaobaohua Date: Thu, 15 May 2025 14:29:33 +0800 Subject: [PATCH 098/103] edm permission define Signed-off-by: yaobaohua --- .../permission_definitions.json | 66 +++++++++++++++++++ 1 file changed, 66 insertions(+) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index b7f3b161e..220f79228 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -2332,6 +2332,72 @@ "provisionEnable": true, "distributedSceneEnable": false }, + { + "name": "ohos.permission.ENTERPRISE_GET_ALL_BUNDLE_INFO", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "MDM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] + }, + { + "name": "ohos.permission.ENTERPRISE_SET_USER_RESTRICTION", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "MDM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] + }, + { + "name": "ohos.permission.ENTERPRISE_MANAGE_APN", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "MDM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] + }, + { + "name": "ohos.permission.ENTERPRISE_MANAGE_TELEPHONY", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "MDM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] + }, + { + "name": "ohos.permission.ENTERPRISE_SET_KIOSK", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "MDM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] + }, + { + "name": "ohos.permission.ENTERPRISE_SET_WALLPAPER", + "grantMode": "system_grant", + "availableLevel": "system_basic", + "availableType": "MDM", + "since": 20, + "deprecated": "", + "provisionEnable": true, + "distributedSceneEnable": false, + "deviceTypes": ["phone", "2in1", "tablet"] + }, { "name": "ohos.permission.PUBLISH_ENTERPRISE_POLICY_EVENT", "grantMode": "system_grant", -- Gitee From 714da46ecb4f64600d7e628d46b4de7bec3b51ad Mon Sep 17 00:00:00 2001 From: BrainL Date: Mon, 12 May 2025 17:21:00 +0800 Subject: [PATCH 099/103] api18-20 Signed-off-by: BrainL --- services/accesstokenmanager/permission_definitions.json | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/permission_definitions.json b/services/accesstokenmanager/permission_definitions.json index 23cc333c5..8194644e8 100644 --- a/services/accesstokenmanager/permission_definitions.json +++ b/services/accesstokenmanager/permission_definitions.json @@ -6378,10 +6378,11 @@ "grantMode": "system_grant", "availableLevel": "system_core", "availableType": "SERVICE", - "since": 18, + "since": 20, "deprecated": "", "provisionEnable": true, - "distributedSceneEnable": true + "distributedSceneEnable": true, + "deviceTypes": ["phone", "tablet"] }, { "name": "ohos.permission.GET_FILE_ICON", -- Gitee From ea92670f52816fed06b1a23f9f8d1c4091a87580 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=A8=E4=B8=80=E8=B5=AB?= Date: Thu, 15 May 2025 21:29:58 +0800 Subject: [PATCH 100/103] IDL Feature MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 杨一赫 --- .../window_manager/src/privacy_mock_session_manager_proxy.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp b/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp index 2f4586b9e..673ad079a 100644 --- a/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp +++ b/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp @@ -36,6 +36,9 @@ sptr PrivacyMockSessionManagerProxy::GetSessionManagerService() LOGE(PRI_DOMAIN, PRI_TAG, "SendRequest failed"); return nullptr; } + if (reply.ReadInt32() != ERR_NONE) { + LOGE(PRI_DOMAIN, PRI_TAG, "Read reslt failed"); + } sptr remoteObject = reply.ReadRemoteObject(); return remoteObject; } -- Gitee From fe6623ff2bb932fa8dd38170e7be368a412910e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=A8=E4=B8=80=E8=B5=AB?= Date: Fri, 16 May 2025 09:50:09 +0800 Subject: [PATCH 101/103] log fix MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 杨一赫 --- .../window_manager/src/privacy_mock_session_manager_proxy.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp b/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp index 673ad079a..b2787ab6b 100644 --- a/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp +++ b/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp @@ -37,7 +37,7 @@ sptr PrivacyMockSessionManagerProxy::GetSessionManagerService() return nullptr; } if (reply.ReadInt32() != ERR_NONE) { - LOGE(PRI_DOMAIN, PRI_TAG, "Read reslt failed"); + LOGE(PRI_DOMAIN, PRI_TAG, "Read result failed"); } sptr remoteObject = reply.ReadRemoteObject(); return remoteObject; -- Gitee From 600e8ffb0113eee7c3b1ea10012d73713132fb21 Mon Sep 17 00:00:00 2001 From: chennian Date: Thu, 15 May 2025 23:43:49 +0800 Subject: [PATCH 102/103] =?UTF-8?q?tdd=E5=88=92=E5=88=86=E6=A8=A1=E5=9D=97?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian Change-Id: I69b02b3600d34f26b4bcd8f86e432a8de9d97260 --- access_token.gni | 3 + frameworks/test/unittest/BUILD.gn | 3 +- .../accesstoken/test/unittest/BUILD.gn | 6 +- .../alloc_local_token_id_test.cpp | 4 +- .../delete_remote_device_tokens_test.cpp | 6 +- .../delete_remote_token_test.cpp | 10 +- .../get_hap_token_info_from_remote_test.cpp | 8 +- .../get_remote_native_tokenid_test.cpp | 2 +- .../register_token_sync_callback_test.cpp | 6 +- .../set_remote_hap_token_info_test.cpp | 22 +-- .../DlpTest/clone_app_permission_test.cpp | 22 +-- .../share_permission_with_sandbox_test.cpp | 18 +- .../EdmPolicyTest/edm_policy_set_test.cpp | 26 +-- .../get_permission_flag_test.cpp | 4 +- .../get_permissions_status_test.cpp | 14 +- .../permission_request_toggle_status_test.cpp | 4 +- .../HapTokenTest/alloc_hap_token_test.cpp | 38 ++-- .../app_installation_optimized_test.cpp | 58 +++--- .../HapTokenTest/delete_token_test.cpp | 10 +- .../HapTokenTest/get_hap_token_test.cpp | 24 +-- .../HapTokenTest/get_token_type_test.cpp | 4 +- .../HapTokenTest/init_hap_token_test.cpp | 58 +++--- .../HapTokenTest/update_hap_token_test.cpp | 62 +++--- .../PermDenyTest/accesstoken_deny_test.cpp | 60 +++--- .../accesstoken_location_request_test.cpp | 100 +++++----- .../get_self_permission_state_test.cpp | 18 +- .../get_self_permission_status_test.cpp | 18 +- .../request_permission_on_setting_test.cpp | 1 - .../set_perm_dialog_cap_test.cpp | 4 +- .../PermissionsTest/get_permission_test.cpp | 26 +-- ...ant_permission_for_specified_time_test.cpp | 12 +- .../ProxyMockTest/accesstoken_mock_test.cpp | 80 ++++---- ...gister_perm_state_change_callback_test.cpp | 44 ++--- ...gister_perm_state_change_callback_test.cpp | 18 +- .../SaTest/get_native_token_id_test.cpp | 10 +- .../SaTest/get_native_token_info_test.cpp | 8 +- .../security_component_grant_test.cpp | 24 +-- .../innerkits/analysis_model/test/BUILD.gn | 3 +- .../innerkits/nativetoken/test/BUILD.gn | 6 +- .../unittest/mock/nativetoken_oper_test.cpp | 20 +- .../unittest/src/nativetoken_kit_test.cpp | 28 +-- .../unittest/src/nativetoken_oper_test.cpp | 12 +- interfaces/innerkits/privacy/test/BUILD.gn | 6 +- .../privacy_mock_test/privacy_kit_test.cpp | 22 +-- .../unittest/src/permission_deny_test.cpp | 12 +- .../test/unittest/src/privacy_kit_test.cpp | 184 +++++++++--------- .../innerkits/token_callback/test/BUILD.gn | 3 +- .../innerkits/token_setproc/test/BUILD.gn | 3 +- .../unittest/src/tokensetproc_kit_test.cpp | 90 ++++----- interfaces/innerkits/tokensync/test/BUILD.gn | 3 +- .../test/unittest/src/token_sync_kit_test.cpp | 6 +- .../accesstokenmanager/test/coverage/BUILD.gn | 3 +- .../accesstokenmanager/test/mock/BUILD.gn | 3 +- .../mock/permission_manager_mock_test.cpp | 2 +- .../accesstokenmanager/test/unittest/BUILD.gn | 3 +- .../unittest/accesstoken_database_test.cpp | 2 +- .../accesstoken_info_manager_test.cpp | 154 +++++++-------- .../unittest/native_token_receptor_test.cpp | 10 +- .../unittest/permission_grant_event_test.cpp | 6 +- .../test/unittest/permission_manager_test.cpp | 82 ++++---- .../unittest/short_grant_manager_test.cpp | 8 +- services/common/database/test/BUILD.gn | 3 +- .../database/test/unittest/database_test.cpp | 22 +-- services/common/json_parse/test/BUILD.gn | 3 +- .../test/unittest/cjson_utils_test.cpp | 30 +-- .../test/unittest/json_parse_test.cpp | 24 +-- services/common/window_manager/test/BUILD.gn | 3 +- .../privacymanager/test/coverage/BUILD.gn | 3 +- services/privacymanager/test/tool/BUILD.gn | 3 +- .../test/tool/camera_window_create.cpp | 2 +- .../privacymanager/test/unittest/BUILD.gn | 3 +- .../unittest/permission_record_db_test.cpp | 62 +++--- .../permission_record_manager_test.cpp | 82 ++++---- .../unittest/permission_record_set_test.cpp | 90 ++++----- .../privacy_manager_proxy_death_test.cpp | 8 +- .../unittest/privacy_manager_service_test.cpp | 110 +++++------ .../tokensyncmanager/test/coverage/BUILD.gn | 3 +- .../token_sync_service_coverage_test.cpp | 8 +- .../tokensyncmanager/test/unittest/BUILD.gn | 3 +- .../test/unittest/token_sync_service_test.cpp | 84 ++++---- 80 files changed, 1016 insertions(+), 1036 deletions(-) diff --git a/access_token.gni b/access_token.gni index d62e2c4a4..6a2580a3b 100644 --- a/access_token.gni +++ b/access_token.gni @@ -21,6 +21,9 @@ module_output_path_interface_access_token = module_output_path_service_privacy = "access_token/access_token/service_privacy" module_output_path_service_access_token = "access_token/access_token/service_access_token" +module_output_path_unittest_accesstoken = "access_token/access_token" +module_output_path_unittest_privacy = "access_token/privacy" + VENDOR_CONFIG_PATH = rebase_path( "//vendor/${product_company}/${product_name}/base/security/access_token/access_token_impl.gni") CMD = "if [ -f ${VENDOR_CONFIG_PATH} ]; then echo true; else echo false; fi" diff --git a/frameworks/test/unittest/BUILD.gn b/frameworks/test/unittest/BUILD.gn index 2d749d265..a5800918e 100644 --- a/frameworks/test/unittest/BUILD.gn +++ b/frameworks/test/unittest/BUILD.gn @@ -26,8 +26,7 @@ config("accesstoken_test_config") { ohos_unittest("libaccesstoken_framework_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn index 256106b24..a01a3cbf6 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/unittest/BUILD.gn @@ -16,8 +16,7 @@ import("../../../../../access_token.gni") ohos_unittest("libaccesstoken_sdk_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true @@ -115,8 +114,7 @@ ohos_unittest("libaccesstoken_sdk_test") { ohos_unittest("accesstoken_mock_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp index f4aa037bb..f9c77dc83 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp @@ -130,7 +130,7 @@ void AllocLocalTokenIDTest::TearDown() * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(AllocLocalTokenIDTest, AllocLocalTokenIDFuncTest001, TestSize.Level1) +HWTEST_F(AllocLocalTokenIDTest, AllocLocalTokenIDFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "AllocLocalTokenIDFuncTest001 start."); HapInfoParams infoParms = { @@ -164,7 +164,7 @@ HWTEST_F(AllocLocalTokenIDTest, AllocLocalTokenIDFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(AllocLocalTokenIDTest, AllocLocalTokenIDFuncTest002, TestSize.Level1) +HWTEST_F(AllocLocalTokenIDTest, AllocLocalTokenIDFuncTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "AllocLocalTokenIDFuncTest002 start."); MockNativeToken mock("token_sync_service"); diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp index 558f809a3..527346073 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp @@ -131,7 +131,7 @@ void DeleteRemoteDeviceTokensTest::TearDown() * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest001, TestSize.Level1) +HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest001, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteDeviceTokensFuncTest001 start."); @@ -180,7 +180,7 @@ HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest001, Test * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest002, TestSize.Level1) +HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest002, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteDeviceTokensFuncTest002 start."); @@ -226,7 +226,7 @@ HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest002, Test * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensAbnormalTest001, TestSize.Level1) +HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteDeviceTokensAbnormalTest001 start."); SetSelfTokenID(g_selfTokenId); diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp index e3f7cabce..681a23acd 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp @@ -137,7 +137,7 @@ void DeleteRemoteTokenTest::TearDown() * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest001, TestSize.Level1) +HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteTokenAbnormalTest001 start."); MockNativeToken mock("token_sync_service"); @@ -160,7 +160,7 @@ HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest002, TestSize.Level1) +HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteTokenAbnormalTest002 start."); std::string device = "device"; @@ -174,7 +174,7 @@ HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenAbnormalTest002, TestSize.Level * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest001, TestSize.Level1) +HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest001, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteTokenFuncTest001 start."); @@ -215,7 +215,7 @@ HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest002, TestSize.Level1) +HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest002, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteTokenFuncTest002 start."); @@ -259,7 +259,7 @@ HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest003, TestSize.Level1) +HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest003, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "DeleteRemoteTokenFuncTest003 start."); diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp index fe3b10e11..f3b65df1e 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp @@ -142,7 +142,7 @@ void GetHapTokenInfoFromRemoteTest::TearDown() * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest001, TestSize.Level1) +HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenInfoFromRemoteFuncTest001 start."); @@ -178,7 +178,7 @@ HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest001, Te * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest002, TestSize.Level1) +HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest002, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenInfoFromRemoteFuncTest002 start."); @@ -215,7 +215,7 @@ HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest002, Te * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteAbnormalTest001, TestSize.Level1) +HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenInfoFromRemoteAbnormalTest001 start."); HapTokenInfoForSync infoSync; @@ -229,7 +229,7 @@ HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteAbnormalTest001 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteAbnormalTest002, TestSize.Level1) +HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenInfoFromRemoteAbnormalTest002 start."); EXPECT_EQ(0, SetSelfTokenID(g_selfTokenId)); diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_remote_native_tokenid_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_remote_native_tokenid_test.cpp index ea33192e1..20e1960b8 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_remote_native_tokenid_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_remote_native_tokenid_test.cpp @@ -102,7 +102,7 @@ void GetRemoteNativeTokenIDTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetRemoteNativeTokenIDTest, GetRemoteNativeTokenIDAbnormalTest001, TestSize.Level1) +HWTEST_F(GetRemoteNativeTokenIDTest, GetRemoteNativeTokenIDAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteNativeTokenIDAbnormalTest001 start."); std::string device = "device"; diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/register_token_sync_callback_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/register_token_sync_callback_test.cpp index 16e49bd20..d7e261f2d 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/register_token_sync_callback_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/register_token_sync_callback_test.cpp @@ -131,7 +131,7 @@ void RegisterTokenSyncCallbackTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest001, TestSize.Level1) +HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterTokenSyncCallbackAbnormalTest001 start."); int32_t ret = AccessTokenKit::RegisterTokenSyncCallback(nullptr); @@ -144,7 +144,7 @@ HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest001 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest002, TestSize.Level1) +HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterTokenSyncCallbackAbnormalTest002 start."); std::shared_ptr callback = std::make_shared(); @@ -158,7 +158,7 @@ HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackAbnormalTest002 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackFuncTest001, TestSize.Level1) +HWTEST_F(RegisterTokenSyncCallbackTest, RegisterTokenSyncCallbackFuncTest001, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "RegisterTokenSyncCallbackFuncTest001 start."); diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp index a08115514..db89cdcfc 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp @@ -132,7 +132,7 @@ void SetRemoteHapTokenInfoTest::TearDown() * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest001, TestSize.Level1) +HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest001, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest001 start."); @@ -199,7 +199,7 @@ void SetRemoteHapTokenInfoWithWrongInfo1(HapTokenInfo &wrongBaseInfo, const HapT * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest002, TestSize.Level1) +HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest002, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest002 start."); @@ -241,7 +241,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest002, TestSize.L * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest003, TestSize.Level1) +HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest003, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest003 start."); @@ -281,7 +281,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest003, TestSize.L * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest004, TestSize.Level1) +HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest004, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoFuncTest004 start."); @@ -326,7 +326,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest004, TestSize.L * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest001, TestSize.Level1) +HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest001, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest001 start."); @@ -375,7 +375,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest001, TestSize.L * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest002, TestSize.Level1) +HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest002, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest002 start."); @@ -429,7 +429,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest002, TestSize.L * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest003, TestSize.Level1) +HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest003, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest003 start."); @@ -467,7 +467,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest003, TestSize.L * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest004, TestSize.Level1) +HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest004, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest004 start."); @@ -514,7 +514,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest004, TestSize.L * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest005, TestSize.Level1) +HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest005, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest005 start."); @@ -560,7 +560,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest005, TestSize.L * @tc.type: FUNC * @tc.require:issue I5R4UF */ -HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest006, TestSize.Level1) +HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest006, TestSize.Level0) { MockNativeToken mock("token_sync_service"); LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoSpecTest006 start."); @@ -596,7 +596,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest006, TestSize.L * @tc.type: FUNC * @tc.require: */ -HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoAbnormalTest001, TestSize.Level1) +HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "SetRemoteHapTokenInfoAbnormalTest001 start."); std::string device = "device"; diff --git a/interfaces/innerkits/accesstoken/test/unittest/DlpTest/clone_app_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DlpTest/clone_app_permission_test.cpp index edd179fd7..e2266e20e 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DlpTest/clone_app_permission_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DlpTest/clone_app_permission_test.cpp @@ -186,7 +186,7 @@ static AccessTokenID AllocHapTokenId(HapInfoParams info, HapPolicyParams policy) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(CloneAppPermissionTest, OriginApp01, TestSize.Level1) +HWTEST_F(CloneAppPermissionTest, OriginApp01, TestSize.Level0) { int ret; auto policyParams = g_policyParams; @@ -228,7 +228,7 @@ HWTEST_F(CloneAppPermissionTest, OriginApp01, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(CloneAppPermissionTest, OriginApp02, TestSize.Level1) +HWTEST_F(CloneAppPermissionTest, OriginApp02, TestSize.Level0) { int ret; auto policyParams = g_policyParams; @@ -290,7 +290,7 @@ HWTEST_F(CloneAppPermissionTest, OriginApp02, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(CloneAppPermissionTest, OriginApp03, TestSize.Level1) +HWTEST_F(CloneAppPermissionTest, OriginApp03, TestSize.Level0) { int ret; auto policyParams = g_policyParams; @@ -358,7 +358,7 @@ HWTEST_F(CloneAppPermissionTest, OriginApp03, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(CloneAppPermissionTest, ReadDlp01, TestSize.Level1) +HWTEST_F(CloneAppPermissionTest, ReadDlp01, TestSize.Level0) { int ret; auto policyParams = g_policyParams; @@ -400,7 +400,7 @@ HWTEST_F(CloneAppPermissionTest, ReadDlp01, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(CloneAppPermissionTest, ReadDlp02, TestSize.Level1) +HWTEST_F(CloneAppPermissionTest, ReadDlp02, TestSize.Level0) { int ret; auto policyParams = g_policyParams; @@ -463,7 +463,7 @@ HWTEST_F(CloneAppPermissionTest, ReadDlp02, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(CloneAppPermissionTest, ReadDlp03, TestSize.Level1) +HWTEST_F(CloneAppPermissionTest, ReadDlp03, TestSize.Level0) { int ret; auto policyParams = g_policyParams; @@ -530,7 +530,7 @@ HWTEST_F(CloneAppPermissionTest, ReadDlp03, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(CloneAppPermissionTest, CloneApp01, TestSize.Level1) +HWTEST_F(CloneAppPermissionTest, CloneApp01, TestSize.Level0) { int ret; auto policyParams = g_policyParams; @@ -572,7 +572,7 @@ HWTEST_F(CloneAppPermissionTest, CloneApp01, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(CloneAppPermissionTest, CloneApp02, TestSize.Level1) +HWTEST_F(CloneAppPermissionTest, CloneApp02, TestSize.Level0) { int ret; auto policyParams = g_policyParams; @@ -624,7 +624,7 @@ HWTEST_F(CloneAppPermissionTest, CloneApp02, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(CloneAppPermissionTest, CloneApp03, TestSize.Level1) +HWTEST_F(CloneAppPermissionTest, CloneApp03, TestSize.Level0) { int ret; auto policyParams = g_policyParams; @@ -691,7 +691,7 @@ HWTEST_F(CloneAppPermissionTest, CloneApp03, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(CloneAppPermissionTest, CloneApp04, TestSize.Level1) +HWTEST_F(CloneAppPermissionTest, CloneApp04, TestSize.Level0) { int ret; uint32_t flag; @@ -741,7 +741,7 @@ HWTEST_F(CloneAppPermissionTest, CloneApp04, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(CloneAppPermissionTest, CloneApp05, TestSize.Level1) +HWTEST_F(CloneAppPermissionTest, CloneApp05, TestSize.Level0) { int ret; auto policyParams = g_policyParams; diff --git a/interfaces/innerkits/accesstoken/test/unittest/DlpTest/share_permission_with_sandbox_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DlpTest/share_permission_with_sandbox_test.cpp index df352af24..3e4408d13 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DlpTest/share_permission_with_sandbox_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DlpTest/share_permission_with_sandbox_test.cpp @@ -182,7 +182,7 @@ static AccessTokenID AllocHapTokenId(HapInfoParams info, HapPolicyParams policy) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SharePermissionTest, PermissionShareTest001, TestSize.Level1) +HWTEST_F(SharePermissionTest, PermissionShareTest001, TestSize.Level0) { int ret; AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams); @@ -230,7 +230,7 @@ HWTEST_F(SharePermissionTest, PermissionShareTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SharePermissionTest, PermissionShareTest002, TestSize.Level1) +HWTEST_F(SharePermissionTest, PermissionShareTest002, TestSize.Level0) { int ret; AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams); @@ -278,7 +278,7 @@ HWTEST_F(SharePermissionTest, PermissionShareTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest001, TestSize.Level1) +HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest001, TestSize.Level0) { int ret; AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams); @@ -319,7 +319,7 @@ HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest001, TestSize.Lev * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest002, TestSize.Level1) +HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest002, TestSize.Level0) { int ret; AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams); @@ -372,7 +372,7 @@ HWTEST_F(SharePermissionTest, PermissionShareClearUserGrantTest002, TestSize.Lev * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SharePermissionTest, PermissionShareTest03, TestSize.Level1) +HWTEST_F(SharePermissionTest, PermissionShareTest03, TestSize.Level0) { uint64_t tokenId = GetSelfTokenID(); AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams); @@ -420,7 +420,7 @@ static void SetPermList(std::vector &permsList) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SharePermissionTest, PermissionShareTest004, TestSize.Level1) +HWTEST_F(SharePermissionTest, PermissionShareTest004, TestSize.Level0) { AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams); AccessTokenID tokenFullControl = AllocHapTokenId(g_infoParmsFullControl, g_policyParams); @@ -484,7 +484,7 @@ HWTEST_F(SharePermissionTest, PermissionShareTest004, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SharePermissionTest, PermissionShareTest005, TestSize.Level1) +HWTEST_F(SharePermissionTest, PermissionShareTest005, TestSize.Level0) { AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams); AccessTokenID tokenFullControl = AllocHapTokenId(g_infoParmsFullControl, g_policyParams); @@ -547,7 +547,7 @@ HWTEST_F(SharePermissionTest, PermissionShareTest005, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SharePermissionTest, PermissionShareTest006, TestSize.Level1) +HWTEST_F(SharePermissionTest, PermissionShareTest006, TestSize.Level0) { int ret; AccessTokenID tokenCommon = AllocHapTokenId(g_infoParmsCommon, g_policyParams); @@ -596,7 +596,7 @@ HWTEST_F(SharePermissionTest, PermissionShareTest006, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SharePermissionTest, PermissionShareTest007, TestSize.Level1) +HWTEST_F(SharePermissionTest, PermissionShareTest007, TestSize.Level0) { int ret; uint32_t flag; diff --git a/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp index ef98b757d..e8388d6f7 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/EdmPolicyTest/edm_policy_set_test.cpp @@ -127,7 +127,7 @@ void EdmPolicySetTest::SetUpTestCase() * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, InitUserPolicy001, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, InitUserPolicy001, TestSize.Level0) { const int32_t invalidSize = 1025; // 1025 is invalid size. std::vector userList(invalidSize); @@ -142,7 +142,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy001, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, InitUserPolicy002, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, InitUserPolicy002, TestSize.Level0) { std::vector userListEmtpy; std::vector permList = { "ohos.permission.INTERNET" }; @@ -156,7 +156,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy002, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, InitUserPolicy003, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, InitUserPolicy003, TestSize.Level0) { UserState user = {.userId = DEFAULT_ACCOUNT_ID, .isActive = true}; const int32_t invalidSize = 1025; // 1025 is invalid size. @@ -172,7 +172,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy003, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, InitUserPolicy004, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, InitUserPolicy004, TestSize.Level0) { UserState user = {.userId = DEFAULT_ACCOUNT_ID, .isActive = true}; std::vector userList = { user }; @@ -188,7 +188,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy004, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, InitUserPolicy005, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, InitUserPolicy005, TestSize.Level0) { GTEST_LOG_(INFO) << "permissionSet OK "; MockNativeToken mock("foundation"); @@ -241,7 +241,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy005, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, InitUserPolicy006, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, InitUserPolicy006, TestSize.Level0) { GTEST_LOG_(INFO) << "permissionSet OK "; MockNativeToken mock("foundation"); @@ -287,7 +287,7 @@ HWTEST_F(EdmPolicySetTest, InitUserPolicy006, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, UpdateUserPolicy001, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, UpdateUserPolicy001, TestSize.Level0) { GTEST_LOG_(INFO) << "permissionSet OK "; MockNativeToken mock("foundation"); @@ -307,7 +307,7 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy001, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, UpdateUserPolicy003, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, UpdateUserPolicy003, TestSize.Level0) { const int32_t invalidSize = 1025; // 1025 is invalid size. std::vector userList(invalidSize); @@ -325,7 +325,7 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy003, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level0) { g_testHapInfoParams.userID = MOCK_USER_ID_10001; AccessTokenIDEx fullIdUser1; @@ -376,7 +376,7 @@ HWTEST_F(EdmPolicySetTest, UpdateUserPolicy004, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, UserPolicyTestForNewHap, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, UserPolicyTestForNewHap, TestSize.Level0) { UserState user1 = {.userId = MOCK_USER_ID_10001, .isActive = true}; UserState user2 = {.userId = MOCK_USER_ID_10002, .isActive = true}; @@ -431,7 +431,7 @@ HWTEST_F(EdmPolicySetTest, UserPolicyTestForNewHap, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, UserPolicyTestForClearUserGranted, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, UserPolicyTestForClearUserGranted, TestSize.Level0) { UserState user1 = {.userId = MOCK_USER_ID_10001, .isActive = true}; UserState user2 = {.userId = MOCK_USER_ID_10002, .isActive = false}; @@ -486,7 +486,7 @@ HWTEST_F(EdmPolicySetTest, UserPolicyTestForClearUserGranted, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, ClearUserPolicy001, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, ClearUserPolicy001, TestSize.Level0) { g_testHapInfoParams.userID = MOCK_USER_ID_10002; AccessTokenIDEx fullIdUser2; @@ -526,7 +526,7 @@ HWTEST_F(EdmPolicySetTest, ClearUserPolicy001, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(EdmPolicySetTest, UserPolicyForUpdateHapTokenTest, TestSize.Level1) +HWTEST_F(EdmPolicySetTest, UserPolicyForUpdateHapTokenTest, TestSize.Level0) { HapPolicyParams testPolicyParams1 = { .apl = APL_SYSTEM_CORE, diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp index 5236a9c8e..9aab3422a 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permission_flag_test.cpp @@ -127,7 +127,7 @@ void GetPermissionFlagTest::TearDown() * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetPermissionFlagTest, GetPermissionFlagFuncTest001, TestSize.Level1) +HWTEST_F(GetPermissionFlagTest, GetPermissionFlagFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionFlagFuncTest001"); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); @@ -149,7 +149,7 @@ HWTEST_F(GetPermissionFlagTest, GetPermissionFlagFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetPermissionFlagTest, GetPermissionFlagAbnormalTest001, TestSize.Level1) +HWTEST_F(GetPermissionFlagTest, GetPermissionFlagAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionFlagAbnormalTest001"); diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp index 4a25e0bd3..bb287281a 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/get_permissions_status_test.cpp @@ -148,7 +148,7 @@ void GetPermissionsStatusTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest001, TestSize.Level1) +HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -195,7 +195,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest001, TestSize.Lev * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest002, TestSize.Level1) +HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest002, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -250,7 +250,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusFuncTest002, TestSize.Lev * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest001, TestSize.Level1) +HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -274,7 +274,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest001, TestSize * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest002, TestSize.Level1) +HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest002, TestSize.Level0) { std::vector permsList; PermissionListState tmpA = { @@ -293,7 +293,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest002, TestSize * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest003, TestSize.Level1) +HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest003, TestSize.Level0) { std::vector reqPerm; MockHapToken mock("GetPermissionsStatusAbnormalTest003", reqPerm, true); @@ -323,7 +323,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusAbnormalTest003, TestSize * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusSpecTest001, TestSize.Level1) +HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusSpecTest001, TestSize.Level0) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.GET_SENSITIVE_PERMISSIONS"); @@ -351,7 +351,7 @@ HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusSpecTest001, TestSize.Lev * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusSpecTest002, TestSize.Level1) +HWTEST_F(GetPermissionsStatusTest, GetPermissionsStatusSpecTest002, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp index cf2d74ba3..41d16d4e5 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapAttributeTest/permission_request_toggle_status_test.cpp @@ -111,7 +111,7 @@ void PermissionRequestToggleStatusTest::TearDown() * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(PermissionRequestToggleStatusTest, SetPermissionRequestToggleStatusAbnormalTest001, TestSize.Level1) +HWTEST_F(PermissionRequestToggleStatusTest, SetPermissionRequestToggleStatusAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "SetPermissionRequestToggleStatusAbnormalTest001"); @@ -211,7 +211,7 @@ HWTEST_F(PermissionRequestToggleStatusTest, SetPermissionRequestToggleStatusSpec * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(PermissionRequestToggleStatusTest, GetPermissionRequestToggleStatusAbnormalTest001, TestSize.Level1) +HWTEST_F(PermissionRequestToggleStatusTest, GetPermissionRequestToggleStatusAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionRequestToggleStatusAbnormalTest001"); diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp index 75d8794af..914e97881 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/alloc_hap_token_test.cpp @@ -194,7 +194,7 @@ void AllocHapTokenTest::TearDown() * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken001, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -210,7 +210,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken002, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken002, TestSize.Level0) { AccessTokenID tokenID = AllocTestToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); GTEST_LOG_(INFO) << "tokenID :" << tokenID; @@ -229,7 +229,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken003, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken003, TestSize.Level0) { std::string invalidBundleName (INVALID_BUNDLENAME_LEN, 'x'); std::string bundle = g_infoManagerTestInfoParms.bundleName; @@ -258,7 +258,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken003, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken004, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken004, TestSize.Level0) { ATokenAplEnum typeBackUp = g_infoManagerTestPolicyPrams.apl; DeleteTestToken(); @@ -284,7 +284,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken004, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken005, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken005, TestSize.Level0) { std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ONE].permissionName; std::string bundleNameBackUp = g_infoManagerTestPolicyPrams.permList[INDEX_ONE].bundleName; @@ -318,7 +318,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken005, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken006, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken006, TestSize.Level0) { std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName; DeleteTestToken(); @@ -345,7 +345,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken006, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken007, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken007, TestSize.Level0) { std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName; std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName; @@ -377,7 +377,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken007, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken008, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken008, TestSize.Level0) { std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label; std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName; @@ -408,7 +408,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken008, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken009, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken009, TestSize.Level0) { std::string backUp = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description; std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName; @@ -451,7 +451,7 @@ static bool ExistInVector(vector array, unsigned int value) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken010, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken010, TestSize.Level0) { int ret; bool exist = false; @@ -484,7 +484,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken010, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken011, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken011, TestSize.Level0) { std::string invalidAppIDDesc (INVALID_APPIDDESC_LEN, 'x'); std::string backup = g_infoManagerTestInfoParms.appIDDesc; @@ -503,7 +503,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken011, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken012, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken012, TestSize.Level0) { std::string backup = g_infoManagerTestInfoParms.bundleName; @@ -519,7 +519,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken012, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken013, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken013, TestSize.Level0) { std::string backup = g_infoManagerTestInfoParms.appIDDesc; @@ -535,7 +535,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken013, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken014, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken014, TestSize.Level0) { std::string backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName; @@ -554,7 +554,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken014, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken015, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken015, TestSize.Level0) { std::string backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].bundleName; std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName; @@ -582,7 +582,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken015, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken016, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken016, TestSize.Level0) { std::string backup = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].label; std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName; @@ -607,7 +607,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken016, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken017, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken017, TestSize.Level0) { std::string backUpPermission = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].permissionName; std::string backupDec = g_infoManagerTestPolicyPrams.permList[INDEX_ZERO].description; @@ -632,7 +632,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken017, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken018, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken018, TestSize.Level0) { HapPolicyParams infoManagerTestPolicyPrams = { .apl = APL_NORMAL, @@ -675,7 +675,7 @@ HWTEST_F(AllocHapTokenTest, AllocHapToken018, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AllocHapTokenTest, AllocHapToken019, TestSize.Level1) +HWTEST_F(AllocHapTokenTest, AllocHapToken019, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; HapPolicyParams infoManagerTestPolicyPrams = { diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp index cd31758cf..9e61f835e 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/app_installation_optimized_test.cpp @@ -148,7 +148,7 @@ void AppInstallationOptimizedTest::TearDown() * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapToken001, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapToken001, TestSize.Level0) { AccessTokenIDEx fullTokenId; int32_t ret = AccessTokenKit::InitHapToken(g_testHapInfoParams, g_testPolicyParams, fullTokenId); @@ -163,7 +163,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapToken002, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapToken002, TestSize.Level0) { HapPolicyParams testPolicyParams = { .apl = APL_SYSTEM_BASIC, @@ -192,7 +192,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapToken003, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapToken003, TestSize.Level0) { HapPolicyParams testPolicyParams = { .apl = APL_NORMAL, @@ -217,7 +217,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken003, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapToken004, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapToken004, TestSize.Level0) { PreAuthorizationInfo info1 = { .permissionName = CALENDAR_PERMISSION, @@ -251,7 +251,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken004, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapToken005, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapToken005, TestSize.Level0) { PreAuthorizationInfo info1 = { .permissionName = CALENDAR_PERMISSION, @@ -285,7 +285,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken005, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapToken006, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapToken006, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_SYSTEM_BASIC, @@ -305,7 +305,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken006, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapToken007, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapToken007, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_SYSTEM_BASIC, @@ -324,7 +324,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken007, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapToken008, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapToken008, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_SYSTEM_BASIC, @@ -343,7 +343,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken008, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapToken009, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapToken009, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_NORMAL, @@ -362,7 +362,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken009, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapToken010, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapToken010, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_SYSTEM_BASIC, @@ -382,7 +382,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken010, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapToken011, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapToken011, TestSize.Level0) { HapPolicyParams testPolicyParams = { .apl = APL_SYSTEM_BASIC, @@ -438,7 +438,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapToken011, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken001, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken001, TestSize.Level0) { HapPolicyParams testPolicyParams1 = { .apl = APL_NORMAL, @@ -496,7 +496,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken002, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken002, TestSize.Level0) { HapPolicyParams testPolicyParams1 = { .apl = APL_NORMAL, @@ -549,7 +549,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken003, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken003, TestSize.Level0) { HapPolicyParams testPolicyParams1 = { .apl = APL_NORMAL, @@ -600,7 +600,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken003, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken004, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken004, TestSize.Level0) { HapPolicyParams testPolicyParams1 = { .apl = APL_NORMAL, @@ -645,7 +645,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken004, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken005, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken005, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_SYSTEM_BASIC, @@ -678,7 +678,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken005, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken006, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken006, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_SYSTEM_BASIC, @@ -711,7 +711,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken006, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken007, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken007, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_SYSTEM_BASIC, @@ -744,7 +744,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken007, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken008, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken008, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_NORMAL, @@ -776,7 +776,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken008, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken009, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken009, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_NORMAL, @@ -808,7 +808,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken009, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken010, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken010, TestSize.Level0) { HapPolicyParams testPolicyParams1 = { .apl = APL_NORMAL, @@ -853,7 +853,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken010, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken011, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken011, TestSize.Level0) { HapPolicyParams testPolicyParams1 = { .apl = APL_NORMAL, @@ -898,7 +898,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken011, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken012, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken012, TestSize.Level0) { HapPolicyParams testPolicyParams1 = { .apl = APL_NORMAL, @@ -957,7 +957,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken012, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken013, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken013, TestSize.Level0) { PreAuthorizationInfo info1 = { .permissionName = APP_TRACKING_PERMISSION, @@ -1011,7 +1011,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken013, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken014, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken014, TestSize.Level0) { PreAuthorizationInfo info1 = { .permissionName = APP_TRACKING_PERMISSION, @@ -1061,7 +1061,7 @@ HWTEST_F(AppInstallationOptimizedTest, UpdateHapToken014, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal001, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal001, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_NORMAL, @@ -1088,7 +1088,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal002, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal002, TestSize.Level0) { HapPolicyParams testPolicyParam = { .apl = APL_NORMAL, @@ -1119,7 +1119,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal003, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal003, TestSize.Level0) { HapInfoParams testHapInfoParams = g_testHapInfoParams; HapPolicyParams testPolicyParam = { @@ -1164,7 +1164,7 @@ HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal003, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal004, TestSize.Level1) +HWTEST_F(AppInstallationOptimizedTest, InitHapTokenAbnormal004, TestSize.Level0) { HapInfoParams testHapInfoParams = g_testHapInfoParams; HapPolicyParams testPolicyParam = g_testPolicyParams; diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp index 654954664..c0d71005e 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/delete_token_test.cpp @@ -125,7 +125,7 @@ void DeleteTokenTest::TearDown() * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest001, TestSize.Level1) +HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DeleteTokenFuncTest001"); @@ -149,7 +149,7 @@ HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest002, TestSize.Level1) +HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DeleteTokenFuncTest002"); @@ -173,7 +173,7 @@ HWTEST_F(DeleteTokenTest, DeleteTokenFuncTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest001, TestSize.Level1) +HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DeleteTokenAbnormalTest001"); @@ -187,7 +187,7 @@ HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest002, TestSize.Level1) +HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DeleteTokenAbnormalTest002"); AccessTokenID tokenID = GetSelfTokenID(); // native token @@ -201,7 +201,7 @@ HWTEST_F(DeleteTokenTest, DeleteTokenAbnormalTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(DeleteTokenTest, DeleteTokenSpecTest001, TestSize.Level1) +HWTEST_F(DeleteTokenTest, DeleteTokenSpecTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DeleteTokenSpecTest001"); diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp index 22156a78f..05f91d5ae 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_hap_token_test.cpp @@ -104,7 +104,7 @@ void GetHapTokenTest::TearDown() * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetHapTokenTest, GetHapTokenIDFuncTest001, TestSize.Level1) +HWTEST_F(GetHapTokenTest, GetHapTokenIDFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDFuncTest001"); @@ -126,7 +126,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest001, TestSize.Level1) +HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDAbnormalTest001"); @@ -140,7 +140,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest002, TestSize.Level1) +HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDAbnormalTest002"); @@ -157,7 +157,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest003, TestSize.Level1) +HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDAbnormalTest003"); @@ -171,7 +171,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDAbnormalTest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI60F1M */ -HWTEST_F(GetHapTokenTest, GetHapTokenIDExFuncTest001, TestSize.Level1) +HWTEST_F(GetHapTokenTest, GetHapTokenIDExFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDExFuncTest001"); @@ -195,7 +195,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDExFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI60F1M */ -HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest001, TestSize.Level1) +HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDExAbnormalTest001"); @@ -209,7 +209,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI60F1M */ -HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest002, TestSize.Level1) +HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDExAbnormalTest002"); @@ -223,7 +223,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI60F1M */ -HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest003, TestSize.Level1) +HWTEST_F(GetHapTokenTest, GetHapTokenIDExAbnormalTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenIDExAbnormalTest003"); @@ -281,7 +281,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenInfoAbnormalTest001, TestSize.Level0) * @tc.type: FUNC * @tc.require: IAZTZD */ -HWTEST_F(GetHapTokenTest, GetHapTokenInfoExtensionFuncTest001, TestSize.Level1) +HWTEST_F(GetHapTokenTest, GetHapTokenInfoExtensionFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetHapTokenInfoExtensionFuncTest001"); setuid(0); @@ -303,7 +303,7 @@ HWTEST_F(GetHapTokenTest, GetHapTokenInfoExtensionFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI60F1M */ -HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest001, TestSize.Level1) +HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest001, TestSize.Level0) { std::vector reqPerm; AccessTokenIDEx tokenIdEx = {0}; @@ -331,7 +331,7 @@ HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI60F1M */ -HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest002, TestSize.Level1) +HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest002, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; TestCommon::AllocTestHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx); @@ -357,7 +357,7 @@ HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest003, TestSize.Level1) +HWTEST_F(GetHapTokenTest, IsSystemAppByFullTokenIDTest003, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; TestCommon::AllocTestHapToken(g_infoManagerTestSystemInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx); diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp index 85bc3e63f..0c0d0d9b1 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/get_token_type_test.cpp @@ -132,7 +132,7 @@ HWTEST_F(GetTokenTypeTest, GetTokenTypeAbnormalTest001, TestSize.Level0) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetTokenTypeTest, GetTokenTypeFlagAbnormalTest001, TestSize.Level1) +HWTEST_F(GetTokenTypeTest, GetTokenTypeFlagAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetTokenTypeFlagAbnormalTest001"); @@ -147,7 +147,7 @@ HWTEST_F(GetTokenTypeTest, GetTokenTypeFlagAbnormalTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetTokenTypeTest, GetTokenTypeFlagFuncTest001, TestSize.Level1) +HWTEST_F(GetTokenTypeTest, GetTokenTypeFlagFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetTokenTypeFlagFuncTest001"); diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp index 491e6a074..8bbd287b4 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp @@ -135,7 +135,7 @@ void InitHapTokenTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest001, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest001"); MockNativeToken mock("foundation"); @@ -172,7 +172,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest002, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest002"); MockNativeToken mock("foundation"); @@ -209,7 +209,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest003, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest003"); MockNativeToken mock("foundation"); @@ -254,7 +254,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest004, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest004"); MockNativeToken mock("foundation"); @@ -271,7 +271,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest004, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest005, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest005, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest005"); MockNativeToken mock("foundation"); @@ -335,7 +335,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest006, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest006, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest006"); MockNativeToken mock("foundation"); @@ -363,7 +363,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest007, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest007, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest007"); MockNativeToken mock("foundation"); @@ -396,7 +396,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest008, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest008, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest008"); MockNativeToken mock("foundation"); @@ -431,7 +431,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest008, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest009, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest009, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenFuncTest009"); MockNativeToken mock("foundation"); @@ -478,7 +478,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest009, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest001, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest001"); MockNativeToken mock("foundation"); @@ -524,7 +524,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest002, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest002"); MockNativeToken mock("foundation"); @@ -564,7 +564,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest003, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest003"); MockNativeToken mock("foundation"); @@ -618,7 +618,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest004, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest004"); MockNativeToken mock("foundation"); @@ -682,7 +682,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest004, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest005, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest005, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest005"); MockNativeToken mock("foundation"); @@ -711,7 +711,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest006, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest006, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest006"); MockNativeToken mock("foundation"); @@ -751,7 +751,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest007, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest007, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest007"); MockNativeToken mock("foundation"); @@ -790,7 +790,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest008, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest008, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenSpecsTest008"); MockNativeToken mock("foundation"); @@ -830,7 +830,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest008, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest009, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest009, TestSize.Level0) { MockNativeToken mock("foundation"); HapInfoParams infoParams; @@ -882,7 +882,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest009, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest010, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest010, TestSize.Level0) { HapInfoParams infoParams; HapPolicyParams policyParams; @@ -919,7 +919,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest010, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest011, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest011, TestSize.Level0) { HapInfoParams infoParams; HapPolicyParams policyParams; @@ -957,7 +957,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest011, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest012, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest012, TestSize.Level0) { HapInfoParams infoParams; HapPolicyParams policyParams; @@ -992,7 +992,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest012, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest013, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest013, TestSize.Level0) { MockNativeToken mock("foundation"); HapInfoParams infoParams; @@ -1020,7 +1020,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest013, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest014, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest014, TestSize.Level0) { HapInfoParams infoParams; HapPolicyParams policyParams; @@ -1053,7 +1053,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenSpecsTest014, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest001, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenAbnormalTest001"); @@ -1089,7 +1089,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest002, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenAbnormalTest002"); @@ -1123,7 +1123,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest003, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenAbnormalTest003"); @@ -1165,7 +1165,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest004, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenAbnormalTest004"); @@ -1230,7 +1230,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest005, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest005, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "InitHapTokenAbnormalTest005"); @@ -1274,7 +1274,7 @@ HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest006, TestSize.Level1) +HWTEST_F(InitHapTokenTest, InitHapTokenAbnormalTest006, TestSize.Level0) { HapInfoParams infoParams; HapPolicyParams policyParams; diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp index ab697988f..4e3f85a9e 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp @@ -159,7 +159,7 @@ void UpdateHapTokenTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest001, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest001"); @@ -203,7 +203,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest002, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest002"); @@ -247,7 +247,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest003, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest003"); @@ -311,7 +311,7 @@ void GetPermissions(string permissionName, PermissionStateFull& stateFull, PreAu * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest004, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest004"); @@ -363,7 +363,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest005, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest005, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest005"); @@ -418,7 +418,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest006, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest006, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenFuncTest006"); @@ -482,7 +482,7 @@ static bool ExistInVector(vector array, unsigned int value) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest007, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest007, TestSize.Level0) { int allocFlag = 0; int updateFlag = 0; @@ -544,7 +544,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest007, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest008, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest008, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; ASSERT_EQ(RET_SUCCESS, AccessTokenKit::InitHapToken(g_testHapInfoParams, g_testPolicyParams, tokenIdEx)); @@ -581,7 +581,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest008, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest009, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest009, TestSize.Level0) { const std::string appIDDesc = g_testHapInfoParams.appIDDesc; int backupMode = g_testPolicyParams.permList[INDEX_ZERO].grantMode; @@ -624,7 +624,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest009, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest010, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest010, TestSize.Level0) { const std::string appIDDesc = g_testHapInfoParams.appIDDesc; std::string permission = g_infoManagerCameraState.permissionName; @@ -661,7 +661,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest010, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest011, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest011, TestSize.Level0) { const std::string appIDDesc = g_testHapInfoParams.appIDDesc; AccessTokenIDEx tokenIdEx = {0}; @@ -696,7 +696,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest011, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest012, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest012, TestSize.Level0) { AccessTokenIDEx tokenID = {0}; HapPolicyParams policy; @@ -745,7 +745,7 @@ static void *ThreadTestFunc02(void *args) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(UpdateHapTokenTest, Mulitpulthread001, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, Mulitpulthread001, TestSize.Level0) { AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); ASSERT_NE(INVALID_TOKENID, tokenID); @@ -781,7 +781,7 @@ void ConcurrencyTask(unsigned int tokenID) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(UpdateHapTokenTest, ConcurrencyTest001, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, ConcurrencyTest001, TestSize.Level0) { AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); ASSERT_NE(INVALID_TOKENID, tokenID); @@ -802,7 +802,7 @@ HWTEST_F(UpdateHapTokenTest, ConcurrencyTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest001, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest001"); @@ -857,7 +857,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest002, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest002"); @@ -911,7 +911,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest003, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest003"); @@ -964,7 +964,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest004, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest004"); @@ -1010,7 +1010,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest005, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest005, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest005"); @@ -1068,7 +1068,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest005, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest006, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest006, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest006"); @@ -1115,7 +1115,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest006, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest007, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest007, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest007"); @@ -1177,7 +1177,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest007, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest008, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest008, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest008"); @@ -1235,7 +1235,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest008, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest009, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest009, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest009"); @@ -1289,7 +1289,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest009, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest010, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest010, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenSpecsTest010"); @@ -1342,7 +1342,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest010, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest011, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest011, TestSize.Level0) { HapInfoParams infoParams; HapPolicyParams policyParams; @@ -1386,7 +1386,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenSpecsTest011, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest001, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenAbnormalTest001"); @@ -1417,7 +1417,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest002, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenAbnormalTest002"); @@ -1452,7 +1452,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest003, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenAbnormalTest003"); std::string backUpPermission = g_testPolicyParams.permList[INDEX_ZERO].permissionName; @@ -1515,7 +1515,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest004, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenAbnormalTest004"); @@ -1579,7 +1579,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest005, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest005, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UpdateHapTokenAbnormalTest005"); @@ -1629,7 +1629,7 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest006, TestSize.Level1) +HWTEST_F(UpdateHapTokenTest, UpdateHapTokenAbnormalTest006, TestSize.Level0) { AccessTokenIDEx tokenIdEx = { .tokenIdExStruct.tokenID = INVALID_TOKENID, diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp index a00807532..734ae08c5 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermDenyTest/accesstoken_deny_test.cpp @@ -100,7 +100,7 @@ void AccessTokenDenyTest::TearDown() * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(AccessTokenDenyTest, InitUserPolicy001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, InitUserPolicy001, TestSize.Level0) { UserState user = {.userId = 100, .isActive = true}; // 100 is userId const std::vector userList = { user }; @@ -116,7 +116,7 @@ HWTEST_F(AccessTokenDenyTest, InitUserPolicy001, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(AccessTokenDenyTest, UpdateUserPolicy001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, UpdateUserPolicy001, TestSize.Level0) { UserState user = {.userId = 100, .isActive = true}; // 100 is userId const std::vector userList = { user }; @@ -131,7 +131,7 @@ HWTEST_F(AccessTokenDenyTest, UpdateUserPolicy001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, AllocHapToken001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, AllocHapToken001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; tokenIdEx = AccessTokenKit::AllocHapToken(g_InfoParms, g_PolicyPrams); @@ -144,7 +144,7 @@ HWTEST_F(AccessTokenDenyTest, AllocHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, InitHapToken001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, InitHapToken001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int32_t ret = AccessTokenKit::InitHapToken(g_InfoParms, g_PolicyPrams, tokenIdEx); @@ -157,7 +157,7 @@ HWTEST_F(AccessTokenDenyTest, InitHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, AllocLocalTokenID001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, AllocLocalTokenID001, TestSize.Level0) { std::string remoteDevice = "remote device"; AccessTokenID tokenId = 123; @@ -171,7 +171,7 @@ HWTEST_F(AccessTokenDenyTest, AllocLocalTokenID001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, UpdateHapToken001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, UpdateHapToken001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; tokenIdEx.tokenIdExStruct.tokenID = 123; @@ -189,7 +189,7 @@ HWTEST_F(AccessTokenDenyTest, UpdateHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, DeleteToken001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, DeleteToken001, TestSize.Level0) { AccessTokenID tokenId = 123; ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::DeleteToken(tokenId)); @@ -201,7 +201,7 @@ HWTEST_F(AccessTokenDenyTest, DeleteToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, GetHapTokenID001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GetHapTokenID001, TestSize.Level0) { int32_t userID = 0; std::string bundleName = "test"; @@ -216,7 +216,7 @@ HWTEST_F(AccessTokenDenyTest, GetHapTokenID001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, GetHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GetHapTokenInfo001, TestSize.Level0) { AccessTokenID tokenId = 123; HapTokenInfo tokenInfo; @@ -229,7 +229,7 @@ HWTEST_F(AccessTokenDenyTest, GetHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, GetNativeTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GetNativeTokenInfo001, TestSize.Level0) { AccessTokenID tokenId = 805920561; //805920561 is a native tokenId. NativeTokenInfo tokenInfo; @@ -242,7 +242,7 @@ HWTEST_F(AccessTokenDenyTest, GetNativeTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, GetReqPermissions001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GetReqPermissions001, TestSize.Level0) { std::vector permStatList; AccessTokenID tokenID = 123; // 123: tokenid @@ -258,7 +258,7 @@ HWTEST_F(AccessTokenDenyTest, GetReqPermissions001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, GetPermissionFlag001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GetPermissionFlag001, TestSize.Level0) { AccessTokenID tokenId = 123; std::string permission = "ohos.permission.CAMERA"; @@ -272,7 +272,7 @@ HWTEST_F(AccessTokenDenyTest, GetPermissionFlag001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, SetPermissionRequestToggleStatus001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, SetPermissionRequestToggleStatus001, TestSize.Level0) { int32_t userID = 123; uint32_t status = PermissionRequestToggleStatus::CLOSED; @@ -288,7 +288,7 @@ HWTEST_F(AccessTokenDenyTest, SetPermissionRequestToggleStatus001, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, GetPermissionRequestToggleStatus001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GetPermissionRequestToggleStatus001, TestSize.Level0) { int32_t userID = 123; uint32_t status; @@ -304,7 +304,7 @@ HWTEST_F(AccessTokenDenyTest, GetPermissionRequestToggleStatus001, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, GrantPermission001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GrantPermission001, TestSize.Level0) { AccessTokenID tokenId = 123; // 123: tokenid std::string permission = "ohos.permission.CAMERA"; @@ -318,7 +318,7 @@ HWTEST_F(AccessTokenDenyTest, GrantPermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, RevokePermission001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, RevokePermission001, TestSize.Level0) { AccessTokenID tokenId = 123; std::string permission = "ohos.permission.CAMERA"; @@ -332,7 +332,7 @@ HWTEST_F(AccessTokenDenyTest, RevokePermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, ClearUserGrantedPermissionState001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, ClearUserGrantedPermissionState001, TestSize.Level0) { AccessTokenID tokenId = 123; ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::ClearUserGrantedPermissionState(tokenId)); @@ -357,7 +357,7 @@ public: * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, RegisterPermStateChangeCallback001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, RegisterPermStateChangeCallback001, TestSize.Level0) { PermStateChangeScope scopeInfo; scopeInfo.permList = {"ohos.permission.CAMERA"}; @@ -372,7 +372,7 @@ HWTEST_F(AccessTokenDenyTest, RegisterPermStateChangeCallback001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, UnregisterPermStateChangeCallback001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, UnregisterPermStateChangeCallback001, TestSize.Level0) { setuid(g_selfUid); @@ -417,7 +417,7 @@ HWTEST_F(AccessTokenDenyTest, UnregisterPermStateChangeCallback001, TestSize.Lev * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AccessTokenDenyTest, GetNativeTokenId001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GetNativeTokenId001, TestSize.Level0) { std::string processName = "hdcd"; AccessTokenID tokenID = AccessTokenKit::GetNativeTokenId(processName); @@ -430,7 +430,7 @@ HWTEST_F(AccessTokenDenyTest, GetNativeTokenId001, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(AccessTokenDenyTest, DumpTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, DumpTokenInfo001, TestSize.Level0) { std::string dumpInfo; AtmToolsParamInfo info; @@ -446,7 +446,7 @@ HWTEST_F(AccessTokenDenyTest, DumpTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, GetHapTokenInfoFromRemote001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GetHapTokenInfoFromRemote001, TestSize.Level0) { AccessTokenID tokenId = 123; HapTokenInfoForSync hapSync; @@ -459,7 +459,7 @@ HWTEST_F(AccessTokenDenyTest, GetHapTokenInfoFromRemote001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, SetRemoteHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, SetRemoteHapTokenInfo001, TestSize.Level0) { std::string device = "device"; HapTokenInfoForSync hapSync; @@ -472,7 +472,7 @@ HWTEST_F(AccessTokenDenyTest, SetRemoteHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, DeleteRemoteToken001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, DeleteRemoteToken001, TestSize.Level0) { std::string device = "device"; AccessTokenID tokenId = 123; @@ -485,7 +485,7 @@ HWTEST_F(AccessTokenDenyTest, DeleteRemoteToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, GetRemoteNativeTokenID001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GetRemoteNativeTokenID001, TestSize.Level0) { std::string device = "device"; AccessTokenID tokenId = 123; @@ -498,13 +498,13 @@ HWTEST_F(AccessTokenDenyTest, GetRemoteNativeTokenID001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, DeleteRemoteDeviceTokens001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, DeleteRemoteDeviceTokens001, TestSize.Level0) { std::string device = "device"; ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::DeleteRemoteDeviceTokens(device)); } -HWTEST_F(AccessTokenDenyTest, RegisterTokenSyncCallback001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, RegisterTokenSyncCallback001, TestSize.Level0) { std::shared_ptr callback = std::make_shared(); EXPECT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::RegisterTokenSyncCallback(callback)); @@ -518,7 +518,7 @@ HWTEST_F(AccessTokenDenyTest, RegisterTokenSyncCallback001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, SetPermDialogCap001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, SetPermDialogCap001, TestSize.Level0) { HapBaseInfo hapBaseInfo; ASSERT_EQ(AccessTokenError::ERR_PERMISSION_DENIED, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true)); @@ -530,7 +530,7 @@ HWTEST_F(AccessTokenDenyTest, SetPermDialogCap001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, GrantPermissionForSpecifiedTime001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GrantPermissionForSpecifiedTime001, TestSize.Level0) { AccessTokenID tokenId = 123; std::string permission = "permission"; @@ -545,7 +545,7 @@ HWTEST_F(AccessTokenDenyTest, GrantPermissionForSpecifiedTime001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDenyTest, GetKernelPermissions001, TestSize.Level1) +HWTEST_F(AccessTokenDenyTest, GetKernelPermissions001, TestSize.Level0) { AccessTokenID tokenId = 123; std::vector kernelPermList; diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp index 1c8547325..e6fdf0ae1 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/accesstoken_location_request_test.cpp @@ -202,7 +202,7 @@ AccessTokenIDEx AllocHapToken(std::vector& permissionStateF * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState001, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState001, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} {grantStatus, grantFlags} @@ -234,7 +234,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState001, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState002, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState002, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -268,7 +268,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState002, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState003, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState003, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -302,7 +302,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState003, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState004, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState004, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0} @@ -336,7 +336,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState004, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState005, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState005, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0} @@ -371,7 +371,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState005, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState006, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState006, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateBack10); // {-1,0} @@ -405,7 +405,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState006, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState007, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState007, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateBack10); // {-1,0} @@ -440,7 +440,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState007, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState008, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState008, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} @@ -481,7 +481,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState008, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState009, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState009, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -521,7 +521,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState009, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState010, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState010, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -562,7 +562,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState010, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState011, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState011, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -603,7 +603,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState011, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState012, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState012, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} @@ -654,7 +654,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState012, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState013, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState013, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -704,7 +704,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState013, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState014, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState014, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -754,7 +754,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState014, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState015, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState015, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -804,7 +804,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState015, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState016, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState016, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0} @@ -855,7 +855,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState016, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState017, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState017, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -907,7 +907,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState017, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState018, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState018, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} @@ -967,7 +967,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState018, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState019, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState019, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -1027,7 +1027,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState019, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState020, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState020, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -1087,7 +1087,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState020, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState021, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState021, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -1145,7 +1145,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState021, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState022, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState022, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -1203,7 +1203,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState022, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState023, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState023, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -1262,7 +1262,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState023, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState024, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState024, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -1328,7 +1328,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState024, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState025, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState025, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -1394,7 +1394,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState025, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState026, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState026, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -1460,7 +1460,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState026, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState027, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState027, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} @@ -1522,7 +1522,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState027, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState028, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState028, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} @@ -1556,7 +1556,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState028, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState029, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState029, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0} @@ -1590,7 +1590,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState029, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState030, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState030, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateBack10); // {-1,0} @@ -1624,7 +1624,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState030, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState031, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState031, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} @@ -1665,7 +1665,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState031, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState032, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState032, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} @@ -1706,7 +1706,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState032, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState033, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState033, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0} @@ -1746,7 +1746,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState033, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState034, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState034, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} @@ -1794,7 +1794,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState034, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState035, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState035, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} @@ -1845,7 +1845,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState035, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState036, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState036, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -1886,7 +1886,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState036, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState037, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState037, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -1927,7 +1927,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState037, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState038, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState038, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -1968,7 +1968,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState038, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState039, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState039, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateAccurate10); // {-1,0} @@ -2009,7 +2009,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState039, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState040, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState040, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -2051,7 +2051,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState040, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState041, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState041, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} @@ -2099,7 +2099,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState041, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState042, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState042, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -2147,7 +2147,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState042, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState043, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState043, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -2195,7 +2195,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState043, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState044, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState044, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -2243,7 +2243,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState044, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState045, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState045, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague02); // {0,2} @@ -2291,7 +2291,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState045, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState046, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState046, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -2339,7 +2339,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState046, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState047, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState047, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -2387,7 +2387,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState047, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState048, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState048, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -2435,7 +2435,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState048, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState049, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState049, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague12); // {-1,2} @@ -2483,7 +2483,7 @@ HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState049, TestSize.Le * @tc.type: FUNC * @tc.require: issueI5NOQI */ -HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState050, TestSize.Level1) +HWTEST_F(AccessTokenLocationRequestTest, GetSelfPermissionsState050, TestSize.Level0) { std::vector permissionStateFulls; permissionStateFulls.emplace_back(g_locationTestStateVague10); // {-1,0} diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp index c8e47b449..374e36e69 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_state_test.cpp @@ -158,7 +158,7 @@ void GetPermsList2(std::vector &permsList2) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState001, TestSize.Level1) +HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -215,7 +215,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState001, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState002, TestSize.Level1) +HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState002, TestSize.Level0) { std::vector permsList; PermissionGrantInfo info; @@ -237,7 +237,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState002, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState003, TestSize.Level1) +HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState003, TestSize.Level0) { MockNativeToken mock("hdcd"); std::vector permsList3; @@ -256,7 +256,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState003, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState004, TestSize.Level1) +HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState004, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; @@ -277,7 +277,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState004, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState005, TestSize.Level1) +HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState005, TestSize.Level0) { std::vector permsList4; PermissionListState tmp = { @@ -295,7 +295,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState005, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState006, TestSize.Level1) +HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState006, TestSize.Level0) { std::vector permsList; PermissionListState tmp = { @@ -379,7 +379,7 @@ HapPolicyParams GetPolicyParam() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState007, TestSize.Level1) +HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState007, TestSize.Level0) { HapPolicyParams policyParam = GetPolicyParam(); AccessTokenIDEx tokenIdEx = TestCommon::AllocAndGrantHapTokenByTest(g_infoManager, policyParam); @@ -425,7 +425,7 @@ HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState007, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState008, TestSize.Level1) +HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState008, TestSize.Level0) { HapPolicyParams policyParam = GetPolicyParam(); AccessTokenIDEx tokenIdEx = TestCommon::AllocAndGrantHapTokenByTest(g_infoManager, policyParam); @@ -494,7 +494,7 @@ HapPolicyParams getHapPolicyLocationParams(const std::vector& permi * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState009, TestSize.Level1) +HWTEST_F(GetSelfPermissionStateTest, GetSelfPermissionsState009, TestSize.Level0) { std::vector permissions = {LOCATION_PERMISSION, APPROXIMATELY_LOCATION_PERMISSION}; HapPolicyParams policyParam = getHapPolicyLocationParams(permissions); diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp index cd529a108..f962bcf97 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/get_self_permission_status_test.cpp @@ -129,7 +129,7 @@ void GetSelfPermissionStatusTest::TearDown() * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus001, TestSize.Level1) +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -168,7 +168,7 @@ HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus001, TestSize.Level * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus002, TestSize.Level1) +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus002, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -221,7 +221,7 @@ HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus002, TestSize.Level * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus003, TestSize.Level1) +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus003, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -269,7 +269,7 @@ HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus003, TestSize.Level * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus004, TestSize.Level1) +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus004, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -317,7 +317,7 @@ HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus004, TestSize.Level * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus005, TestSize.Level1) +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus005, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -366,7 +366,7 @@ HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus005, TestSize.Level * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus006, TestSize.Level1) +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus006, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -400,7 +400,7 @@ HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus006, TestSize.Level * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus007, TestSize.Level1) +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus007, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -457,7 +457,7 @@ HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus007, TestSize.Level * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus008, TestSize.Level1) +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus008, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; @@ -519,7 +519,7 @@ HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus008, TestSize.Level * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus009, TestSize.Level1) +HWTEST_F(GetSelfPermissionStatusTest, GetSelfPermissionStatus009, TestSize.Level0) { AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle(TEST_USER_ID, TEST_BUNDLE_NAME, 0); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp index d3a0dfb5b..120bfdee8 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/request_permission_on_setting_test.cpp @@ -63,7 +63,6 @@ HWTEST_F(RequestPermissionOnSettingTest, RequestAppPermOnSettingTest001, TestSiz uint64_t tokenID = 0; ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, AccessTokenKit::RequestAppPermOnSetting(tokenID)); - GTEST_LOG_(INFO) << "------------2, tokenID is " << GetSelfTokenID(); tokenID = 123; // 123: invalid token ASSERT_EQ(AccessTokenError::ERR_TOKENID_NOT_EXIST, AccessTokenKit::RequestAppPermOnSetting(tokenID)); } diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp index abcfeb50a..6f9c1ecdf 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermisionDialogTest/set_perm_dialog_cap_test.cpp @@ -83,7 +83,7 @@ void SetPermDialogCapTest::TearDown() * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(SetPermDialogCapTest, SetPermDialogCapAbnormalTest001, TestSize.Level1) +HWTEST_F(SetPermDialogCapTest, SetPermDialogCapAbnormalTest001, TestSize.Level0) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG"); @@ -106,7 +106,7 @@ HWTEST_F(SetPermDialogCapTest, SetPermDialogCapAbnormalTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(SetPermDialogCapTest, SetPermDialogCapFuncTest001, TestSize.Level1) +HWTEST_F(SetPermDialogCapTest, SetPermDialogCapFuncTest001, TestSize.Level0) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.DISABLE_PERMISSION_DIALOG"); diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp index 78a607366..7fefd43df 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp @@ -106,7 +106,7 @@ void GetPermissionTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest001, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionUsedTypeAbnormalTest001"); std::string permisson = "ohos.permission.CAMERA"; @@ -123,7 +123,7 @@ HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest002, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionUsedTypeAbnormalTest002"); @@ -161,7 +161,7 @@ HWTEST_F(GetPermissionTest, GetPermissionUsedTypeAbnormalTest002, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionTest, GetPermissionUsedTypeFuncTest001, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetPermissionUsedTypeFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionUsedTypeFuncTest001"); @@ -211,7 +211,7 @@ HWTEST_F(GetPermissionTest, GetPermissionUsedTypeFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetPermissionTest, GetDefPermissionFuncTest001, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetDefPermissionFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetDefPermissionFuncTest001"); @@ -245,7 +245,7 @@ HWTEST_F(GetPermissionTest, GetDefPermissionFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest001, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetReqPermissionsFuncTest001"); std::vector reqPerm; @@ -271,7 +271,7 @@ HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest002, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetReqPermissionsFuncTest002"); std::vector reqPerm; @@ -297,7 +297,7 @@ HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest003, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetReqPermissionsFuncTest003"); std::vector reqPerm; @@ -368,7 +368,7 @@ HWTEST_F(GetPermissionTest, GetReqPermissionsFuncTest004, TestSize.Level0) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetPermissionTest, GetReqPermissionsAbnormalTest001, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetReqPermissionsAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetReqPermissionsAbnormalTest001"); std::vector reqPerm; @@ -421,7 +421,7 @@ HWTEST_F(GetPermissionTest, GetReqPermissionsSpecTest001, TestSize.Level0) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionTest, GetPermissionManagerInfoFuncTest001, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetPermissionManagerInfoFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetPermissionManagerInfoFuncTest001"); @@ -436,7 +436,7 @@ HWTEST_F(GetPermissionTest, GetPermissionManagerInfoFuncTest001, TestSize.Level1 * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetPermissionTest, GetTokenIDByUserID001, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetTokenIDByUserID001, TestSize.Level0) { MockNativeToken mock("accesstoken_service"); int32_t userID = -1; @@ -456,7 +456,7 @@ HWTEST_F(GetPermissionTest, GetTokenIDByUserID001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetPermissionTest, ReloadNativeTokenInfo001, TestSize.Level1) +HWTEST_F(GetPermissionTest, ReloadNativeTokenInfo001, TestSize.Level0) { int32_t ret = AccessTokenKit::ReloadNativeTokenInfo(); ASSERT_EQ(RET_SUCCESS, ret); @@ -468,7 +468,7 @@ HWTEST_F(GetPermissionTest, ReloadNativeTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionTest, GetKernelPermissionTest001, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetKernelPermissionTest001, TestSize.Level0) { std::vector kernelPermList; { @@ -494,7 +494,7 @@ HWTEST_F(GetPermissionTest, GetKernelPermissionTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetPermissionTest, GetReqPermissionByNameTest001, TestSize.Level1) +HWTEST_F(GetPermissionTest, GetReqPermissionByNameTest001, TestSize.Level0) { std::string value; std::vector kernelPermList; diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp index c88a7bc8a..e61f22b39 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/grant_permission_for_specified_time_test.cpp @@ -103,7 +103,7 @@ void GrantPermissionForSpecifiedTimeTest::TearDown() * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest001, TestSize.Level1) +HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeAbnormalTest001"); AccessTokenID tokenId = INVALID_TOKENID; @@ -141,7 +141,7 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbn * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest002, TestSize.Level1) +HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeAbnormalTest002"); HapPolicyParams policyPrams = g_policyPrams; @@ -166,7 +166,7 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbn * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest003, TestSize.Level1) +HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeAbnormalTest003"); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle( @@ -186,7 +186,7 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbn * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest004, TestSize.Level1) +HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbnormalTest004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeAbnormalTest004"); uint64_t selfTokenId = GetSelfTokenID(); @@ -208,7 +208,7 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeAbn * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeSpecsTest001, TestSize.Level1) +HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeSpecsTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeSpecsTest001"); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle( @@ -235,7 +235,7 @@ HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeSpe * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeSpecsTest002, TestSize.Level1) +HWTEST_F(GrantPermissionForSpecifiedTimeTest, GrantPermissionForSpecifiedTimeSpecsTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GrantPermissionForSpecifiedTimeSpecsTest002"); AccessTokenIDEx tokenIdEx = TestCommon::GetHapTokenIdFromBundle( diff --git a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp index 6d919b20c..ee7af7baf 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp @@ -78,7 +78,7 @@ void AccessTokenMockTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, InitHapToken001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, InitHapToken001, TestSize.Level4) { AccessTokenIDEx tokenIdEx = {0}; int32_t ret = AccessTokenKit::InitHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx); @@ -91,7 +91,7 @@ HWTEST_F(AccessTokenMockTest, InitHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, AllocHapToken001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, AllocHapToken001, TestSize.Level4) { AccessTokenIDEx tokenIdEx = {0}; tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); @@ -104,7 +104,7 @@ HWTEST_F(AccessTokenMockTest, AllocHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, AllocLocalTokenID001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, AllocLocalTokenID001, TestSize.Level4) { std::string remoteDevice = "remote device"; AccessTokenID tokenId = 123; @@ -118,7 +118,7 @@ HWTEST_F(AccessTokenMockTest, AllocLocalTokenID001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, UpdateHapToken001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, UpdateHapToken001, TestSize.Level4) { AccessTokenIDEx tokenIdEx = {0}; tokenIdEx.tokenIdExStruct.tokenID = 123; @@ -136,7 +136,7 @@ HWTEST_F(AccessTokenMockTest, UpdateHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, DeleteToken001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, DeleteToken001, TestSize.Level4) { AccessTokenID tokenId = 123; ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::DeleteToken(tokenId)); @@ -148,7 +148,7 @@ HWTEST_F(AccessTokenMockTest, DeleteToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetTokenType001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetTokenType001, TestSize.Level4) { AccessTokenID tokenId = 123; ASSERT_EQ(TOKEN_INVALID, AccessTokenKit::GetTokenType(tokenId)); @@ -160,7 +160,7 @@ HWTEST_F(AccessTokenMockTest, GetTokenType001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetHapTokenID001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetHapTokenID001, TestSize.Level4) { int32_t userID = 0; std::string bundleName = "test"; @@ -175,7 +175,7 @@ HWTEST_F(AccessTokenMockTest, GetHapTokenID001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetHapTokenIDEx001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetHapTokenIDEx001, TestSize.Level4) { int32_t userID = 0; std::string bundleName = "test"; @@ -190,7 +190,7 @@ HWTEST_F(AccessTokenMockTest, GetHapTokenIDEx001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetHapTokenInfo001, TestSize.Level4) { AccessTokenID tokenId = 123; HapTokenInfo tokenInfo; @@ -203,7 +203,7 @@ HWTEST_F(AccessTokenMockTest, GetHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetNativeTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetNativeTokenInfo001, TestSize.Level4) { AccessTokenID tokenId = 805920561; //805920561 is a native tokenId. NativeTokenInfo tokenInfo; @@ -216,7 +216,7 @@ HWTEST_F(AccessTokenMockTest, GetNativeTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, VerifyAccessToken001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, VerifyAccessToken001, TestSize.Level4) { AccessTokenID tokenId = 123; std::string permission = "ohos.permission.CAMERA"; @@ -230,7 +230,7 @@ HWTEST_F(AccessTokenMockTest, VerifyAccessToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, VerifyAccessToken002, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, VerifyAccessToken002, TestSize.Level4) { AccessTokenID callerTokenID = 123; AccessTokenID firstTokenID = 456; @@ -245,7 +245,7 @@ HWTEST_F(AccessTokenMockTest, VerifyAccessToken002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, VerifyAccessTokenWithList001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, VerifyAccessTokenWithList001, TestSize.Level4) { AccessTokenID tokenId = 123; std::vector permissionList = {"ohos.permission.CAMERA"}; @@ -264,7 +264,7 @@ HWTEST_F(AccessTokenMockTest, VerifyAccessTokenWithList001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetDefPermission001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetDefPermission001, TestSize.Level4) { std::string permission = "ohos.permission.CAMERA"; PermissionDef def; @@ -277,7 +277,7 @@ HWTEST_F(AccessTokenMockTest, GetDefPermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetReqPermissions001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetReqPermissions001, TestSize.Level4) { AccessTokenID tokenId = 123; std::vector permList; @@ -290,7 +290,7 @@ HWTEST_F(AccessTokenMockTest, GetReqPermissions001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetTokenIDByUserID001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetTokenIDByUserID001, TestSize.Level4) { int32_t userID = 1; std::unordered_set tokenIdList; @@ -303,7 +303,7 @@ HWTEST_F(AccessTokenMockTest, GetTokenIDByUserID001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetPermissionFlag001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetPermissionFlag001, TestSize.Level4) { AccessTokenID tokenId = 123; std::string permission = "ohos.permission.CAMERA"; @@ -317,7 +317,7 @@ HWTEST_F(AccessTokenMockTest, GetPermissionFlag001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, SetPermissionRequestToggleStatus001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, SetPermissionRequestToggleStatus001, TestSize.Level4) { int32_t userID = 123; std::string permission = "ohos.permission.CAMERA"; @@ -332,7 +332,7 @@ HWTEST_F(AccessTokenMockTest, SetPermissionRequestToggleStatus001, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetPermissionRequestToggleStatus001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetPermissionRequestToggleStatus001, TestSize.Level4) { int32_t userID = 123; std::string permission = "ohos.permission.CAMERA"; @@ -347,7 +347,7 @@ HWTEST_F(AccessTokenMockTest, GetPermissionRequestToggleStatus001, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetSelfPermissionStatus001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetSelfPermissionStatus001, TestSize.Level4) { std::string permission = "ohos.permission.CAMERA"; PermissionOper status; @@ -360,7 +360,7 @@ HWTEST_F(AccessTokenMockTest, GetSelfPermissionStatus001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetSelfPermissionsState001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetSelfPermissionsState001, TestSize.Level4) { std::vector permList; PermissionGrantInfo info; @@ -373,7 +373,7 @@ HWTEST_F(AccessTokenMockTest, GetSelfPermissionsState001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetPermissionsStatus001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetPermissionsStatus001, TestSize.Level4) { AccessTokenID tokenId = 123; std::vector permsList; @@ -392,7 +392,7 @@ HWTEST_F(AccessTokenMockTest, GetPermissionsStatus001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GrantPermission001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GrantPermission001, TestSize.Level4) { AccessTokenID tokenId = 123; std::string permission = "ohos.permission.CAMERA"; @@ -406,7 +406,7 @@ HWTEST_F(AccessTokenMockTest, GrantPermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, RevokePermission001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, RevokePermission001, TestSize.Level4) { AccessTokenID tokenId = 123; std::string permission = "ohos.permission.CAMERA"; @@ -420,7 +420,7 @@ HWTEST_F(AccessTokenMockTest, RevokePermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, ClearUserGrantedPermissionState001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, ClearUserGrantedPermissionState001, TestSize.Level4) { AccessTokenID tokenId = 123; ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::ClearUserGrantedPermissionState(tokenId)); @@ -445,7 +445,7 @@ public: * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, RegisterPermStateChangeCallback001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, RegisterPermStateChangeCallback001, TestSize.Level4) { PermStateChangeScope scopeInfo; scopeInfo.permList = {"ohos.permission.CAMERA"}; @@ -461,7 +461,7 @@ HWTEST_F(AccessTokenMockTest, RegisterPermStateChangeCallback001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, ReloadNativeTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, ReloadNativeTokenInfo001, TestSize.Level4) { ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::ReloadNativeTokenInfo()); } @@ -472,7 +472,7 @@ HWTEST_F(AccessTokenMockTest, ReloadNativeTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(AccessTokenMockTest, GetNativeTokenId001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetNativeTokenId001, TestSize.Level4) { std::string processName = "hdcd"; AccessTokenID tokenID = AccessTokenKit::GetNativeTokenId(processName); @@ -486,7 +486,7 @@ HWTEST_F(AccessTokenMockTest, GetNativeTokenId001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetHapTokenInfoFromRemote001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetHapTokenInfoFromRemote001, TestSize.Level4) { AccessTokenID tokenId = 123; HapTokenInfoForSync hapSync; @@ -499,7 +499,7 @@ HWTEST_F(AccessTokenMockTest, GetHapTokenInfoFromRemote001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, SetRemoteHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, SetRemoteHapTokenInfo001, TestSize.Level4) { std::string device = "device"; HapTokenInfoForSync hapSync; @@ -512,7 +512,7 @@ HWTEST_F(AccessTokenMockTest, SetRemoteHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, DeleteRemoteToken001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, DeleteRemoteToken001, TestSize.Level4) { std::string device = "device"; AccessTokenID tokenId = 123; @@ -525,7 +525,7 @@ HWTEST_F(AccessTokenMockTest, DeleteRemoteToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetRemoteNativeTokenID001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetRemoteNativeTokenID001, TestSize.Level4) { std::string device = "device"; AccessTokenID tokenId = 123; @@ -538,7 +538,7 @@ HWTEST_F(AccessTokenMockTest, GetRemoteNativeTokenID001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, DeleteRemoteDeviceTokens001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, DeleteRemoteDeviceTokens001, TestSize.Level4) { std::string device = "device"; ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::DeleteRemoteDeviceTokens(device)); @@ -550,7 +550,7 @@ HWTEST_F(AccessTokenMockTest, DeleteRemoteDeviceTokens001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, RegisterTokenSyncCallback001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, RegisterTokenSyncCallback001, TestSize.Level4) { std::shared_ptr callback = std::make_shared(); EXPECT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::RegisterTokenSyncCallback(callback)); @@ -564,7 +564,7 @@ HWTEST_F(AccessTokenMockTest, RegisterTokenSyncCallback001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, DumpTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, DumpTokenInfo001, TestSize.Level4) { std::string dumpInfo; AtmToolsParamInfo info; @@ -579,7 +579,7 @@ HWTEST_F(AccessTokenMockTest, DumpTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, SetPermDialogCap001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, SetPermDialogCap001, TestSize.Level4) { HapBaseInfo hapBaseInfo; ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::SetPermDialogCap(hapBaseInfo, true)); @@ -591,7 +591,7 @@ HWTEST_F(AccessTokenMockTest, SetPermDialogCap001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetPermissionManagerInfo001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetPermissionManagerInfo001, TestSize.Level4) { PermissionGrantInfo info; AccessTokenKit::GetPermissionManagerInfo(info); @@ -604,7 +604,7 @@ HWTEST_F(AccessTokenMockTest, GetPermissionManagerInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GrantPermissionForSpecifiedTime001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GrantPermissionForSpecifiedTime001, TestSize.Level4) { AccessTokenID tokenId = 123; std::string permission = "permission"; @@ -619,7 +619,7 @@ HWTEST_F(AccessTokenMockTest, GrantPermissionForSpecifiedTime001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, RequestAppPermOnSettingTest001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, RequestAppPermOnSettingTest001, TestSize.Level4) { AccessTokenID tokenId = 123; ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::RequestAppPermOnSetting(tokenId)); @@ -631,7 +631,7 @@ HWTEST_F(AccessTokenMockTest, RequestAppPermOnSettingTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenMockTest, GetKernelPermissions001, TestSize.Level1) +HWTEST_F(AccessTokenMockTest, GetKernelPermissions001, TestSize.Level4) { AccessTokenID tokenId = 123; std::vector kernelPermList; diff --git a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp index d7c7d250d..e5f7e623f 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/register_perm_state_change_callback_test.cpp @@ -105,7 +105,7 @@ public: * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest001, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackFuncTest001"); PermStateChangeScope scopeInfo; @@ -163,7 +163,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest002, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackFuncTest002"); PermStateChangeScope scopeInfo; @@ -220,7 +220,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest003, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackFuncTest003"); PermStateChangeScope scopeInfo; @@ -260,7 +260,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest004, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFuncTest004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackFuncTest004"); @@ -347,7 +347,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackFun * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest001, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackAbnormalTest001"); PermStateChangeScope scopeInfo; @@ -393,7 +393,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbn * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest002, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackAbnormalTest002"); PermStateChangeScope scopeInfo; @@ -442,7 +442,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbn * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest003, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbnormalTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackAbnormalTest003"); int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(nullptr); @@ -455,7 +455,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackAbn * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest001, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackSpecTest001"); PermStateChangeScope scopeInfo; @@ -481,7 +481,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest002, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackSpecTest002"); PermStateChangeScope scopeInfo; @@ -523,7 +523,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest003, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackSpecTest003"); PermStateChangeScope scopeInfo; @@ -555,7 +555,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest004, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackSpecTest004"); PermStateChangeScope scopeInfo; @@ -612,7 +612,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest005, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpecTest005, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "RegisterPermStateChangeCallbackSpecTest005"); PermStateChangeScope scopeInfo; @@ -671,7 +671,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterPermStateChangeCallbackSpe * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback001, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback001, TestSize.Level0) { static HapPolicyParams infoManagerTestPolicyPrams1 = { .apl = APL_NORMAL, @@ -724,7 +724,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback002, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback002, TestSize.Level0) { static HapPolicyParams infoManagerTestPolicyPrams1 = { .apl = APL_NORMAL, @@ -772,7 +772,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback003, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback003, TestSize.Level0) { static HapPolicyParams infoManagerTestPolicyPrams1 = { .apl = APL_NORMAL, @@ -825,7 +825,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback004, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback004, TestSize.Level0) { PermissionStateFull infoManagerTestStateB = { .permissionName = "ohos.permission.MICROPHONE", @@ -885,7 +885,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback005, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback005, TestSize.Level0) { static PermissionStateFull infoManagerTestStateA = { .permissionName = "ohos.permission.CAMERA", @@ -949,7 +949,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback006, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback006, TestSize.Level0) { static PermissionStateFull infoManagerTestStateA = { .permissionName = "ohos.permission.GET_BUNDLE_INFO", @@ -995,7 +995,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback007, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback007, TestSize.Level0) { static HapPolicyParams infoManagerTestPolicyPrams1 = { .apl = APL_NORMAL, @@ -1027,7 +1027,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback008, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback008, TestSize.Level0) { static HapPolicyParams infoManagerTestPolicyPrams1 = { .apl = APL_NORMAL, @@ -1082,7 +1082,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback009, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback009, TestSize.Level0) { static HapPolicyParams infoManagerTestPolicyPrams1 = { .apl = APL_NORMAL, @@ -1129,7 +1129,7 @@ HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallbac * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback010, TestSize.Level1) +HWTEST_F(RegisterPermStateChangeCallbackTest, RegisterSelfPermStateChangeCallback010, TestSize.Level0) { int32_t res = AccessTokenKit::RegisterSelfPermStateChangeCallback(nullptr); ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, res); diff --git a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp index d56b32c8a..d2d5cd821 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/RegisterCallbackTest/un_register_perm_state_change_callback_test.cpp @@ -95,7 +95,7 @@ public: * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbackAbnormalTest001, TestSize.Level1) +HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbackAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UnRegisterPermStateChangeCallbackAbnormalTest001"); PermStateChangeScope scopeInfo; @@ -114,7 +114,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbac * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbackSpecTest001, TestSize.Level1) +HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbackSpecTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "UnRegisterPermStateChangeCallbackSpecTest001"); PermStateChangeScope scopeInfo; @@ -170,7 +170,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterPermStateChangeCallbac * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback001, TestSize.Level1) +HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback001, TestSize.Level0) { static PermissionStateFull infoManagerTestStateA = { .permissionName = "ohos.permission.CAMERA", @@ -210,7 +210,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback002, TestSize.Level1) +HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback002, TestSize.Level0) { static PermissionStateFull infoManagerTestStateA = { .permissionName = "ohos.permission.CAMERA", @@ -256,7 +256,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback003, TestSize.Level1) +HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback003, TestSize.Level0) { static PermissionStateFull infoManagerTestStateA = { .permissionName = "ohos.permission.CAMERA", @@ -313,7 +313,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback004, TestSize.Level1) +HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback004, TestSize.Level0) { static PermissionStateFull infoManagerTestStateA = { .permissionName = "ohos.permission.CAMERA", @@ -377,7 +377,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback005, TestSize.Level1) +HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback005, TestSize.Level0) { static PermissionStateFull infoManagerTestStateA = { .permissionName = "ohos.permission.CAMERA", @@ -436,7 +436,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback006, TestSize.Level1) +HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback006, TestSize.Level0) { static PermissionStateFull infoManagerTestStateA = { .permissionName = "ohos.permission.CAMERA", @@ -502,7 +502,7 @@ HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCal * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback007, TestSize.Level1) +HWTEST_F(UnRegisterPermStateChangeCallbackTest, UnRegisterSelfPermStateChangeCallback007, TestSize.Level0) { static PermissionStateFull infoManagerTestStateA = { .permissionName = "ohos.permission.CAMERA", diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp index 5c945a183..9022d861f 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_id_test.cpp @@ -64,7 +64,7 @@ void GetNativeTokenIdTest::TearDown() * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest001, TestSize.Level1) +HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenIdAbnormalTest001"); std::string processName = ""; @@ -80,7 +80,7 @@ HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest002, TestSize.Level1) +HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenIdAbnormalTest002"); std::string processName = "hdcd"; @@ -102,7 +102,7 @@ HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest003, TestSize.Level1) +HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenIdAbnormalTest003"); int32_t gSelfUid = getuid(); @@ -122,7 +122,7 @@ HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdAbnormalTest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdFuncTest001, TestSize.Level1) +HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenIdFuncTest001"); MockNativeToken mock("accesstoken_service"); @@ -142,7 +142,7 @@ HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdFuncTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdFuncTest002, TestSize.Level1) +HWTEST_F(GetNativeTokenIdTest, GetNativeTokenIdFuncTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenIdFuncTest002"); std::string processName = "hdcd"; diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp index 9ad51d8f1..b041dda30 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/get_native_token_info_test.cpp @@ -93,7 +93,7 @@ void GetNativeTokenInfoTest::TearDown() * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetNativeTokenInfoTest, GeTokenInfoAbnormalTest001, TestSize.Level1) +HWTEST_F(GetNativeTokenInfoTest, GeTokenInfoAbnormalTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GeTokenInfoAbnormalTest001"); AccessTokenID tokenID = 0; @@ -110,7 +110,7 @@ HWTEST_F(GetNativeTokenInfoTest, GeTokenInfoAbnormalTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest002, TestSize.Level1) +HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenInfoAbnormalTest002"); MockNativeToken mock("accesstoken_service"); @@ -137,7 +137,7 @@ HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest003, TestSize.Level1) +HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenInfoAbnormalTest002"); g_selfUid = getuid(); @@ -159,7 +159,7 @@ HWTEST_F(GetNativeTokenInfoTest, GetTokenInfoAbnormalTest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(GetNativeTokenInfoTest, GetNativeTokenInfoFuncTest001, TestSize.Level1) +HWTEST_F(GetNativeTokenInfoTest, GetNativeTokenInfoFuncTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetNativeTokenInfoFuncTest001"); MockNativeToken mock("accesstoken_service"); diff --git a/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp index 2228b119b..2cfd58c35 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp @@ -105,7 +105,7 @@ AccessTokenID SecurityComponentGrantTest::AllocTestToken() const * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest001, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest001, TestSize.Level0) { AccessTokenID tokenID = AllocTestToken(); ASSERT_NE(tokenID, INVALID_TOKENID); @@ -138,7 +138,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest001, TestSize.Lev * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest002, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest002, TestSize.Level0) { AccessTokenID tokenID = AllocTestToken(); ASSERT_NE(tokenID, INVALID_TOKENID); @@ -175,7 +175,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest002, TestSize.Lev * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest003, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest003, TestSize.Level0) { AccessTokenID tokenID = AllocTestToken(); ASSERT_NE(tokenID, INVALID_TOKENID); @@ -212,7 +212,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest003, TestSize.Lev * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest004, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest004, TestSize.Level0) { AccessTokenID tokenID = AllocTestToken(); ASSERT_NE(tokenID, INVALID_TOKENID); @@ -249,7 +249,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest004, TestSize.Lev * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest005, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest005, TestSize.Level0) { AccessTokenID tokenID = AllocTestToken(); ASSERT_NE(tokenID, INVALID_TOKENID); @@ -286,7 +286,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest005, TestSize.Lev * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest006, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest006, TestSize.Level0) { AccessTokenID tokenID = AllocTestToken(); ASSERT_NE(tokenID, INVALID_TOKENID); @@ -326,7 +326,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest006, TestSize.Lev * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest007, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest007, TestSize.Level0) { uint64_t selfToken = GetSelfTokenID(); MockNativeToken mock("foundation"); @@ -377,7 +377,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest007, TestSize.Lev * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest008, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest008, TestSize.Level0) { AccessTokenID tokenID = AllocTestToken(); ASSERT_NE(tokenID, INVALID_TOKENID); @@ -428,7 +428,7 @@ public: * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest009, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest009, TestSize.Level0) { PermStateChangeScope scopeInfo9; scopeInfo9.permList = {TEST_PERMISSION}; @@ -481,7 +481,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest009, TestSize.Lev * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest010, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest010, TestSize.Level0) { PermStateChangeScope scopeInfo10; scopeInfo10.permList = {TEST_PERMISSION}; @@ -528,7 +528,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest010, TestSize.Lev * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest011, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest011, TestSize.Level0) { PermStateChangeScope scopeInfo; scopeInfo.permList = {TEST_PERMISSION_NOT_REQUESTED}; @@ -575,7 +575,7 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest011, TestSize.Lev * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(SecurityComponentGrantTest, RegisterSecCompEnhance001, TestSize.Level1) +HWTEST_F(SecurityComponentGrantTest, RegisterSecCompEnhance001, TestSize.Level0) { SecCompEnhanceData data; data.callback = nullptr; diff --git a/interfaces/innerkits/analysis_model/test/BUILD.gn b/interfaces/innerkits/analysis_model/test/BUILD.gn index 265879a60..d2141ee95 100644 --- a/interfaces/innerkits/analysis_model/test/BUILD.gn +++ b/interfaces/innerkits/analysis_model/test/BUILD.gn @@ -16,8 +16,7 @@ import("../../../../access_token.gni") ohos_unittest("lib_code_signature_analysis_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/interfaces/innerkits/nativetoken/test/BUILD.gn b/interfaces/innerkits/nativetoken/test/BUILD.gn index 683d5e331..4b3ce9e28 100644 --- a/interfaces/innerkits/nativetoken/test/BUILD.gn +++ b/interfaces/innerkits/nativetoken/test/BUILD.gn @@ -16,8 +16,7 @@ import("../../../../access_token.gni") ohos_unittest("libnativetoken_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true @@ -45,8 +44,7 @@ ohos_unittest("libnativetoken_test") { ohos_unittest("libnativetoken_mock_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp index ef6f8bf96..b88a09059 100644 --- a/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp +++ b/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp @@ -122,7 +122,7 @@ static void CopyNativeTokenJson(const std::string& sourceFileName, const std::st * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, UpdateGoalItemFromRecord001, TestSize.Level1) +HWTEST_F(TokenOperTest, UpdateGoalItemFromRecord001, TestSize.Level0) { SetTimes(); NativeTokenList tokenNode; @@ -149,7 +149,7 @@ HWTEST_F(TokenOperTest, UpdateGoalItemFromRecord001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, UpdateItemcontent001, TestSize.Level1) +HWTEST_F(TokenOperTest, UpdateItemcontent001, TestSize.Level0) { SetTimes(); g_createNumberTime = DEFAULT_TIME; @@ -178,7 +178,7 @@ HWTEST_F(TokenOperTest, UpdateItemcontent001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, UpdateItemcontent002, TestSize.Level1) +HWTEST_F(TokenOperTest, UpdateItemcontent002, TestSize.Level0) { SetTimes(); NativeTokenList tokenNode; @@ -216,7 +216,7 @@ HWTEST_F(TokenOperTest, UpdateItemcontent002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, UpdateItemcontent003, TestSize.Level1) +HWTEST_F(TokenOperTest, UpdateItemcontent003, TestSize.Level0) { SetTimes(); NativeTokenList tokenNode; @@ -267,7 +267,7 @@ HWTEST_F(TokenOperTest, UpdateItemcontent003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, UpdateItemcontent004, TestSize.Level1) +HWTEST_F(TokenOperTest, UpdateItemcontent004, TestSize.Level0) { SetTimes(); NativeTokenList tokenNode; @@ -325,7 +325,7 @@ HWTEST_F(TokenOperTest, UpdateItemcontent004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject001, TestSize.Level1) +HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject001, TestSize.Level0) { SetTimes(); NativeTokenList tokenNode; @@ -394,7 +394,7 @@ HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject002, TestSize.Level1) +HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject002, TestSize.Level0) { SetTimes(); NativeTokenList tokenNode; @@ -434,7 +434,7 @@ HWTEST_F(TokenOperTest, CreateNativeTokenJsonObject002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, GetNativeTokenFromJson001, TestSize.Level1) +HWTEST_F(TokenOperTest, GetNativeTokenFromJson001, TestSize.Level0) { SetTimes(); EXPECT_EQ(IsFileEmpty(TOKEN_ID_CFG_FILE_PATH), false); @@ -511,7 +511,7 @@ static int32_t Start(const char *processName) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level1) +HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level0) { SetTimes(); CopyNativeTokenJson(TOKEN_ID_CFG_FILE_PATH, TOKEN_ID_CFG_FILE_COPY_PATH); @@ -547,7 +547,7 @@ HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, RemoveNodeFromList001, TestSize.Level1) +HWTEST_F(TokenOperTest, RemoveNodeFromList001, TestSize.Level0) { CopyNativeTokenJson(TOKEN_ID_CFG_FILE_PATH, TOKEN_ID_CFG_FILE_COPY_PATH); AtlibInit(); diff --git a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp index ddb70a17a..931819f74 100644 --- a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp +++ b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp @@ -189,7 +189,7 @@ int32_t Start(const char *processName) * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level0) { const char **dcaps = new (std::nothrow) const char *[2]; ASSERT_NE(dcaps, nullptr); @@ -246,7 +246,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level0) { const char **dcaps = new (std::nothrow) const char *[32]; ASSERT_NE(dcaps, nullptr); @@ -301,7 +301,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level0) { const char **dcaps = new (std::nothrow) const char *[2]; ASSERT_NE(dcaps, nullptr); @@ -367,7 +367,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level0) { const char **dcaps = new (std::nothrow) const char *[2]; ASSERT_NE(dcaps, nullptr); @@ -401,7 +401,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level0) { uint64_t tokenId01 = Start("GetAccessTokenId005"); ASSERT_NE(tokenId01, 0); @@ -418,7 +418,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId006, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId006, TestSize.Level0) { uint64_t tokenID; tokenID = Start("GetAccessTokenId006"); @@ -439,7 +439,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId006, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level0) { const char **perms = new (std::nothrow) const char *[MAX_PERM_NUM]; ASSERT_NE(perms, nullptr); @@ -493,7 +493,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level0) { const char **dcaps = new (std::nothrow) const char *[2]; ASSERT_NE(dcaps, nullptr); @@ -534,7 +534,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level0) { const char **perms = new (std::nothrow) const char *[2]; ASSERT_NE(perms, nullptr); @@ -599,7 +599,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level0) { char processName[200][MAX_PROCESS_NAME_LEN]; /* enable 200 process before fondation is prepared */ @@ -629,7 +629,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level0) { Start("process1"); Start("process2"); @@ -661,7 +661,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000H09K6 */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level0) { const char **dcaps = new (std::nothrow) const char *[2]; ASSERT_NE(dcaps, nullptr); @@ -699,7 +699,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000H09K6 */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId013, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId013, TestSize.Level0) { const char **acls = new (std::nothrow) const char *[2]; ASSERT_NE(acls, nullptr); @@ -806,7 +806,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId014, TestSize.Level0) * @tc.type: FUNC * @tc.require:AR000H09K6 */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId015, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId015, TestSize.Level0) { const char **perms = new (std::nothrow) const char *[MAX_PERM_NUM + 1]; ASSERT_NE(perms, nullptr); diff --git a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp index 6734205df..34821f693 100644 --- a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp +++ b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_oper_test.cpp @@ -43,7 +43,7 @@ void TokenOperTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, FreeStrArray001, TestSize.Level1) +HWTEST_F(TokenOperTest, FreeStrArray001, TestSize.Level0) { const int32_t testSize = 2; // 2 means test size char **test = reinterpret_cast(malloc(sizeof(char *) * testSize)); @@ -71,7 +71,7 @@ HWTEST_F(TokenOperTest, FreeStrArray001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, GetProcessNameFromJson001, TestSize.Level1) +HWTEST_F(TokenOperTest, GetProcessNameFromJson001, TestSize.Level0) { NativeTokenList tokenNode; std::string stringJson1 = R"()"\ @@ -109,7 +109,7 @@ HWTEST_F(TokenOperTest, GetProcessNameFromJson001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, GetTokenIdFromJson001, TestSize.Level1) +HWTEST_F(TokenOperTest, GetTokenIdFromJson001, TestSize.Level0) { NativeTokenList tokenNode; const char *stringJson1 = "{\"processName\":\"partitionslot_host\"," @@ -140,7 +140,7 @@ HWTEST_F(TokenOperTest, GetTokenIdFromJson001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, GetAplFromJson001, TestSize.Level1) +HWTEST_F(TokenOperTest, GetAplFromJson001, TestSize.Level0) { NativeTokenList tokenNode; const char *stringJson1 = "{\"APL\":2}"; @@ -175,7 +175,7 @@ HWTEST_F(TokenOperTest, GetAplFromJson001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level1) +HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level0) { const int32_t testSize = 2; int32_t resSize; @@ -214,7 +214,7 @@ HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenOperTest, UpdateGoalItemFromRecord001, TestSize.Level1) +HWTEST_F(TokenOperTest, UpdateGoalItemFromRecord001, TestSize.Level0) { NativeTokenList tokenNode; diff --git a/interfaces/innerkits/privacy/test/BUILD.gn b/interfaces/innerkits/privacy/test/BUILD.gn index 9e90dbb65..45a402c42 100644 --- a/interfaces/innerkits/privacy/test/BUILD.gn +++ b/interfaces/innerkits/privacy/test/BUILD.gn @@ -16,8 +16,7 @@ import("../../../../access_token.gni") ohos_unittest("libprivacy_sdk_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_privacy sanitize = { cfi = true cfi_cross_dso = true @@ -79,8 +78,7 @@ ohos_unittest("libprivacy_sdk_test") { ohos_unittest("libprivacy_mock_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_privacy sanitize = { cfi = true cfi_cross_dso = true diff --git a/interfaces/innerkits/privacy/test/unittest/privacy_mock_test/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/privacy_mock_test/privacy_kit_test.cpp index f548a3bb7..069dce5b9 100644 --- a/interfaces/innerkits/privacy/test/unittest/privacy_mock_test/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/privacy_mock_test/privacy_kit_test.cpp @@ -53,7 +53,7 @@ void PrivacyKitTest::TearDown() * @tc.type: FUNC * @tc.require: issueI5RWX3 issueI5RWX8 */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level0) { AccessTokenID tokenId = 0xff; std::string permissionName = "ohos.permission.CAMERA"; @@ -69,7 +69,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX3 issueI5RWX8 */ -HWTEST_F(PrivacyKitTest, StartUsingPermission001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission001, TestSize.Level0) { AccessTokenID tokenId = 0xff; std::string permissionName = "ohos.permission.CAMERA"; @@ -95,7 +95,7 @@ public: * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level0) { auto callbackPtr = std::make_shared(); AccessTokenID g_TokenId_A = 0xff; @@ -110,7 +110,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX3 issueI5RWX8 */ -HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level0) { AccessTokenID tokenId = 0xff; std::string permissionName = "ohos.permission.CAMERA"; @@ -124,7 +124,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX3 issueI5RWX8 */ -HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level0) { AccessTokenID tokenId = 0xff; int32_t ret = PrivacyKit::RemovePermissionUsedRecords(tokenId); @@ -137,7 +137,7 @@ HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX3 issueI5RWX8 */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level0) { PermissionUsedRequest request; PermissionUsedResult result; @@ -162,7 +162,7 @@ public: * @tc.type: FUNC * @tc.require: issueI5RWX3 issueI5RWX8 */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level0) { PermissionUsedRequest request; OHOS::sptr callback(new TestCallBack()); @@ -192,7 +192,7 @@ public: * @tc.type: FUNC * @tc.require: issueI5RWX3 issueI5RWX8 */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; auto callbackPtr = std::make_shared(permList); @@ -209,7 +209,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX3 issueI5RWX8 */ -HWTEST_F(PrivacyKitTest, IsAllowedUsingPermissionTest001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, IsAllowedUsingPermissionTest001, TestSize.Level0) { AccessTokenID tokenId = 0xff; std::string permissionName = "ohos.permission.CAMERA"; @@ -223,7 +223,7 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermissionTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level0) { int32_t userID = 1; bool status = true; @@ -237,7 +237,7 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level0) { int32_t userID = 1; bool status = true; diff --git a/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp index b207358c8..65d5386c9 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/permission_deny_test.cpp @@ -81,7 +81,7 @@ void PermDenyTest::TearDown() * @tc.type: FUNC * @tc.require: issueI5SRUO */ -HWTEST_F(PermDenyTest, AddPermissionUsedRecord001, TestSize.Level1) +HWTEST_F(PermDenyTest, AddPermissionUsedRecord001, TestSize.Level0) { ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, PrivacyKit::AddPermissionUsedRecord(g_testTokenId, "ohos.permission.CAMERA", 1, 0)); @@ -93,7 +93,7 @@ HWTEST_F(PermDenyTest, AddPermissionUsedRecord001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5SRUO */ -HWTEST_F(PermDenyTest, RemovePermissionUsedRecords001, TestSize.Level1) +HWTEST_F(PermDenyTest, RemovePermissionUsedRecords001, TestSize.Level0) { ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, PrivacyKit::RemovePermissionUsedRecords(g_testTokenId)); } @@ -116,7 +116,7 @@ public: * @tc.type: FUNC * @tc.require: issueI5SRUO */ -HWTEST_F(PermDenyTest, StarAndStoptUsingPermission001, TestSize.Level1) +HWTEST_F(PermDenyTest, StarAndStoptUsingPermission001, TestSize.Level0) { auto callbackPtr = std::make_shared(); ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, @@ -144,7 +144,7 @@ public: * @tc.type: FUNC * @tc.require: issueI5SRUO */ -HWTEST_F(PermDenyTest, GetPermissionUsedRecords001, TestSize.Level1) +HWTEST_F(PermDenyTest, GetPermissionUsedRecords001, TestSize.Level0) { PermissionUsedRequest request; request.tokenId = g_testTokenId; @@ -179,7 +179,7 @@ public: * @tc.type: FUNC * @tc.require: issueI5SRUO */ -HWTEST_F(PermDenyTest, RegisterAndUnregister001, TestSize.Level1) +HWTEST_F(PermDenyTest, RegisterAndUnregister001, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; auto callbackPtr = std::make_shared(permList); @@ -206,7 +206,7 @@ HWTEST_F(PermDenyTest, RegisterAndUnregister001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5SRUO */ -HWTEST_F(PermDenyTest, IsAllowedUsingPermission001, TestSize.Level1) +HWTEST_F(PermDenyTest, IsAllowedUsingPermission001, TestSize.Level0) { ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(123, "ohos.permission.CAMERA")); } diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 05534b091..2aef3adb5 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -369,7 +369,7 @@ static void SleepUtilMinuteEnd() * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level0) { AddPermParamInfo info; info.tokenId = 0; @@ -400,7 +400,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord002, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -436,7 +436,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord003, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_nativeToken; @@ -460,7 +460,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord004, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord004, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -494,7 +494,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord004, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord005, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord005, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -551,7 +551,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord005, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord006, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord006, TestSize.Level0) { SleepUtilMinuteEnd(); AddPermParamInfo info; @@ -587,7 +587,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord006, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI66BH3 */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord007, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord007, TestSize.Level0) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); @@ -608,7 +608,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord007, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord008, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord008, TestSize.Level0) { int32_t permRecordSize = 0; @@ -665,7 +665,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord008, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord009, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord009, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -694,7 +694,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord009, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level0) { ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PrivacyKit::RemovePermissionUsedRecords(0)); } @@ -705,7 +705,7 @@ HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords002, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -729,7 +729,7 @@ HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords003, TestSize.Level0) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); @@ -744,7 +744,7 @@ HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -774,7 +774,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords002, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -819,7 +819,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords003, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -866,7 +866,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords004, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords004, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -902,7 +902,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords004, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI66BH3 */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords005, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords005, TestSize.Level0) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); @@ -923,7 +923,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords005, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI66BH3 */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords006, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords006, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -961,7 +961,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords006, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -984,7 +984,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync002, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -1005,7 +1005,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync003, TestSize.Level0) { std::vector reqPerm; MockHapToken mock("GetPermissionUsedRecordsAsync003", reqPerm, true); @@ -1024,7 +1024,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5P4IU */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync004, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync004, TestSize.Level0) { std::vector reqPerm; MockHapToken mock("GetPermissionUsedRecordsAsync004", reqPerm, false); @@ -1091,7 +1091,7 @@ public: * @tc.type: FUNC * @tc.require: issueI5NT1X issueI5P4IU issueI5P530 */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; @@ -1152,7 +1152,7 @@ public: * @tc.type: FUNC * @tc.require: issueI5NT1X issueI5P4IU issueI5P530 */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback002, TestSize.Level0) { std::vector permList1 = {"ohos.permission.READ_CONTACTS"}; auto callbackPtr1 = std::make_shared(permList1); @@ -1205,7 +1205,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback003, TestSize.Level0) { std::vector permList; for (int32_t i = 0; i < 1024; i++) { // 1024 is the limitation @@ -1226,7 +1226,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback004, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback004, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; std::vector> callbackList; @@ -1255,7 +1255,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback004, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback005, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback005, TestSize.Level0) { std::vector permList = {"ohos.permission.INVALD"}; @@ -1274,7 +1274,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback005, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback006, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback006, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; auto callbackPtr = std::make_shared(permList); @@ -1287,7 +1287,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback006, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback007, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback007, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; auto callbackPtr = std::make_shared(permList); @@ -1303,7 +1303,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback007, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5SZHG */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback008, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback008, TestSize.Level0) { std::vector permList = { "ohos.permission.CAMERA", @@ -1335,7 +1335,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback008, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback009, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback009, TestSize.Level0) { std::shared_ptr callback = nullptr; ASSERT_EQ(nullptr, callback); @@ -1348,7 +1348,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback009, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI66BH3 */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback010, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback010, TestSize.Level0) { std::vector reqPerm; MockHapToken mock("RegisterPermActiveStatusCallback010", reqPerm, false); @@ -1364,7 +1364,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback010, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI66BH3 */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback011, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback011, TestSize.Level0) { std::vector permList1 = {"ohos.permission.CAMERA"}; auto callbackPtr1 = std::make_shared(permList1); @@ -1404,7 +1404,7 @@ public: * @tc.type: FUNC * @tc.require: issueI66BH3 */ -HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback012, TestSize.Level1) +HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback012, TestSize.Level0) { std::vector permList = {"ohos.permission.READ_CALL_LOG"}; auto callbackPtr = std::make_shared(permList); @@ -1438,7 +1438,7 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback012, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX3 issueI5RWX8 */ -HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission001, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName)); @@ -1452,7 +1452,7 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX3 issueI5RWX8 */ -HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission002, TestSize.Level0) { std::vector reqPerm; MockHapToken mock("IsAllowedUsingPermission002", reqPerm, true); @@ -1466,7 +1466,7 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX3 issueI5RWX8 */ -HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission003, TestSize.Level0) { std::vector reqPerm; MockHapToken mock("IsAllowedUsingPermission003", reqPerm, true); @@ -1482,7 +1482,7 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission004, TestSize.Level1) +HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission004, TestSize.Level0) { std::string permissionName = "ohos.permission.MICROPHONE"; std::vector list; @@ -1502,7 +1502,7 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission005, TestSize.Level1) +HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission005, TestSize.Level0) { std::vector list; ASSERT_EQ(0, AppManagerAccessClient::GetInstance().GetForegroundApplications(list)); @@ -1527,7 +1527,7 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission006, TestSize.Level1) +HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission006, TestSize.Level0) { std::string permissionName = "ohos.permission.MICROPHONE"; ASSERT_EQ(false, PrivacyKit::IsAllowedUsingPermission(g_tokenIdE, permissionName)); @@ -1600,7 +1600,7 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission006, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X issueI5P4IU issueI5P530 */ -HWTEST_F(PrivacyKitTest, StartUsingPermission001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission001, TestSize.Level0) { ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PrivacyKit::StartUsingPermission(0, "ohos.permission.CAMERA")); ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PrivacyKit::StartUsingPermission(0, "permissionName")); @@ -1614,7 +1614,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X issueI5P4IU issueI5P530 */ -HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(RET_NO_ERROR, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName)); @@ -1629,7 +1629,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X issueI5P4IU issueI5P530 */ -HWTEST_F(PrivacyKitTest, StartUsingPermission003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission003, TestSize.Level0) { std::string permissionName = "ohos.permission.READ_CONTACTS"; ASSERT_EQ(RET_NO_ERROR, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName)); @@ -1656,7 +1656,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X issueI5P4IU issueI5P530 */ -HWTEST_F(PrivacyKitTest, StartUsingPermission004, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission004, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(RET_NO_ERROR, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName)); @@ -1669,7 +1669,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission004, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X issueI5P4IU issueI5P530 */ -HWTEST_F(PrivacyKitTest, StartUsingPermission005, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission005, TestSize.Level0) { std::string permissionName = "ohos.permission.UtTestInvalidPermission"; ASSERT_EQ(PrivacyError::ERR_PERMISSION_NOT_EXIST, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName)); @@ -1684,7 +1684,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission005, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PrivacyKitTest, StartUsingPermission006, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission006, TestSize.Level0) { auto callbackPtr = std::make_shared(); ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, @@ -1705,7 +1705,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission006, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PrivacyKitTest, StartUsingPermission007, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission007, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; auto callbackPtr = std::make_shared(); @@ -1721,7 +1721,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission007, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(PrivacyKitTest, StartUsingPermission008, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission008, TestSize.Level0) { AccessTokenID tokenId = 0; std::string permissionName; @@ -1737,7 +1737,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission008, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PrivacyKitTest, StartUsingPermission009, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission009, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; auto callbackPtr = std::make_shared(); @@ -1753,7 +1753,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission009, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI66BH3 */ -HWTEST_F(PrivacyKitTest, StartUsingPermission010, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission010, TestSize.Level0) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); @@ -1769,7 +1769,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission010, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, StartUsingPermission011, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission011, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; int32_t pid1 = 1001; @@ -1787,7 +1787,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission011, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, StartUsingPermission012, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission012, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; int32_t pid1 = 1001; @@ -1805,7 +1805,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission012, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, StartUsingPermission013, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission013, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; int32_t pid1 = 1001; @@ -1826,7 +1826,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission013, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PrivacyKitTest, StartUsingPermission014, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StartUsingPermission014, TestSize.Level0) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); @@ -1844,7 +1844,7 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission014, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X issueI5P4IU issueI5P530 */ -HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level0) { ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PrivacyKit::StopUsingPermission(0, "ohos.permission.CAMERA")); ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PrivacyKit::StopUsingPermission(0, "permissionName")); @@ -1856,7 +1856,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X issueI5P4IU issueI5P530 */ -HWTEST_F(PrivacyKitTest, StopUsingPermission002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StopUsingPermission002, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ( @@ -1869,7 +1869,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X issueI5P4IU issueI5P530 */ -HWTEST_F(PrivacyKitTest, StopUsingPermission003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StopUsingPermission003, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(RET_NO_ERROR, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName)); @@ -1885,7 +1885,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5NT1X issueI5P4IU issueI5P530 */ -HWTEST_F(PrivacyKitTest, StopUsingPermission004, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StopUsingPermission004, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; ASSERT_EQ(RET_NO_ERROR, PrivacyKit::StartUsingPermission(g_tokenIdE, permissionName)); @@ -1900,7 +1900,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission004, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5SZHG */ -HWTEST_F(PrivacyKitTest, StopUsingPermission005, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StopUsingPermission005, TestSize.Level0) { ASSERT_EQ( PrivacyError::ERR_PARAM_INVALID, PrivacyKit::StopUsingPermission(g_nativeToken, "ohos.permission.CAMERA")); @@ -1912,7 +1912,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission005, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI66BH3 */ -HWTEST_F(PrivacyKitTest, StopUsingPermission006, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StopUsingPermission006, TestSize.Level0) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.PERMISSION_USED_STATS"); @@ -1928,7 +1928,7 @@ HWTEST_F(PrivacyKitTest, StopUsingPermission006, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PrivacyKitTest, StopUsingPermission007, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StopUsingPermission007, TestSize.Level0) { std::string permissionName = "ohos.permission.READ_CONTACTS"; auto callbackPtr = std::make_shared(); @@ -1967,7 +1967,7 @@ public: * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(PrivacyKitTest, OnRemoteRequest001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, OnRemoteRequest001, TestSize.Level0) { AccessTokenID tokenId = 123; // 123 is random input bool isShowing = false; @@ -2014,7 +2014,7 @@ public: * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(PrivacyKitTest, OnRemoteRequest002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, OnRemoteRequest002, TestSize.Level0) { g_permissionUsedRecord.accessRecords.emplace_back(g_usedRecordDetail); g_bundleUsedRecord.permissionRecords.emplace_back(g_permissionUsedRecord); @@ -2069,7 +2069,7 @@ public: * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(PrivacyKitTest, OnRemoteRequest003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, OnRemoteRequest003, TestSize.Level0) { ActiveChangeResponse response = { .tokenID = 123, @@ -2104,7 +2104,7 @@ HWTEST_F(PrivacyKitTest, OnRemoteRequest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(PrivacyKitTest, ActiveStatusChangeCallback001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, ActiveStatusChangeCallback001, TestSize.Level0) { ActiveChangeResponse response = { .tokenID = 123, @@ -2126,7 +2126,7 @@ HWTEST_F(PrivacyKitTest, ActiveStatusChangeCallback001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(PrivacyKitTest, StateChangeNotify001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, StateChangeNotify001, TestSize.Level0) { AccessTokenID tokenId = 123; // 123 is random input bool isShowing = false; @@ -2142,7 +2142,7 @@ HWTEST_F(PrivacyKitTest, StateChangeNotify001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI61A6M */ -HWTEST_F(PrivacyKitTest, InitProxy001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, InitProxy001, TestSize.Level0) { ASSERT_NE(nullptr, PrivacyManagerClient::GetInstance().proxy_); OHOS::sptr proxy = PrivacyManagerClient::GetInstance().proxy_; // backup @@ -2158,7 +2158,7 @@ HWTEST_F(PrivacyKitTest, InitProxy001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord011, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord011, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -2187,7 +2187,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord011, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord012, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord012, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -2217,7 +2217,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord012, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord013, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord013, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -2247,7 +2247,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord013, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord014, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord014, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -2273,7 +2273,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord014, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord015, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord015, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -2299,7 +2299,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord015, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord016, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord016, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -2326,7 +2326,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord016, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord017, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord017, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -2356,7 +2356,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord017, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord018, TestSize.Level1) +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord018, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -2373,7 +2373,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord018, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos001, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -2415,7 +2415,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos002, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -2470,7 +2470,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos003, TestSize.Level0) { AddPermParamInfo info; info.tokenId = g_tokenIdA; @@ -2516,7 +2516,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos004, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos004, TestSize.Level0) { std::vector results; // tokenId invalid @@ -2540,7 +2540,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos005, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos005, TestSize.Level0) { std::vector reqPerm; std::string permissionName; @@ -2566,7 +2566,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos006, TestSize.Level1) +HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos006, TestSize.Level0) { uint32_t count = MAX_PERMISSION_USED_TYPE_SIZE + 1; @@ -2609,7 +2609,7 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetMutePolicyTest001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetMutePolicyTest001, TestSize.Level0) { ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PrivacyKit::SetMutePolicy(PolicyType::EDM - 1, CallerType::MICROPHONE, true, RANDOM_TOKENID)); @@ -2629,7 +2629,7 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetMutePolicyTest002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetMutePolicyTest002, TestSize.Level0) { MockNativeToken mock("accesstoken_service"); // as a sa without SET_MUTE_POLICY ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, @@ -2642,7 +2642,7 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetMutePolicyTest003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetMutePolicyTest003, TestSize.Level0) { MockNativeToken mock("camera_service"); // as a system service with SET_MUTE_POLICY @@ -2656,7 +2656,7 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetMutePolicyTest004, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetMutePolicyTest004, TestSize.Level0) { std::vector reqPerm; MockHapToken mock("SetMutePolicyTest004", reqPerm, true); // as a system hap @@ -2670,7 +2670,7 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetMutePolicyTest005, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetMutePolicyTest005, TestSize.Level0) { MockNativeToken mock("hdcd"); ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED, @@ -2683,7 +2683,7 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetHapWithFGReminder01, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetHapWithFGReminder01, TestSize.Level0) { uint32_t opCode1; uint32_t opCode2; @@ -2721,7 +2721,7 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder01, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetHapWithFGReminder02, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetHapWithFGReminder02, TestSize.Level0) { uint32_t opCode1; uint32_t opCode2; @@ -2754,7 +2754,7 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder02, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetHapWithFGReminder03, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetHapWithFGReminder03, TestSize.Level0) { uint32_t opCode1; uint32_t opCode2; @@ -2788,7 +2788,7 @@ HWTEST_F(PrivacyKitTest, SetHapWithFGReminder03, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level0) { bool status = true; int32_t resSet = PrivacyKit::SetPermissionUsedRecordToggleStatus(INVALID_USER_ID, status); @@ -2803,7 +2803,7 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level0) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.ERR_PERMISSION_DENIED"); @@ -2859,7 +2859,7 @@ HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus002, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus003, TestSize.Level1) +HWTEST_F(PrivacyKitTest, SetPermissionUsedRecordToggleStatus003, TestSize.Level0) { std::vector reqPerm; reqPerm.emplace_back("ohos.permission.ERR_PERMISSION_DENIED"); diff --git a/interfaces/innerkits/token_callback/test/BUILD.gn b/interfaces/innerkits/token_callback/test/BUILD.gn index cc3575eba..a754369a1 100644 --- a/interfaces/innerkits/token_callback/test/BUILD.gn +++ b/interfaces/innerkits/token_callback/test/BUILD.gn @@ -16,8 +16,7 @@ import("../../../../access_token.gni") ohos_unittest("libtoken_callback_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/interfaces/innerkits/token_setproc/test/BUILD.gn b/interfaces/innerkits/token_setproc/test/BUILD.gn index 64b76e889..f30098323 100644 --- a/interfaces/innerkits/token_setproc/test/BUILD.gn +++ b/interfaces/innerkits/token_setproc/test/BUILD.gn @@ -16,8 +16,7 @@ import("../../../../access_token.gni") ohos_unittest("libtoken_setproc_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp b/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp index 0d138e61d..6ec5c8185 100644 --- a/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp +++ b/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp @@ -54,7 +54,7 @@ void TokensetprocKitTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokensetprocKitTest, AddPermissionToKernel001, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, AddPermissionToKernel001, TestSize.Level0) { ASSERT_EQ(EPERM, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList)); } @@ -65,7 +65,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokensetprocKitTest, AddPermissionToKernel002, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, AddPermissionToKernel002, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); std::vector opcodeList = {0, 1, 2}; @@ -81,7 +81,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokensetprocKitTest, AddPermissionToKernel003, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, AddPermissionToKernel003, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); std::vector opcodeList; @@ -97,7 +97,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokensetprocKitTest, AddPermissionToKernel004, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, AddPermissionToKernel004, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList)); @@ -111,7 +111,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokensetprocKitTest, AddPermissionToKernel005, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, AddPermissionToKernel005, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); std::vector opCodeList1 = {123, 124}; @@ -119,16 +119,16 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel005, TestSize.Level1) std::vector opCodeList2 = {123}; std::vector statusList2 = {true}; // granted - ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList1, statusList1)); + EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList1, statusList1)); bool isGranted = false; - ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList1[0], isGranted)); - ASSERT_EQ(false, isGranted); + EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList1[0], isGranted)); + EXPECT_EQ(false, isGranted); EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList2, statusList2)); - ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList2[0], isGranted)); - ASSERT_EQ(true, isGranted); - ASSERT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId)); + EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList2[0], isGranted)); + EXPECT_EQ(true, isGranted); + EXPECT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId)); setuid(g_selfUid); } @@ -139,7 +139,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokensetprocKitTest, AddPermissionToKernel006, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, AddPermissionToKernel006, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); std::vector opCodeList1 = {123}; @@ -147,16 +147,16 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel006, TestSize.Level1) std::vector opCodeList2 = {123, 124}; std::vector statusList2 = {false, false}; // not granted - ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList1, statusList1)); + EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList1, statusList1)); bool isGranted = false; - ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList1[0], isGranted)); - ASSERT_EQ(true, isGranted); + EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList1[0], isGranted)); + EXPECT_EQ(true, isGranted); EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList2, statusList2)); - ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList2[0], isGranted)); - ASSERT_EQ(false, isGranted); + EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, opCodeList2[0], isGranted)); + EXPECT_EQ(false, isGranted); - ASSERT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId)); + EXPECT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId)); setuid(g_selfUid); } @@ -167,7 +167,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokensetprocKitTest, AddPermissionToKernel007, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, AddPermissionToKernel007, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); uint32_t token1 = 111; @@ -185,7 +185,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokensetprocKitTest, AddPermissionToKernel008, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, AddPermissionToKernel008, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); std::vector tokenList; @@ -212,29 +212,29 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel008, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokensetprocKitTest, AddPermissionToKernel009, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, AddPermissionToKernel009, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList)); - ASSERT_EQ(ACCESS_TOKEN_OK, SetPermissionToKernel(g_tokeId, g_opCodeList[0], true)); + EXPECT_EQ(ACCESS_TOKEN_OK, SetPermissionToKernel(g_tokeId, g_opCodeList[0], true)); bool isGranted = false; - ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted)); - ASSERT_EQ(true, isGranted); + EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted)); + EXPECT_EQ(true, isGranted); std::vector opCodeList; std::vector statusList; // update with less permission(size is 0) EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, opCodeList, statusList)); - ASSERT_EQ(ENODATA, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted)); - ASSERT_EQ(false, isGranted); + EXPECT_EQ(ENODATA, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted)); + EXPECT_EQ(false, isGranted); // update with more permission EXPECT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList)); - ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted)); - ASSERT_EQ(g_statusList[0], isGranted); + EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted)); + EXPECT_EQ(g_statusList[0], isGranted); - ASSERT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId)); + EXPECT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId)); setuid(g_selfUid); } @@ -244,7 +244,7 @@ HWTEST_F(TokensetprocKitTest, AddPermissionToKernel009, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel001, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel001, TestSize.Level0) { ASSERT_EQ(EPERM, RemovePermissionFromKernel(g_tokeId)); } @@ -255,7 +255,7 @@ HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel002, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel002, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList)); @@ -270,7 +270,7 @@ HWTEST_F(TokensetprocKitTest, RemovePermissionFromKernel002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI8HMUH */ -HWTEST_F(TokensetprocKitTest, SetPermissionToKernel001, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, SetPermissionToKernel001, TestSize.Level0) { ASSERT_EQ(EPERM, SetPermissionToKernel(g_tokeId, 1, true)); } @@ -281,7 +281,7 @@ HWTEST_F(TokensetprocKitTest, SetPermissionToKernel001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI8HMUH */ -HWTEST_F(TokensetprocKitTest, SetPermissionToKernel002, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, SetPermissionToKernel002, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); ASSERT_EQ(ENODATA, SetPermissionToKernel(g_tokeId, g_opCodeList[0], true)); @@ -296,7 +296,7 @@ HWTEST_F(TokensetprocKitTest, SetPermissionToKernel002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI8HMUH */ -HWTEST_F(TokensetprocKitTest, SetPermissionToKernel003, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, SetPermissionToKernel003, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList)); @@ -313,14 +313,14 @@ HWTEST_F(TokensetprocKitTest, SetPermissionToKernel003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI8HMUH */ -HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel001, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel001, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); uint32_t size = g_opCodeList.size(); ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList)); for (uint32_t i = 0; i < size; i++) { bool isGranted = false; - ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[i], isGranted)); + EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[i], isGranted)); EXPECT_EQ(g_statusList[i], isGranted); } @@ -328,15 +328,15 @@ HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel001, TestSize.Level1) for (uint32_t i = 0; i < MAX_PERM_NUM; i++) { if (knownOpCodeSet.find(i) == knownOpCodeSet.end()) { bool isGranted = false; - ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, i, isGranted)); + EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, i, isGranted)); EXPECT_FALSE(isGranted); } } - ASSERT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId)); + EXPECT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId)); for (uint32_t i = 0; i < size; i++) { bool isGranted = false; - ASSERT_EQ(ENODATA, GetPermissionFromKernel(g_tokeId, g_opCodeList[i], isGranted)); + EXPECT_EQ(ENODATA, GetPermissionFromKernel(g_tokeId, g_opCodeList[i], isGranted)); EXPECT_EQ(false, isGranted); } setuid(g_selfUid); @@ -348,7 +348,7 @@ HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI8HMUH */ -HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel002, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel002, TestSize.Level0) { GTEST_LOG_(INFO) << "GetPermissionFromKernel002 start"; setuid(ACCESS_TOKEN_UID); @@ -357,12 +357,12 @@ HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel002, TestSize.Level1) // set permission status: false bool isGranted = false; EXPECT_EQ(ACCESS_TOKEN_OK, SetPermissionToKernel(g_tokeId, g_opCodeList[0], false)); - ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted)); + EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted)); EXPECT_EQ(false, isGranted); // set permission status: true EXPECT_EQ(ACCESS_TOKEN_OK, SetPermissionToKernel(g_tokeId, g_opCodeList[0], true)); - ASSERT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted)); + EXPECT_EQ(ACCESS_TOKEN_OK, GetPermissionFromKernel(g_tokeId, g_opCodeList[0], isGranted)); EXPECT_EQ(true, isGranted); ASSERT_EQ(ACCESS_TOKEN_OK, RemovePermissionFromKernel(g_tokeId)); @@ -375,7 +375,7 @@ HWTEST_F(TokensetprocKitTest, GetPermissionFromKernel002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI8HMUH */ -HWTEST_F(TokensetprocKitTest, InvalidParam1, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, InvalidParam1, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); ASSERT_EQ(ACCESS_TOKEN_OK, AddPermissionToKernel(g_tokeId, g_opCodeList, g_statusList)); @@ -424,7 +424,7 @@ static void *ThreadTestFunc02(void *args) * @tc.type: FUNC * @tc.require: issueI8HMUH */ -HWTEST_F(TokensetprocKitTest, Mulitpulthread001, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, Mulitpulthread001, TestSize.Level0) { setuid(ACCESS_TOKEN_UID); int64_t beginTime = std::chrono::duration_cast( @@ -452,7 +452,7 @@ HWTEST_F(TokensetprocKitTest, Mulitpulthread001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI8HMUH */ -HWTEST_F(TokensetprocKitTest, APICostTimeTest001, TestSize.Level1) +HWTEST_F(TokensetprocKitTest, APICostTimeTest001, TestSize.Level0) { GTEST_LOG_(INFO) << "APICostTimeTest001 start"; setuid(ACCESS_TOKEN_UID); diff --git a/interfaces/innerkits/tokensync/test/BUILD.gn b/interfaces/innerkits/tokensync/test/BUILD.gn index d3b60728e..01414f965 100644 --- a/interfaces/innerkits/tokensync/test/BUILD.gn +++ b/interfaces/innerkits/tokensync/test/BUILD.gn @@ -16,8 +16,7 @@ import("../../../../access_token.gni") ohos_unittest("libtokensync_sdk_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp b/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp index 95e26e71d..3df90e8ff 100644 --- a/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp +++ b/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp @@ -91,7 +91,7 @@ static void StartOrStopTokenSyncService(bool start) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncKitTest, UpdateRemoteHapTokenInfo001, TestSize.Level1) +HWTEST_F(TokenSyncKitTest, UpdateRemoteHapTokenInfo001, TestSize.Level0) { HapTokenInfoForSync tokenInfo; uint64_t selfTokenId = GetSelfTokenID(); @@ -123,7 +123,7 @@ HWTEST_F(TokenSyncKitTest, UpdateRemoteHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncKitTest, GetRemoteHapTokenInfo001, TestSize.Level1) +HWTEST_F(TokenSyncKitTest, GetRemoteHapTokenInfo001, TestSize.Level0) { uint64_t selfTokenId = GetSelfTokenID(); @@ -155,7 +155,7 @@ HWTEST_F(TokenSyncKitTest, GetRemoteHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncKitTest, DeleteRemoteHapTokenInfo001, TestSize.Level1) +HWTEST_F(TokenSyncKitTest, DeleteRemoteHapTokenInfo001, TestSize.Level0) { uint64_t selfTokenId = GetSelfTokenID(); diff --git a/services/accesstokenmanager/test/coverage/BUILD.gn b/services/accesstokenmanager/test/coverage/BUILD.gn index 81459e576..ee1706c8c 100644 --- a/services/accesstokenmanager/test/coverage/BUILD.gn +++ b/services/accesstokenmanager/test/coverage/BUILD.gn @@ -43,8 +43,7 @@ accesstoken_manager_service_source = [ ohos_unittest("libaccesstoken_manager_service_coverage_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/services/accesstokenmanager/test/mock/BUILD.gn b/services/accesstokenmanager/test/mock/BUILD.gn index 3f7f01a45..f16162b70 100644 --- a/services/accesstokenmanager/test/mock/BUILD.gn +++ b/services/accesstokenmanager/test/mock/BUILD.gn @@ -43,8 +43,7 @@ accesstoken_manager_service_source = [ ohos_unittest("libpermission_manager_mock_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/services/accesstokenmanager/test/mock/permission_manager_mock_test.cpp b/services/accesstokenmanager/test/mock/permission_manager_mock_test.cpp index 4d927aa8e..ee7623073 100644 --- a/services/accesstokenmanager/test/mock/permission_manager_mock_test.cpp +++ b/services/accesstokenmanager/test/mock/permission_manager_mock_test.cpp @@ -43,7 +43,7 @@ void PermissionManagerMockTest::TearDown() * @tc.type: FUNC * @tc.require: Issue */ -HWTEST_F(PermissionManagerMockTest, RequestAppPermOnSettingTest001, TestSize.Level1) +HWTEST_F(PermissionManagerMockTest, RequestAppPermOnSettingTest001, TestSize.Level4) { HapTokenInfo hapInfo; hapInfo.bundleName = "aaa"; diff --git a/services/accesstokenmanager/test/unittest/BUILD.gn b/services/accesstokenmanager/test/unittest/BUILD.gn index 85fb1f6fb..6eef73f26 100644 --- a/services/accesstokenmanager/test/unittest/BUILD.gn +++ b/services/accesstokenmanager/test/unittest/BUILD.gn @@ -43,8 +43,7 @@ accesstoken_manager_service_source = [ ohos_unittest("libaccesstoken_manager_service_standard_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp index 7403a1a56..a41f0a32f 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp @@ -48,7 +48,7 @@ void AccessTokenDatabaseTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDatabaseTest, DatabaseConverage002, TestSize.Level1) +HWTEST_F(AccessTokenDatabaseTest, DatabaseConverage002, TestSize.Level4) { DataTranslator trans; GenericValues inGenericValues; diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index 89c64022e..9a35bce8f 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -156,7 +156,7 @@ void AccessTokenInfoManagerTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, HapTokenInfoInner001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, HapTokenInfoInner001, TestSize.Level0) { AccessTokenID id = 0x20240112; HapTokenInfo info = { @@ -187,7 +187,7 @@ HWTEST_F(AccessTokenInfoManagerTest, HapTokenInfoInner001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, @@ -216,7 +216,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, @@ -250,7 +250,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo003, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo003, TestSize.Level0) { HapInfoParams info = { .userID = -1 @@ -267,7 +267,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo004, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo004, TestSize.Level0) { HapInfoParams info = { .userID = USER_ID, @@ -285,7 +285,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo005, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo005, TestSize.Level0) { HapInfoParams info = { .userID = USER_ID, @@ -304,7 +304,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo006, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo006, TestSize.Level0) { HapInfoParams info = { .userID = USER_ID, @@ -325,7 +325,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo007, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo007, TestSize.Level0) { HapInfoParams info = { .userID = USER_ID, @@ -347,7 +347,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo008, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo008, TestSize.Level0) { static PermissionDef permDef = { .permissionName = "ohos.permission.test", @@ -381,7 +381,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo008, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, InitHapToken001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, InitHapToken001, TestSize.Level0) { HapInfoParcel hapinfoParcel; hapinfoParcel.hapInfoParameter = { @@ -408,7 +408,7 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, InitHapToken002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, InitHapToken002, TestSize.Level0) { HapInfoParcel hapinfoParcel; hapinfoParcel.hapInfoParameter = { @@ -435,7 +435,7 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, InitHapToken003, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, InitHapToken003, TestSize.Level0) { HapInfoParcel info; info.hapInfoParameter = { @@ -529,7 +529,7 @@ void TestPrepareKernelPermissionStatus(HapPolicy& policyParams) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, InitHapToken004, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, InitHapToken004, TestSize.Level0) { HapInfoParcel info; HapPolicyParcel policy; @@ -568,7 +568,7 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, InitHapToken005, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, InitHapToken005, TestSize.Level0) { HapInfoParcel info; HapPolicyParcel policy; @@ -607,7 +607,7 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, InitHapToken006, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, InitHapToken006, TestSize.Level0) { HapInfoParcel info; HapPolicyParcel policy; @@ -643,7 +643,7 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, InitHapToken007, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, InitHapToken007, TestSize.Level0) { HapInfoParcel info; HapPolicyParcel policy; @@ -674,7 +674,7 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, IsTokenIdExist001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, IsTokenIdExist001, TestSize.Level0) { AccessTokenID testId = 1; ASSERT_EQ(AccessTokenInfoManager::GetInstance().IsTokenIdExist(testId), false); @@ -686,7 +686,7 @@ HWTEST_F(AccessTokenInfoManagerTest, IsTokenIdExist001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfo001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int result; @@ -711,7 +711,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; // type != TOKEN_HAP @@ -753,7 +753,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, @@ -783,7 +783,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, @@ -820,7 +820,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; HapPolicy policy = g_infoManagerTestPolicyPrams1; @@ -845,7 +845,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level0) { AccessTokenID tokenId = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111 AccessTokenIDEx tokenIdEx = {0}; @@ -869,7 +869,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken004, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken004, TestSize.Level0) { HapInfoParcel info; HapPolicyParcel policy; @@ -915,7 +915,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int result; @@ -942,7 +942,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync002, TestSize.Level0) { AccessTokenID tokenId = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111 std::shared_ptr info = std::make_shared(); @@ -958,7 +958,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( @@ -981,7 +981,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Leve * @tc.type: FUNC * @tc.require: issueI5RJBB */ -HWTEST_F(AccessTokenInfoManagerTest, RemoteHapTest001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, RemoteHapTest001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( @@ -1015,7 +1015,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RemoteHapTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RJBB */ -HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( @@ -1061,7 +1061,7 @@ static bool SetRemoteHapTokenInfoTest(const std::string& deviceID, const HapToke * @tc.type: FUNC * @tc.require: issue5RJBB */ -HWTEST_F(AccessTokenInfoManagerTest, SetRemoteHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, SetRemoteHapTokenInfo001, TestSize.Level0) { std::string deviceID = "deviceId"; HapTokenInfo rightBaseInfo = { @@ -1108,7 +1108,7 @@ HWTEST_F(AccessTokenInfoManagerTest, SetRemoteHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, ClearUserGrantedPermissionState001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, ClearUserGrantedPermissionState001, TestSize.Level0) { AccessTokenID tokenId = 123; // 123 is random input @@ -1127,7 +1127,7 @@ HWTEST_F(AccessTokenInfoManagerTest, ClearUserGrantedPermissionState001, TestSiz * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, NotifyTokenSyncTask001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, NotifyTokenSyncTask001, TestSize.Level0) { std::vector modifiedTokenList = TokenModifyNotifier::GetInstance().modifiedTokenList_; // backup TokenModifyNotifier::GetInstance().modifiedTokenList_.clear(); @@ -1156,7 +1156,7 @@ void setPermission() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Level0) { setPermission(); sptr callback = new (std::nothrow) TokenSyncCallbackMock(); @@ -1191,7 +1191,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback001, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Level0) { setPermission(); sptr callback = new (std::nothrow) TokenSyncCallbackMock(); @@ -1247,7 +1247,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenSyncCallback002, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetRemoteHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetRemoteHapTokenInfo001, TestSize.Level0) { setPermission(); sptr callback = new (std::nothrow) TokenSyncCallbackMock(); @@ -1275,7 +1275,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetRemoteHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, UpdateRemoteHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, UpdateRemoteHapTokenInfo001, TestSize.Level0) { AccessTokenID mapID = 0; HapTokenInfoForSync hapSync; @@ -1300,7 +1300,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateRemoteHapTokenInfo001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, CreateRemoteHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, CreateRemoteHapTokenInfo001, TestSize.Level0) { AccessTokenID mapID = 123; // 123 is random input HapTokenInfoForSync hapSync; @@ -1321,7 +1321,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateRemoteHapTokenInfo001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken002, TestSize.Level0) { std::string deviceID = "dev-001"; AccessTokenID tokenID = 123; // 123 is random input @@ -1358,7 +1358,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, AllocLocalTokenID001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, AllocLocalTokenID001, TestSize.Level0) { std::string remoteDeviceID; AccessTokenID remoteTokenID = 0; @@ -1394,7 +1394,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AllocLocalTokenID001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI4V02P */ -HWTEST_F(AccessTokenInfoManagerTest, Dump001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, Dump001, TestSize.Level0) { int fd = -1; std::vector args; @@ -1440,7 +1440,7 @@ HWTEST_F(AccessTokenInfoManagerTest, Dump001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI4V02P */ -HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level0) { std::string dumpInfo; AtmToolsParamInfo info; @@ -1460,7 +1460,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI4V02P */ -HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo002, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, @@ -1488,7 +1488,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI4V02P */ -HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo003, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo003, TestSize.Level0) { std::string dumpInfo; AtmToolsParamInfo info; @@ -1503,7 +1503,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI4V02P */ -HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo004, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo004, TestSize.Level0) { std::string dumpInfo; AtmToolsParamInfo info; @@ -1518,7 +1518,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo004, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI4V02P */ -HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo006, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo006, TestSize.Level0) { std::string dumpInfo; AtmToolsParamInfo info; @@ -1533,7 +1533,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo006, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI4V02P */ -HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo007, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo007, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, @@ -1561,7 +1561,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, AccessTokenInfoManager001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, AccessTokenInfoManager001, TestSize.Level0) { AccessTokenInfoManager::GetInstance().hasInited_ = true; uint32_t hapSize = 0; @@ -1579,7 +1579,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AccessTokenInfoManager001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetHapUniqueStr001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetHapUniqueStr001, TestSize.Level0) { std::shared_ptr info = nullptr; ASSERT_EQ("", AccessTokenInfoManager::GetInstance().GetHapUniqueStr(info)); @@ -1591,7 +1591,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapUniqueStr001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo001, TestSize.Level0) { std::shared_ptr info = nullptr; AccessTokenID oriTokenId = 0; @@ -1604,7 +1604,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo002, TestSize.Level0) { HapInfoParams info = { .userID = USER_ID, @@ -1634,7 +1634,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI60F1M */ -HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID002, TestSize.Level0) { AccessTokenIDEx tokenIdEx = AccessTokenInfoManager::GetInstance().GetHapTokenID( USER_ID, "com.ohos.test", INST_INDEX); @@ -1647,7 +1647,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, IsPermissionDefValid001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, IsPermissionDefValid001, TestSize.Level0) { PermissionDef permDef = { .permissionName = "ohos.permission.TEST", @@ -1676,7 +1676,7 @@ HWTEST_F(AccessTokenInfoManagerTest, IsPermissionDefValid001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, IsPermissionStateValid001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, IsPermissionStateValid001, TestSize.Level0) { std::string permissionName; std::string deviceID = "dev-001"; @@ -1708,7 +1708,7 @@ HWTEST_F(AccessTokenInfoManagerTest, IsPermissionStateValid001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, FilterInvalidPermissionDef001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, FilterInvalidPermissionDef001, TestSize.Level0) { PermissionDef permDef = { .permissionName = "ohos.permission.TEST", @@ -1740,7 +1740,7 @@ HWTEST_F(AccessTokenInfoManagerTest, FilterInvalidPermissionDef001, TestSize.Lev * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level0) { PermissionStatus perm = { .permissionName = "ohos.permission.TEST", @@ -1766,7 +1766,7 @@ HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, UpdatePermissionStatus001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, UpdatePermissionStatus001, TestSize.Level0) { PermissionStatus perm = { .permissionName = "ohos.permission.CAMERA", @@ -1817,7 +1817,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdatePermissionStatus001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, MapRemoteDeviceTokenToLocal001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, MapRemoteDeviceTokenToLocal001, TestSize.Level0) { std::map remoteDeviceMap; remoteDeviceMap = AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_; // backup @@ -1859,7 +1859,7 @@ HWTEST_F(AccessTokenInfoManagerTest, MapRemoteDeviceTokenToLocal001, TestSize.Le * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetDeviceAllRemoteTokenID001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetDeviceAllRemoteTokenID001, TestSize.Level0) { std::string deviceID; std::vector remoteIDs; @@ -1875,7 +1875,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetDeviceAllRemoteTokenID001, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, RemoveDeviceMappingTokenID001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, RemoveDeviceMappingTokenID001, TestSize.Level0) { std::map remoteDeviceMap; remoteDeviceMap = AccessTokenRemoteTokenManager::GetInstance().remoteDeviceMap_; // backup @@ -1904,7 +1904,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RemoveDeviceMappingTokenID001, TestSize.Lev * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenObservation001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenObservation001, TestSize.Level0) { std::set observationSet = TokenModifyNotifier::GetInstance().observationSet_; // backup TokenModifyNotifier::GetInstance().observationSet_.clear(); @@ -1928,7 +1928,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenObservation001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level0) { std::shared_ptr hap = std::make_shared(); ASSERT_NE(nullptr, hap); @@ -1974,7 +1974,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenId001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenId001, TestSize.Level0) { // 1477443583 is max abnormal butt tokenId which version is 2: 010 11 0 000000 11111111111111111111 AccessTokenID tokenId = 1477443583; @@ -1999,7 +1999,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RegisterTokenId001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, ClearAllSecCompGrantedPerm001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, ClearAllSecCompGrantedPerm001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( @@ -2028,7 +2028,7 @@ HWTEST_F(AccessTokenInfoManagerTest, ClearAllSecCompGrantedPerm001, TestSize.Lev * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap001, TestSize.Level0) { AccessTokenID tokenId = 123; // 123: invalid tokenid ASSERT_EQ(ERR_TOKENID_NOT_EXIST, AccessTokenInfoManager::GetInstance().SetPermDialogCap(tokenId, true)); @@ -2040,7 +2040,7 @@ HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap002, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( @@ -2078,7 +2078,7 @@ HWTEST_F(AccessTokenInfoManagerTest, SetPermDialogCap002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetPermDialogCap001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetPermDialogCap001, TestSize.Level0) { // invalid token ASSERT_EQ(true, AccessTokenInfoManager::GetInstance().GetPermDialogCap(INVALID_TOKENID)); @@ -2111,7 +2111,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetPermDialogCap001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level0) { HapInfoParcel hapinfoParcel; hapinfoParcel.hapInfoParameter = { @@ -2137,7 +2137,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, OnStart001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, OnStart001, TestSize.Level0) { ServiceRunningState state = atManagerService_->state_; atManagerService_->state_ = ServiceRunningState::STATE_RUNNING; @@ -2152,7 +2152,7 @@ HWTEST_F(AccessTokenInfoManagerTest, OnStart001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, Dlopen001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, Dlopen001, TestSize.Level0) { LibraryLoader loader1("libnotexist.z.so"); // is a not exist path EXPECT_EQ(nullptr, loader1.handle_); @@ -2169,7 +2169,7 @@ HWTEST_F(AccessTokenInfoManagerTest, Dlopen001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, Dlopen002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, Dlopen002, TestSize.Level0) { LibraryLoader loader(TOKEN_SYNC_LIBPATH); TokenSyncKitInterface* tokenSyncKit = loader.GetObject(); @@ -2184,7 +2184,7 @@ HWTEST_F(AccessTokenInfoManagerTest, Dlopen002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, VerifyNativeAccessToken001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, VerifyNativeAccessToken001, TestSize.Level0) { AccessTokenID tokenId = 0x280bc142; // 0x280bc142 is random input std::string permissionName = "ohos.permission.INVALID_AA"; @@ -2213,7 +2213,7 @@ HWTEST_F(AccessTokenInfoManagerTest, VerifyNativeAccessToken001, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, VerifyAccessToken001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, VerifyAccessToken001, TestSize.Level0) { AccessTokenID tokenId = 0; std::string permissionName; @@ -2235,7 +2235,7 @@ HWTEST_F(AccessTokenInfoManagerTest, VerifyAccessToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetAppId001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetAppId001, TestSize.Level0) { HapInfoParams info = { .userID = USER_ID, @@ -2264,7 +2264,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetAppId001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus001, TestSize.Level0) { int32_t userID = -1; uint32_t status = PermissionRequestToggleStatus::CLOSED; @@ -2302,7 +2302,7 @@ HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus001, TestSi * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus002, TestSize.Level0) { int32_t userID = 123; uint32_t status = PermissionRequestToggleStatus::CLOSED; @@ -2323,7 +2323,7 @@ HWTEST_F(AccessTokenInfoManagerTest, SetPermissionRequestToggleStatus002, TestSi * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus001, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus001, TestSize.Level0) { int32_t userID = -1; uint32_t status; @@ -2355,7 +2355,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus001, TestSi * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus002, TestSize.Level1) +HWTEST_F(AccessTokenInfoManagerTest, GetPermissionRequestToggleStatus002, TestSize.Level0) { int32_t userID = 123; uint32_t setStatusClose = PermissionRequestToggleStatus::CLOSED; diff --git a/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp b/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp index 02ec98245..35c2f4d32 100644 --- a/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp +++ b/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp @@ -68,7 +68,7 @@ void NativeTokenReceptorTest::TearDown() * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData001, TestSize.Level1) +HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData001!"); std::string testStr = R"([)"\ @@ -95,7 +95,7 @@ HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level1) +HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData002!"); std::string testStr = R"([{"processName":""}])"; @@ -150,7 +150,7 @@ HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level1) +HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData002!"); std::string testStr = R"([)"\ @@ -171,7 +171,7 @@ HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(NativeTokenReceptorTest, GetnNativeTokenInfoFromJson002, TestSize.Level1) +HWTEST_F(NativeTokenReceptorTest, GetnNativeTokenInfoFromJson002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "test GetnNativeTokenInfoFromJson002!"); // version wrong @@ -236,7 +236,7 @@ HWTEST_F(NativeTokenReceptorTest, GetnNativeTokenInfoFromJson002, TestSize.Level * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(NativeTokenReceptorTest, init001, TestSize.Level1) +HWTEST_F(NativeTokenReceptorTest, init001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "test init001!"); diff --git a/services/accesstokenmanager/test/unittest/permission_grant_event_test.cpp b/services/accesstokenmanager/test/unittest/permission_grant_event_test.cpp index 57eb3e48e..ca3a40a7e 100644 --- a/services/accesstokenmanager/test/unittest/permission_grant_event_test.cpp +++ b/services/accesstokenmanager/test/unittest/permission_grant_event_test.cpp @@ -42,7 +42,7 @@ void PermissionGrantEventTest::TearDown() * @tc.type: FUNC * @tc.require:issueI5OOPG */ -HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult001, TestSize.Level1) +HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "NotifyPermGrantStoreResult001!"); AccessTokenID tokenID = 0x100000; @@ -64,7 +64,7 @@ HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult001, TestSize.Level * @tc.type: FUNC * @tc.require:issueI5OOPG */ -HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult002, TestSize.Level1) +HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "NotifyPermGrantStoreResult002!"); AccessTokenID tokenID = 0x100000; @@ -86,7 +86,7 @@ HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult002, TestSize.Level * @tc.type: FUNC * @tc.require:issueI5OOPG */ -HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult003, TestSize.Level1) +HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "NotifyPermGrantStoreResult003!"); AccessTokenID tokenID = 0x100000; diff --git a/services/accesstokenmanager/test/unittest/permission_manager_test.cpp b/services/accesstokenmanager/test/unittest/permission_manager_test.cpp index 8e63c6dfa..ae6e54427 100644 --- a/services/accesstokenmanager/test/unittest/permission_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/permission_manager_test.cpp @@ -276,7 +276,7 @@ static AccessTokenID CreateTempHapTokenInfo() * @tc.type: FUNC * @tc.require: issueI4V02P */ -HWTEST_F(PermissionManagerTest, ScopeFilter001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, ScopeFilter001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, @@ -337,7 +337,7 @@ HWTEST_F(PermissionManagerTest, ScopeFilter001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI4V02P */ -HWTEST_F(PermissionManagerTest, AddPermStateChangeCallback001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, AddPermStateChangeCallback001, TestSize.Level0) { PermStateChangeScope inScopeInfo; inScopeInfo.tokenIDs = {123}; @@ -376,7 +376,7 @@ bool PermChangeCallback::AddDeathRecipient(const sptr result; @@ -461,7 +461,7 @@ HWTEST_F(PermissionManagerTest, GetReqPermissions001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GetReqPermissions002, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GetReqPermissions002, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, @@ -483,7 +483,7 @@ HWTEST_F(PermissionManagerTest, GetReqPermissions002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GetSelfPermissionState001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GetSelfPermissionState001, TestSize.Level0) { std::vector permsList1; permsList1.emplace_back(g_permState1); @@ -511,7 +511,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GetSelfPermissionState002, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GetSelfPermissionState002, TestSize.Level0) { std::vector permsList1; permsList1.emplace_back(g_permState6); @@ -557,7 +557,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GetSelfPermissionState003, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GetSelfPermissionState003, TestSize.Level0) { std::vector permsList1; permsList1.emplace_back(g_permState2); @@ -580,7 +580,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GetPermissionFlag001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GetPermissionFlag001, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is random input std::string permissionName; @@ -607,7 +607,7 @@ HWTEST_F(PermissionManagerTest, GetPermissionFlag001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GetPermissionFlag002, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GetPermissionFlag002, TestSize.Level0) { HapInfoParams infoParms = { .userID = 1, @@ -647,7 +647,7 @@ HWTEST_F(PermissionManagerTest, GetPermissionFlag002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState002, TestSize.Level1) +HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState002, TestSize.Level0) { AccessTokenID tokenId = 123; // random input std::string permissionName = "ohos.permission.DUMP"; @@ -692,7 +692,7 @@ HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState003, TestSize.Level1) +HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState003, TestSize.Level0) { std::string permissionName = "ohos.permission.DUMP"; uint32_t flag = 0; @@ -739,7 +739,7 @@ HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, IsAllowGrantTempPermission001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, IsAllowGrantTempPermission001, TestSize.Level0) { AccessTokenID tokenId = 123; // random input std::string permissionName = ""; @@ -753,7 +753,7 @@ HWTEST_F(PermissionManagerTest, IsAllowGrantTempPermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, IsPermissionVaild001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, IsPermissionVaild001, TestSize.Level0) { std::string permissionName; // permissionName invalid @@ -773,7 +773,7 @@ HWTEST_F(PermissionManagerTest, IsPermissionVaild001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GetPermissionState001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GetPermissionState001, TestSize.Level0) { AccessTokenID tokenId = 123; // random input std::vector permissionStateList; @@ -810,7 +810,7 @@ HWTEST_F(PermissionManagerTest, GetPermissionState001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GetApiVersionByTokenId001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GetApiVersionByTokenId001, TestSize.Level0) { AccessTokenID tokenId = 940572671; // 940572671 is max butt tokenId: 001 11 0 000000 11111111111111111111 int32_t apiVersion = 0; @@ -829,7 +829,7 @@ HWTEST_F(PermissionManagerTest, GetApiVersionByTokenId001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, VerifyHapAccessToken001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, VerifyHapAccessToken001, TestSize.Level0) { AccessTokenID tokenId = 123; // 123 is random input std::string permissionName; @@ -850,7 +850,7 @@ HWTEST_F(PermissionManagerTest, VerifyHapAccessToken001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission001, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -887,7 +887,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission002, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission002, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -921,7 +921,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission003, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission003, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -961,7 +961,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission004, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission004, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1001,7 +1001,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission005, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission005, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1048,7 +1048,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission006, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission006, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1085,7 +1085,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission007, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission007, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1122,7 +1122,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission008, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission008, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1161,7 +1161,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission008, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission009, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission009, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1207,7 +1207,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission009, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission010, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission010, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1258,7 +1258,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission010, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission011, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission011, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1306,7 +1306,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission011, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission012, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission012, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1362,7 +1362,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission012, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission013, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission013, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1415,7 +1415,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission013, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission014, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission014, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1464,7 +1464,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission014, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission015, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission015, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1491,7 +1491,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission015, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission016, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission016, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1516,7 +1516,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission016, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission017, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission017, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1536,7 +1536,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission017, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission018, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission018, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1580,7 +1580,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission018, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission019, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission019, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1618,7 +1618,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission019, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GrantTempPermission020, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GrantTempPermission020, TestSize.Level0) { accessTokenService_->state_ = ServiceRunningState::STATE_RUNNING; accessTokenService_->Initialize(); @@ -1638,7 +1638,7 @@ HWTEST_F(PermissionManagerTest, GrantTempPermission020, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, PermissionCallbackTest001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, PermissionCallbackTest001, TestSize.Level0) { PermStateChangeScope scope; EXPECT_EQ(AccessTokenError::ERR_PARAM_INVALID, CallbackManager::GetInstance().AddCallback(scope, nullptr)); @@ -1651,7 +1651,7 @@ HWTEST_F(PermissionManagerTest, PermissionCallbackTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, ContinuousTaskCallbackInfoParcel001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, ContinuousTaskCallbackInfoParcel001, TestSize.Level0) { ContinuousTaskCallbackInfo info; Parcel parcel; diff --git a/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp b/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp index 80643d02b..de3d9c715 100644 --- a/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp @@ -78,7 +78,7 @@ void ShortGrantManagerTest::TearDown() * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(ShortGrantManagerTest, RefreshPermission001, TestSize.Level1) +HWTEST_F(ShortGrantManagerTest, RefreshPermission001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoParms, g_policyParams, tokenIdEx); @@ -109,7 +109,7 @@ HWTEST_F(ShortGrantManagerTest, RefreshPermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(ShortGrantManagerTest, RefreshPermission002, TestSize.Level1) +HWTEST_F(ShortGrantManagerTest, RefreshPermission002, TestSize.Level0) { const uint32_t maxTime = 10; // 10s ShortGrantManager::GetInstance().maxTime_ = maxTime; @@ -150,7 +150,7 @@ HWTEST_F(ShortGrantManagerTest, RefreshPermission002, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(ShortGrantManagerTest, RefreshPermission003, TestSize.Level1) +HWTEST_F(ShortGrantManagerTest, RefreshPermission003, TestSize.Level0) { const uint32_t maxTime = 10; // 10s ShortGrantManager::GetInstance().maxTime_ = maxTime; @@ -208,7 +208,7 @@ HWTEST_F(ShortGrantManagerTest, RefreshPermission003, TestSize.Level1) * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(ShortGrantManagerTest, RefreshPermission004, TestSize.Level1) +HWTEST_F(ShortGrantManagerTest, RefreshPermission004, TestSize.Level0) { AccessTokenIDEx tokenIdEx = {0}; int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoParms, g_policyParams, tokenIdEx); diff --git a/services/common/database/test/BUILD.gn b/services/common/database/test/BUILD.gn index 9e8e5ff50..97ec48ce5 100644 --- a/services/common/database/test/BUILD.gn +++ b/services/common/database/test/BUILD.gn @@ -16,8 +16,7 @@ import("../../../../access_token.gni") ohos_unittest("libdatabase_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/services/common/database/test/unittest/database_test.cpp b/services/common/database/test/unittest/database_test.cpp index 99bd22516..24c75356f 100644 --- a/services/common/database/test/unittest/database_test.cpp +++ b/services/common/database/test/unittest/database_test.cpp @@ -58,7 +58,7 @@ void DatabaseTest::TearDown() {} * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(DatabaseTest, PutInt64001, TestSize.Level1) +HWTEST_F(DatabaseTest, PutInt64001, TestSize.Level0) { GenericValues genericValues; std::string key = "databasetest"; @@ -77,7 +77,7 @@ HWTEST_F(DatabaseTest, PutInt64001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(DatabaseTest, PutVariant001, TestSize.Level1) +HWTEST_F(DatabaseTest, PutVariant001, TestSize.Level0) { GenericValues genericValues; std::string key = "databasetest"; @@ -98,7 +98,7 @@ HWTEST_F(DatabaseTest, PutVariant001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(DatabaseTest, VariantValue64001, TestSize.Level1) +HWTEST_F(DatabaseTest, VariantValue64001, TestSize.Level0) { int64_t testValue = 1; VariantValue Test(testValue); @@ -111,7 +111,7 @@ HWTEST_F(DatabaseTest, VariantValue64001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(DatabaseTest, VariantValue64002, TestSize.Level1) +HWTEST_F(DatabaseTest, VariantValue64002, TestSize.Level0) { int32_t ntestValue = 1; VariantValue Ntest(ntestValue); @@ -127,7 +127,7 @@ HWTEST_F(DatabaseTest, VariantValue64002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DatabaseTest, VariantValue001, TestSize.Level1) +HWTEST_F(DatabaseTest, VariantValue001, TestSize.Level0) { VariantValue Test; Test.GetString(); @@ -154,7 +154,7 @@ static void RemoveTestTokenHapInfo() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DatabaseTest, SqliteStorageModifyTest001, TestSize.Level1) +HWTEST_F(DatabaseTest, SqliteStorageModifyTest001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "SqliteStorageModifyTest001 begin"); @@ -217,7 +217,7 @@ HWTEST_F(DatabaseTest, SqliteStorageModifyTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionDef001, TestSize.Level1) +HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionDef001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionDefTest001 begin"); @@ -238,7 +238,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionDef001, TestSize.L * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus001, TestSize.Level1) +HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus001 begin"); @@ -259,7 +259,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus001, TestSiz * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus002, TestSize.Level1) +HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus002 begin"); @@ -281,7 +281,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus002, TestSiz * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus003, TestSize.Level1) +HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus003 begin"); @@ -304,7 +304,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus003, TestSiz * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus004, TestSize.Level1) +HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus004 begin"); diff --git a/services/common/json_parse/test/BUILD.gn b/services/common/json_parse/test/BUILD.gn index bf583367b..e6f3c4d3d 100644 --- a/services/common/json_parse/test/BUILD.gn +++ b/services/common/json_parse/test/BUILD.gn @@ -21,8 +21,7 @@ config("accesstoken_json_parse_config") { ohos_unittest("libjsonparse_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/services/common/json_parse/test/unittest/cjson_utils_test.cpp b/services/common/json_parse/test/unittest/cjson_utils_test.cpp index c9cbc3fb0..961eec013 100644 --- a/services/common/json_parse/test/unittest/cjson_utils_test.cpp +++ b/services/common/json_parse/test/unittest/cjson_utils_test.cpp @@ -44,7 +44,7 @@ void CJsonUtilsTest::TearDown() {} * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level3) { std::string test; EXPECT_EQ(nullptr, CreateJsonFromString(test)); @@ -56,7 +56,7 @@ HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, PackJsonToStringTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, PackJsonToStringTest001, TestSize.Level3) { std::string res = PackJsonToString(nullptr); EXPECT_EQ(res.size(), 0); @@ -70,7 +70,7 @@ HWTEST_F(CJsonUtilsTest, PackJsonToStringTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetObjFromJsonTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, GetObjFromJsonTest001, TestSize.Level3) { std::string test; EXPECT_EQ(nullptr, GetObjFromJson(nullptr, test)); @@ -90,7 +90,7 @@ HWTEST_F(CJsonUtilsTest, GetObjFromJsonTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetArrayFromJsonTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, GetArrayFromJsonTest001, TestSize.Level3) { std::string test; EXPECT_EQ(nullptr, GetArrayFromJson(nullptr, test)); @@ -110,7 +110,7 @@ HWTEST_F(CJsonUtilsTest, GetArrayFromJsonTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetStringFromJsonTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, GetStringFromJsonTest001, TestSize.Level3) { std::string test; std::string res; @@ -134,7 +134,7 @@ HWTEST_F(CJsonUtilsTest, GetStringFromJsonTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetIntFromJsonTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, GetIntFromJsonTest001, TestSize.Level3) { std::string test; int32_t res; @@ -155,7 +155,7 @@ HWTEST_F(CJsonUtilsTest, GetIntFromJsonTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetUnsignedIntFromJsonTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, GetUnsignedIntFromJsonTest001, TestSize.Level3) { std::string test; uint32_t res; @@ -176,7 +176,7 @@ HWTEST_F(CJsonUtilsTest, GetUnsignedIntFromJsonTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest001, TestSize.Level3) { std::string test; bool res; @@ -197,7 +197,7 @@ HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest002, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest002, TestSize.Level3) { std::string test = "test1"; bool res; @@ -214,7 +214,7 @@ HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest002, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddObjToJsonTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, AddObjToJsonTest001, TestSize.Level3) { ASSERT_EQ(false, AddObjToJson(nullptr, "", nullptr)); std::string test = "test1"; @@ -235,7 +235,7 @@ HWTEST_F(CJsonUtilsTest, AddObjToJsonTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddObjToArrayTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, AddObjToArrayTest001, TestSize.Level3) { ASSERT_EQ(false, AddObjToArray(nullptr, nullptr)); @@ -249,7 +249,7 @@ HWTEST_F(CJsonUtilsTest, AddObjToArrayTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level3) { ASSERT_EQ(false, AddStringToJson(nullptr, "", "")); ASSERT_EQ(false, AddStringToJson(nullptr, "test0", "test0")); @@ -266,7 +266,7 @@ HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level3) { ASSERT_EQ(false, AddBoolToJson(nullptr, "", true)); ASSERT_EQ(false, AddBoolToJson(nullptr, "test0", true)); @@ -283,7 +283,7 @@ HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level3) { ASSERT_EQ(false, AddIntToJson(nullptr, "", 0)); ASSERT_EQ(false, AddIntToJson(nullptr, "test0", 0)); @@ -300,7 +300,7 @@ HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level4) * @tc.type: FUNC * @tc.require: TDD coverage */ -HWTEST_F(CJsonUtilsTest, AddUnsignedIntToJsonTest001, TestSize.Level4) +HWTEST_F(CJsonUtilsTest, AddUnsignedIntToJsonTest001, TestSize.Level3) { ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "", 0)); ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "test0", 0)); diff --git a/services/common/json_parse/test/unittest/json_parse_test.cpp b/services/common/json_parse/test/unittest/json_parse_test.cpp index e361ba345..5678f12ca 100644 --- a/services/common/json_parse/test/unittest/json_parse_test.cpp +++ b/services/common/json_parse/test/unittest/json_parse_test.cpp @@ -63,7 +63,7 @@ void PrivacyParcelTest::TearDown() {} * @tc.type: FUNC * @tc.require: issueI6024A */ -HWTEST_F(JsonParseTest, IsDirExsit001, TestSize.Level1) +HWTEST_F(JsonParseTest, IsDirExsit001, TestSize.Level0) { ConfigPolicLoader loader; EXPECT_FALSE(loader.IsDirExsit("")); @@ -79,7 +79,7 @@ HWTEST_F(JsonParseTest, IsDirExsit001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(JsonParseTest, ParserNativeRawData001, TestSize.Level1) +HWTEST_F(JsonParseTest, ParserNativeRawData001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData001!"); std::string testStr = R"([)"\ @@ -106,7 +106,7 @@ HWTEST_F(JsonParseTest, ParserNativeRawData001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(JsonParseTest, ParserNativeRawData002, TestSize.Level1) +HWTEST_F(JsonParseTest, ParserNativeRawData002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData002!"); std::string testStr = R"([{"processName":""}])"; @@ -160,7 +160,7 @@ HWTEST_F(JsonParseTest, ParserNativeRawData002, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(JsonParseTest, ParserNativeRawData003, TestSize.Level1) +HWTEST_F(JsonParseTest, ParserNativeRawData003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData003!"); std::string testStr = R"([)"\ @@ -182,7 +182,7 @@ HWTEST_F(JsonParseTest, ParserNativeRawData003, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(JsonParseTest, ParserNativeRawData004, TestSize.Level1) +HWTEST_F(JsonParseTest, ParserNativeRawData004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "test ParserNativeRawData004!"); // version wrong @@ -243,7 +243,7 @@ HWTEST_F(JsonParseTest, ParserNativeRawData004, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(JsonParseTest, init001, TestSize.Level1) +HWTEST_F(JsonParseTest, init001, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "test init001!"); @@ -300,7 +300,7 @@ static void PrepareJsonData1() * @tc.type: FUNC * @tc.require: SR000GVIGR */ -HWTEST_F(PermissionManagerTest, DlpPermissionConfig001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, DlpPermissionConfig001, TestSize.Level0) { PrepareJsonData1(); @@ -354,7 +354,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig001, TestSize.Level1) * @tc.type: FUNC * @tc.require: SR000GVIGR */ -HWTEST_F(PermissionManagerTest, DlpPermissionConfig002, TestSize.Level1) +HWTEST_F(PermissionManagerTest, DlpPermissionConfig002, TestSize.Level0) { PrepareJsonData1(); @@ -408,7 +408,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig002, TestSize.Level1) * @tc.type: FUNC * @tc.require: SR000GVIGR */ -HWTEST_F(PermissionManagerTest, DlpPermissionConfig003, TestSize.Level1) +HWTEST_F(PermissionManagerTest, DlpPermissionConfig003, TestSize.Level0) { PrepareJsonData1(); @@ -488,7 +488,7 @@ static void PrepareJsonData2() * @tc.type: FUNC * @tc.require: SR000GVIGR */ -HWTEST_F(PermissionManagerTest, DlpPermissionConfig004, TestSize.Level1) +HWTEST_F(PermissionManagerTest, DlpPermissionConfig004, TestSize.Level0) { PrepareJsonData2(); PrepareUserPermState(); @@ -546,7 +546,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig004, TestSize.Level1) * @tc.type: FUNC * @tc.require: SR000GVIGR */ -HWTEST_F(PermissionManagerTest, DlpPermissionConfig005, TestSize.Level1) +HWTEST_F(PermissionManagerTest, DlpPermissionConfig005, TestSize.Level0) { PrepareJsonData2(); PrepareUserPermState(); @@ -603,7 +603,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, DlpPermissionConfig006, TestSize.Level1) +HWTEST_F(PermissionManagerTest, DlpPermissionConfig006, TestSize.Level0) { PrepareJsonData2(); PrepareUserPermState(); diff --git a/services/common/window_manager/test/BUILD.gn b/services/common/window_manager/test/BUILD.gn index b47965458..0a1266230 100644 --- a/services/common/window_manager/test/BUILD.gn +++ b/services/common/window_manager/test/BUILD.gn @@ -16,8 +16,7 @@ import("../../../../access_token.gni") ohos_unittest("libwindow_manager_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/services/privacymanager/test/coverage/BUILD.gn b/services/privacymanager/test/coverage/BUILD.gn index bebe39ff1..76b78de97 100644 --- a/services/privacymanager/test/coverage/BUILD.gn +++ b/services/privacymanager/test/coverage/BUILD.gn @@ -17,8 +17,7 @@ import("../../../../access_token.gni") if (is_standard_system && ability_base_enable == true) { ohos_unittest("libprivacy_manager_service_coverage_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_privacy sanitize = { cfi = true cfi_cross_dso = true diff --git a/services/privacymanager/test/tool/BUILD.gn b/services/privacymanager/test/tool/BUILD.gn index 753773f3b..8f3fecb5e 100644 --- a/services/privacymanager/test/tool/BUILD.gn +++ b/services/privacymanager/test/tool/BUILD.gn @@ -16,8 +16,7 @@ import("//build/test.gni") ohos_unittest("CreateCameraWindowTest") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_privacy sanitize = { cfi = true cfi_cross_dso = true diff --git a/services/privacymanager/test/tool/camera_window_create.cpp b/services/privacymanager/test/tool/camera_window_create.cpp index 6a48703d6..ff01ea730 100644 --- a/services/privacymanager/test/tool/camera_window_create.cpp +++ b/services/privacymanager/test/tool/camera_window_create.cpp @@ -83,7 +83,7 @@ static inline Rosen::Rect GetRectWithVpr(int32_t x, int32_t y, uint32_t w, uint3 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(CreateCameraWindowTest, CreateCameraFloatWindowTest, TestSize.Level1) +HWTEST_F(CreateCameraWindowTest, CreateCameraFloatWindowTest, TestSize.Level0) { uint32_t tokenId = GetSelfTokenID(); GTEST_LOG_(INFO) << "CreateCameraFloatWindowTest begin, tokenId: " << tokenId << std::endl; diff --git a/services/privacymanager/test/unittest/BUILD.gn b/services/privacymanager/test/unittest/BUILD.gn index 48ea15a50..dadd68779 100644 --- a/services/privacymanager/test/unittest/BUILD.gn +++ b/services/privacymanager/test/unittest/BUILD.gn @@ -17,8 +17,7 @@ import("../../../../access_token.gni") if (is_standard_system && ability_base_enable == true) { ohos_unittest("libprivacy_manager_service_standard_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_privacy sanitize = { cfi = true cfi_cross_dso = true diff --git a/services/privacymanager/test/unittest/permission_record_db_test.cpp b/services/privacymanager/test/unittest/permission_record_db_test.cpp index dd7409898..97dbb5383 100644 --- a/services/privacymanager/test/unittest/permission_record_db_test.cpp +++ b/services/privacymanager/test/unittest/permission_record_db_test.cpp @@ -65,7 +65,7 @@ void PermissionRecordDBTest::TearDown() * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = static_cast(100); ASSERT_EQ("", PermissionUsedRecordDb::GetInstance().CreateInsertPrepareSqlCmd(type)); @@ -77,7 +77,7 @@ HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd002, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd002, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD; ASSERT_NE("", PermissionUsedRecordDb::GetInstance().CreateInsertPrepareSqlCmd(type)); @@ -89,7 +89,7 @@ HWTEST_F(PermissionRecordDBTest, CreateInsertPrepareSqlCmd002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateDeletePrepareSqlCmd001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateDeletePrepareSqlCmd001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = static_cast(100); std::vector columnNames; @@ -102,7 +102,7 @@ HWTEST_F(PermissionRecordDBTest, CreateDeletePrepareSqlCmd001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD; std::vector modifyColumns; @@ -117,7 +117,7 @@ HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd002, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd002, TestSize.Level0) { PermissionUsedRecordDb::DataType type = static_cast(100); std::vector modifyColumns; @@ -133,7 +133,7 @@ HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd003, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd003, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD; std::vector modifyColumns; @@ -150,7 +150,7 @@ HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd004, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd004, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD; std::vector modifyColumns; @@ -167,7 +167,7 @@ HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd004, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd005, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd005, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD; std::vector modifyColumns; @@ -185,7 +185,7 @@ HWTEST_F(PermissionRecordDBTest, CreateUpdatePrepareSqlCmd005, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = static_cast(100); std::set opCodeList; @@ -200,7 +200,7 @@ HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd001, TestSi * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd002, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd002, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD; std::set opCodeList; @@ -219,7 +219,7 @@ HWTEST_F(PermissionRecordDBTest, CreateSelectByConditionPrepareSqlCmd002, TestSi * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateCountPrepareSqlCmd001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateCountPrepareSqlCmd001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = static_cast(100); ASSERT_EQ("", PermissionUsedRecordDb::GetInstance().CreateCountPrepareSqlCmd(type)); @@ -231,7 +231,7 @@ HWTEST_F(PermissionRecordDBTest, CreateCountPrepareSqlCmd001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateDeleteExpireRecordsPrepareSqlCmd001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateDeleteExpireRecordsPrepareSqlCmd001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = static_cast(100); // type not found std::vector andColumns; @@ -249,7 +249,7 @@ HWTEST_F(PermissionRecordDBTest, CreateDeleteExpireRecordsPrepareSqlCmd001, Test * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordDBTest, DeleteHistoryRecordsInTables001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, DeleteHistoryRecordsInTables001, TestSize.Level0) { std::vector dataTypes; dataTypes.emplace_back(PermissionUsedRecordDb::DataType::PERMISSION_RECORD); @@ -265,7 +265,7 @@ HWTEST_F(PermissionRecordDBTest, DeleteHistoryRecordsInTables001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordDBTest, CreateDeleteHistoryRecordsPrepareSqlCmd001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateDeleteHistoryRecordsPrepareSqlCmd001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = static_cast(100); // type not found std::unordered_set tokenIDList; @@ -282,7 +282,7 @@ HWTEST_F(PermissionRecordDBTest, CreateDeleteHistoryRecordsPrepareSqlCmd001, Tes * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = static_cast(100); uint32_t excessiveSize = 10; @@ -295,7 +295,7 @@ HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd001, T * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd002, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd002, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD; uint32_t excessiveSize = 10; @@ -308,7 +308,7 @@ HWTEST_F(PermissionRecordDBTest, CreateDeleteExcessiveRecordsPrepareSqlCmd002, T * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, CreatePermissionRecordTable001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreatePermissionRecordTable001, TestSize.Level0) { ASSERT_EQ(0, PermissionUsedRecordDb::GetInstance().CreatePermissionRecordTable()); @@ -326,7 +326,7 @@ HWTEST_F(PermissionRecordDBTest, CreatePermissionRecordTable001, TestSize.Level1 * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, InsertLockScreenStatusColumn001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, InsertLockScreenStatusColumn001, TestSize.Level0) { ASSERT_EQ(Constant::SUCCESS, PermissionUsedRecordDb::GetInstance().InsertLockScreenStatusColumn()); @@ -344,7 +344,7 @@ HWTEST_F(PermissionRecordDBTest, InsertLockScreenStatusColumn001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordDBTest, TranslationIntoGenericValues001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, TranslationIntoGenericValues001, TestSize.Level0) { PermissionUsedRequest request; GenericValues andGenericValues; @@ -385,7 +385,7 @@ HWTEST_F(PermissionRecordDBTest, TranslationIntoGenericValues001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordDBTest, TranslationGenericValuesIntoPermissionUsedRecord001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, TranslationGenericValuesIntoPermissionUsedRecord001, TestSize.Level0) { GenericValues inGenericValues; PermissionUsedRecord permissionRecord; @@ -413,7 +413,7 @@ HWTEST_F(PermissionRecordDBTest, TranslationGenericValuesIntoPermissionUsedRecor * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, Add001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, Add001, TestSize.Level0) { GenericValues value1; value1.Put(PrivacyFiledConst::FIELD_TOKEN_ID, 0); @@ -446,7 +446,7 @@ HWTEST_F(PermissionRecordDBTest, Add001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, Add002, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, Add002, TestSize.Level0) { GenericValues value1; value1.Put(PrivacyFiledConst::FIELD_TOKEN_ID, 0); @@ -485,7 +485,7 @@ HWTEST_F(PermissionRecordDBTest, Add002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWXF */ -HWTEST_F(PermissionRecordDBTest, Add003, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, Add003, TestSize.Level0) { std::vector values; PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD; @@ -498,7 +498,7 @@ HWTEST_F(PermissionRecordDBTest, Add003, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWXF */ -HWTEST_F(PermissionRecordDBTest, Add004, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, Add004, TestSize.Level0) { GenericValues value1; value1.Put(PrivacyFiledConst::FIELD_TOKEN_ID, 0); @@ -539,7 +539,7 @@ HWTEST_F(PermissionRecordDBTest, Add004, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, FindByConditions001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, FindByConditions001, TestSize.Level0) { GenericValues value; std::set opCodeList; @@ -590,7 +590,7 @@ HWTEST_F(PermissionRecordDBTest, FindByConditions001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, FindByConditions002, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, FindByConditions002, TestSize.Level0) { GenericValues value1; value1.Put(PrivacyFiledConst::FIELD_TOKEN_ID, 1); @@ -651,7 +651,7 @@ HWTEST_F(PermissionRecordDBTest, FindByConditions002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, DeleteExpireRecords001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, DeleteExpireRecords001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD; GenericValues andConditions; @@ -664,7 +664,7 @@ HWTEST_F(PermissionRecordDBTest, DeleteExpireRecords001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5YL6H */ -HWTEST_F(PermissionRecordDBTest, DeleteExcessiveRecords001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, DeleteExcessiveRecords001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_RECORD; uint32_t excessiveSize = 10; @@ -677,7 +677,7 @@ HWTEST_F(PermissionRecordDBTest, DeleteExcessiveRecords001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordDBTest, CreateQueryPrepareSqlCmd001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, CreateQueryPrepareSqlCmd001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_USED_TYPE; std::vector conditionColumns; @@ -695,7 +695,7 @@ HWTEST_F(PermissionRecordDBTest, CreateQueryPrepareSqlCmd001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordDBTest, Query001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, Query001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_USED_TYPE; GenericValues conditionValue; @@ -743,7 +743,7 @@ HWTEST_F(PermissionRecordDBTest, Query001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordDBTest, Update001, TestSize.Level1) +HWTEST_F(PermissionRecordDBTest, Update001, TestSize.Level0) { PermissionUsedRecordDb::DataType type = PermissionUsedRecordDb::PERMISSION_USED_TYPE; GenericValues conditionValue; diff --git a/services/privacymanager/test/unittest/permission_record_manager_test.cpp b/services/privacymanager/test/unittest/permission_record_manager_test.cpp index 9fadaf10b..c720cfd50 100644 --- a/services/privacymanager/test/unittest/permission_record_manager_test.cpp +++ b/services/privacymanager/test/unittest/permission_record_manager_test.cpp @@ -237,7 +237,7 @@ static PermissionUsedTypeInfo MakeInfo(AccessTokenID tokenId, int32_t pid, const * @tc.type: FUNC * @tc.require: issueI5RWX8 */ -HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback001, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback( @@ -271,7 +271,7 @@ public: * @tc.type: FUNC * @tc.require: issueI5RWX8 */ -HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback002, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback002, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; std::vector> callbacks; @@ -302,7 +302,7 @@ HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback002, TestS * @tc.type: FUNC * @tc.require: issueI5RWX8 */ -HWTEST_F(PermissionRecordManagerTest, UnRegisterPermActiveStatusCallback001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, UnRegisterPermActiveStatusCallback001, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; ASSERT_EQ(PrivacyError::ERR_PARAM_INVALID, PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback( @@ -315,7 +315,7 @@ HWTEST_F(PermissionRecordManagerTest, UnRegisterPermActiveStatusCallback001, Tes * @tc.type: FUNC * @tc.require: issueI5RWX5 issueI5RWX3 issueI5RWXA */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Level0) { std::string permissionName = "ohos.permission.CAMERA"; auto callbackPtr = std::make_shared(); @@ -332,7 +332,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Leve * @tc.type: FUNC * @tc.require: issueI5RWXF */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest002, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest002, TestSize.Level0) { auto callbackPtr = std::make_shared(); auto callbackWrap = new (std::nothrow) StateChangeCallback(callbackPtr); @@ -365,7 +365,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest002, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest003, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest003, TestSize.Level0) { char value[VALUE_MAX_LEN] = {0}; GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1); @@ -392,7 +392,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest003, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest004, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest004, TestSize.Level0) { char value[VALUE_MAX_LEN] = {0}; GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1); @@ -433,7 +433,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest004, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest005, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest005, TestSize.Level0) { char value[VALUE_MAX_LEN] = {0}; GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1); @@ -474,7 +474,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest005, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest006, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest006, TestSize.Level0) { char value[VALUE_MAX_LEN] = {0}; GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1); @@ -515,7 +515,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest006, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest007, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest007, TestSize.Level0) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -543,7 +543,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest007, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest008, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest008, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; sptr callback = new (std::nothrow) PermActiveStatusChangeCallback(); @@ -586,7 +586,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest008, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest009, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest009, TestSize.Level0) { auto callbackPtr1 = std::make_shared(); auto callbackWrap1 = new (std::nothrow) StateChangeCallback(callbackPtr1); @@ -636,7 +636,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest009, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest010, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest010, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; sptr callback = new (std::nothrow) PermActiveStatusChangeCallback(); @@ -675,7 +675,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest010, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest011, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest011, TestSize.Level0) { std::vector permList = {"ohos.permission.CAMERA"}; sptr callback = new (std::nothrow) PermActiveStatusChangeCallback(); @@ -712,7 +712,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest011, TestSize.Leve * @tc.type: FUNC * @tc.require: issueI5RWXF */ -HWTEST_F(PermissionRecordManagerTest, ShowGlobalDialog001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, ShowGlobalDialog001, TestSize.Level0) { ASSERT_EQ(true, PermissionRecordManager::GetInstance().ShowGlobalDialog("ohos.permission.CAMERA")); sleep(3); // wait for dialog disappear @@ -728,7 +728,7 @@ HWTEST_F(PermissionRecordManagerTest, ShowGlobalDialog001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5RWXF */ -HWTEST_F(PermissionRecordManagerTest, AppStateChangeListener001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, AppStateChangeListener001, TestSize.Level0) { char value[VALUE_MAX_LEN] = {0}; GetParameter(EDM_MIC_MUTE_KEY, "", value, VALUE_MAX_LEN - 1); @@ -762,7 +762,7 @@ HWTEST_F(PermissionRecordManagerTest, AppStateChangeListener001, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, TransferOpcodeToPermission001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, TransferOpcodeToPermission001, TestSize.Level0) { int32_t opCode = static_cast(Constant::OpCode::OP_INVALID); std::string permissionName; @@ -775,7 +775,7 @@ HWTEST_F(PermissionRecordManagerTest, TransferOpcodeToPermission001, TestSize.Le * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord001, TestSize.Level0) { MockNativeToken mock("camera_service"); // native process with have add permission AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, @@ -807,7 +807,7 @@ HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord002, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord002, TestSize.Level0) { MockNativeToken mock("camera_service"); // native process with have permission AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, @@ -829,7 +829,7 @@ HWTEST_F(PermissionRecordManagerTest, AddPermissionUsedRecord002, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetPermissionUsedRecordToggleStatus001, TestSize.Level0) { int32_t ret = PermissionRecordManager::GetInstance().SetPermissionUsedRecordToggleStatus( TEST_INVALID_USER_ID, true); @@ -846,7 +846,7 @@ HWTEST_F(PermissionRecordManagerTest, SetPermissionUsedRecordToggleStatus001, Te * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordToggleStatus001, TestSize.Level0) { bool status = true; int32_t ret = PermissionRecordManager::GetInstance().GetPermissionUsedRecordToggleStatus( @@ -864,7 +864,7 @@ HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedRecordToggleStatus001, Te * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, UpdatePermUsedRecToggleStatusMap001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, UpdatePermUsedRecToggleStatusMap001, TestSize.Level0) { bool checkStatus = PermissionRecordManager::GetInstance().CheckPermissionUsedRecordToggleStatus(TEST_USER_ID_10); EXPECT_TRUE(checkStatus); @@ -889,7 +889,7 @@ HWTEST_F(PermissionRecordManagerTest, UpdatePermUsedRecToggleStatusMap001, TestS * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, StopUsingPermission001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, StopUsingPermission001, TestSize.Level0) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -916,7 +916,7 @@ HWTEST_F(PermissionRecordManagerTest, StopUsingPermission001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback003, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback003, TestSize.Level0) { std::vector permList; @@ -932,7 +932,7 @@ HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback003, TestS * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedType001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedType001, TestSize.Level0) { uint32_t tokenId = RANDOM_TOKENID; std::string permissionName = "ohos.permission.PERMISSION_RECORD_MANAGER_TEST"; @@ -956,7 +956,7 @@ HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedType001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, Dlopen001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, Dlopen001, TestSize.Level0) { LibraryLoader loader1("libnotexist.z.so"); // is a not exist path EXPECT_EQ(nullptr, loader1.handle_); @@ -972,7 +972,7 @@ HWTEST_F(PermissionRecordManagerTest, Dlopen001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults001, TestSize.Level0) { GenericValues value; value.Put(PrivacyFiledConst::FIELD_TOKEN_ID, static_cast(RANDOM_TOKENID)); @@ -989,7 +989,7 @@ HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults002, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults002, TestSize.Level0) { GenericValues value; value.Put(PrivacyFiledConst::FIELD_TOKEN_ID, static_cast(RANDOM_TOKENID)); @@ -1006,7 +1006,7 @@ HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults003, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults003, TestSize.Level0) { GenericValues value; value.Put(PrivacyFiledConst::FIELD_TOKEN_ID, static_cast(RANDOM_TOKENID)); @@ -1024,7 +1024,7 @@ HWTEST_F(PermissionRecordManagerTest, AddDataValueToResults003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest001, TestSize.Level0) { uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, tokenID); @@ -1046,7 +1046,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest002, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest002, TestSize.Level0) { uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); @@ -1068,7 +1068,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest003, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest003, TestSize.Level0) { uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); @@ -1090,7 +1090,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest004, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest004, TestSize.Level0) { uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, tokenID); @@ -1113,7 +1113,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest005, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest005, TestSize.Level0) { uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); @@ -1135,7 +1135,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest006, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest006, TestSize.Level0) { uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); @@ -1157,7 +1157,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest007, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest007, TestSize.Level0) { uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, tokenID); @@ -1180,7 +1180,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest008, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest008, TestSize.Level0) { uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); @@ -1203,7 +1203,7 @@ HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest008, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest009, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, SetMutePolicyTest009, TestSize.Level0) { uint32_t tokenID = PrivacyTestCommon::GetNativeTokenIdFromProcess("edm"); PermissionRecordManager::GetInstance().SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, false, tokenID); @@ -1253,7 +1253,7 @@ public: * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest001, TestSize.Level0) { DiedProxyMaker init; init.AddRecipient(CALLER_PID); @@ -1290,7 +1290,7 @@ HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest002, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest002, TestSize.Level0) { DiedProxyMaker init; init.AddRecipient(CALLER_PID); @@ -1328,7 +1328,7 @@ HWTEST_F(PermissionRecordManagerTest, ProxyDeathTest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, HasCallerInStartList001, TestSize.Level1) +HWTEST_F(PermissionRecordManagerTest, HasCallerInStartList001, TestSize.Level0) { DiedProxyMaker init; init.AddRecipient(CALLER_PID); diff --git a/services/privacymanager/test/unittest/permission_record_set_test.cpp b/services/privacymanager/test/unittest/permission_record_set_test.cpp index 0bd2e7d2a..6cbbe76c8 100644 --- a/services/privacymanager/test/unittest/permission_record_set_test.cpp +++ b/services/privacymanager/test/unittest/permission_record_set_test.cpp @@ -125,7 +125,7 @@ void PermissionRecordSetTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0001, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0001, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -143,7 +143,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0002, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0002, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -161,7 +161,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0003, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0003, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -179,7 +179,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0004, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0004, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -197,7 +197,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0005, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0005, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -215,7 +215,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0006, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0006, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -233,7 +233,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0007, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0007, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -251,7 +251,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0008, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0008, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[1], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, // 0-3 @@ -288,7 +288,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0008, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0009, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0009, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, // 0-0 @@ -321,7 +321,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0009, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0010, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0010, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[1], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, // 0-4 @@ -354,7 +354,7 @@ HWTEST_F(PermissionRecordSetTest, PermissionRecordSetTest0010, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveRecord0001, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveRecord0001, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -386,7 +386,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveRecord0001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveRecord0002, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveRecord0002, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[1], CALLER_PID[0] }, @@ -418,7 +418,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveRecord0002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveRecord0003, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveRecord0003, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[1], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -450,7 +450,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveRecord0003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveRecord0005, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveRecord0005, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -482,7 +482,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveRecord0005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveTokenId0001, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveTokenId0001, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -514,7 +514,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenId0001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveTokenId0002, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveTokenId0002, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -546,7 +546,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenId0002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveTokenId0003, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveTokenId0003, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[1], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -578,7 +578,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenId0003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0001, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0001, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -610,7 +610,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0002, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0002, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -642,7 +642,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0003, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0003, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[1], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -674,7 +674,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0004, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0004, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -706,7 +706,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0005, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0005, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -738,7 +738,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveTokenIdAndPid0005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemovePermCode0001, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemovePermCode0001, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -770,7 +770,7 @@ HWTEST_F(PermissionRecordSetTest, RemovePermCode0001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemovePermCode0002, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemovePermCode0002, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -802,7 +802,7 @@ HWTEST_F(PermissionRecordSetTest, RemovePermCode0002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemovePermCode0003, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemovePermCode0003, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[1], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -834,7 +834,7 @@ HWTEST_F(PermissionRecordSetTest, RemovePermCode0003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemovePermCode0004, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemovePermCode0004, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], INACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -866,7 +866,7 @@ HWTEST_F(PermissionRecordSetTest, RemovePermCode0004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0001, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0001, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[1], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -898,7 +898,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0002, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0002, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -930,7 +930,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0003, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0003, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -962,7 +962,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0004, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0004, TestSize.Level0) { int32_t recordList[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[1] }, @@ -994,7 +994,7 @@ HWTEST_F(PermissionRecordSetTest, RemoveCallerPid0004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0001, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0001, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[1], OPCODE[0], ACTIVE, HAP_PID[1], CALLER_PID[0] }, @@ -1021,7 +1021,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0002, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0002, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[1], OPCODE[0], ACTIVE, HAP_PID[1], CALLER_PID[0] }, @@ -1048,7 +1048,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0003, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0003, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[1], OPCODE[0], ACTIVE, HAP_PID[1], CALLER_PID[0] }, @@ -1075,7 +1075,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0004, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0004, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[1], OPCODE[0], ACTIVE, HAP_PID[1], CALLER_PID[0] }, @@ -1102,7 +1102,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0005, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0005, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[1], OPCODE[1], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -1127,7 +1127,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0006, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0006, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -1153,7 +1153,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0007, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0007, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -1179,7 +1179,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0008, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0008, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[1], ACTIVE, HAP_PID[1], CALLER_PID[0] }, @@ -1205,7 +1205,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0008, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0009, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0009, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[1], ACTIVE, -1, CALLER_PID[0] }, @@ -1231,7 +1231,7 @@ HWTEST_F(PermissionRecordSetTest, GetUnusedCameraRecords0009, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0001, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0001, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[1], INACTIVE, HAP_PID[0], CALLER_PID[0] }, @@ -1258,7 +1258,7 @@ HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0002, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0002, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[0], ACTIVE, HAP_PID[1], CALLER_PID[0] }, @@ -1284,7 +1284,7 @@ HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0003, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0003, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[1], OPCODE[0], ACTIVE, HAP_PID[1], CALLER_PID[0] }, @@ -1310,7 +1310,7 @@ HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0004, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0004, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[1], INACTIVE, HAP_PID[1], CALLER_PID[0] }, @@ -1335,7 +1335,7 @@ HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0005, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0005, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[1], ACTIVE, HAP_PID[1], CALLER_PID[0] }, @@ -1360,7 +1360,7 @@ HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0006, TestSize.Level1) +HWTEST_F(PermissionRecordSetTest, GetInActiveUniqueRecord0006, TestSize.Level0) { int32_t recordArray1[][RECORD_ITEM_SIZE] = { { HAP_TOKEN_ID[0], OPCODE[1], INACTIVE, HAP_PID[1], CALLER_PID[0] }, diff --git a/services/privacymanager/test/unittest/privacy_manager_proxy_death_test.cpp b/services/privacymanager/test/unittest/privacy_manager_proxy_death_test.cpp index f33d24075..c5b70f05c 100644 --- a/services/privacymanager/test/unittest/privacy_manager_proxy_death_test.cpp +++ b/services/privacymanager/test/unittest/privacy_manager_proxy_death_test.cpp @@ -58,7 +58,7 @@ void PrivacyManagerProxyDeathTest::TearDown() * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest001, TestSize.Level1) +HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest001, TestSize.Level0) { auto handler = std::make_shared(); auto anonyStub = new (std::nothrow) ProxyDeathCallBackStub(); @@ -81,7 +81,7 @@ HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest001, TestSize * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest002, TestSize.Level1) +HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest002, TestSize.Level0) { auto handler = std::make_shared(); auto anonyStub = new (std::nothrow) ProxyDeathCallBackStub(); @@ -118,7 +118,7 @@ public: * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest003, TestSize.Level1) +HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest003, TestSize.Level0) { auto handler = std::make_shared(); auto anonyStub = new (std::nothrow) ProxyDeathCallBackStub(); @@ -137,7 +137,7 @@ HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest003, TestSize * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest004, TestSize.Level1) +HWTEST_F(PrivacyManagerProxyDeathTest, PrivacyManagerProxyDeathTest004, TestSize.Level0) { auto handler = std::make_shared(); auto anonyStub = new (std::nothrow) ProxyDeathCallBackStub(); diff --git a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp index 055a4df11..10599d3b1 100644 --- a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp +++ b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp @@ -121,7 +121,7 @@ void PrivacyManagerServiceTest::TearDown() * @tc.type: FUNC * @tc.require: issueI4V02P */ -HWTEST_F(PrivacyManagerServiceTest, Dump001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, Dump001, TestSize.Level0) { int32_t fd = -1; std::vector args; @@ -167,7 +167,7 @@ HWTEST_F(PrivacyManagerServiceTest, Dump001, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI4V02P */ -HWTEST_F(PrivacyManagerServiceTest, Dump002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, Dump002, TestSize.Level0) { int32_t fd = 1; // 1: std output std::vector args; @@ -202,7 +202,7 @@ HWTEST_F(PrivacyManagerServiceTest, Dump002, TestSize.Level1) * @tc.type: FUNC * @tc.require: issueI5UPRK */ -HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission001, TestSize.Level0) { MockNativeToken mock("privacy_service"); @@ -238,7 +238,7 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission001, TestSize.Level1 * @tc.type: FUNC * @tc.require: issueI5UPRK */ -HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission002, TestSize.Level0) { AccessTokenID tokenId = PrivacyTestCommon::GetNativeTokenIdFromProcess("privacy_service"); // invalid tokenId @@ -265,7 +265,7 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission002, TestSize.Level1 * @tc.type: FUNC * @tc.require: issueI5UPRK */ -HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission003, TestSize.Level0) { AccessTokenIDEx tokenIdEx = PrivacyTestCommon::GetHapTokenIdFromBundle( g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); @@ -283,7 +283,7 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermission003, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner001, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -309,7 +309,7 @@ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner001, TestSize.Le * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner002, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -337,7 +337,7 @@ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner002, TestSize.Le * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner003, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -365,7 +365,7 @@ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordInner003, TestSize.Le * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner001, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -391,7 +391,7 @@ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner001, TestSi * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner002, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -419,7 +419,7 @@ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner002, TestSi * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner003, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -447,7 +447,7 @@ HWTEST_F(PrivacyManagerServiceTest, AddPermissionUsedRecordAsyncInner003, TestSi * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner001, TestSize.Level0) { int32_t userID = 1; bool status = true; @@ -462,7 +462,7 @@ HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner001, * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner002, TestSize.Level0) { int32_t userID = 1; bool status = true; @@ -480,7 +480,7 @@ HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner002, * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner003, TestSize.Level0) { int32_t userID = 1; bool status = true; @@ -498,7 +498,7 @@ HWTEST_F(PrivacyManagerServiceTest, SetPermissionUsedRecordToggleStatusInner003, * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner001, TestSize.Level0) { int32_t userID = 1; bool status = true; @@ -513,7 +513,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner001, * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner002, TestSize.Level0) { int32_t userID = 1; bool status = true; @@ -531,7 +531,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner002, * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner003, TestSize.Level0) { int32_t userID = 1; bool status = true; @@ -549,7 +549,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordToggleStatusInner003, * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner001, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -572,7 +572,7 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner002, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -594,7 +594,7 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner002, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner003, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -616,7 +616,7 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionInner003, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner001, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -640,7 +640,7 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner001, TestSi * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner002, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -663,7 +663,7 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner002, TestSi * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner003, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -687,7 +687,7 @@ HWTEST_F(PrivacyManagerServiceTest, StartUsingPermissionCallbackInner003, TestSi * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner001, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -705,7 +705,7 @@ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner001, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner002, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -725,7 +725,7 @@ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner002, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner003, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -745,7 +745,7 @@ HWTEST_F(PrivacyManagerServiceTest, StopUsingPermissionInner003, TestSize.Level1 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner001, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID @@ -759,7 +759,7 @@ HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner001, TestSiz * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner002, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID @@ -777,7 +777,7 @@ HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner002, TestSiz * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner003, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID @@ -794,7 +794,7 @@ HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner003, TestSiz * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner004, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner004, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID @@ -809,7 +809,7 @@ HWTEST_F(PrivacyManagerServiceTest, RemovePermissionUsedRecordsInner004, TestSiz * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner001, TestSize.Level0) { PermissionUsedRequestParcel request; request.request.isRemote = true; @@ -825,7 +825,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner001, TestSize.L * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner002, TestSize.Level0) { PermissionUsedRequestParcel request; request.request.isRemote = true; @@ -845,7 +845,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner002, TestSize.L * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner003, TestSize.Level0) { PermissionUsedRequestParcel request; request.request.isRemote = true; @@ -865,7 +865,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsInner003, TestSize.L * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner001, TestSize.Level0) { PermissionUsedRequestParcel request; request.request.isRemote = true; @@ -882,7 +882,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner001, TestS * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner002, TestSize.Level0) { PermissionUsedRequestParcel request; request.request.isRemote = true; @@ -901,7 +901,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner002, TestS * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner003, TestSize.Level0) { PermissionUsedRequestParcel request; request.request.isRemote = true; @@ -920,7 +920,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedRecordsAsyncInner003, TestS * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner001, TestSize.Level0) { std::vector permList(PERM_LIST_SIZE_MAX + 1); @@ -935,7 +935,7 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner001, Te * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner002, TestSize.Level0) { std::vector permList = {}; @@ -953,7 +953,7 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner002, Te * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner003, TestSize.Level0) { std::vector permList = {}; @@ -971,7 +971,7 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner003, Te * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner004, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner004, TestSize.Level0) { std::vector permList; @@ -987,7 +987,7 @@ HWTEST_F(PrivacyManagerServiceTest, RegisterPermActiveStatusCallbackInner004, Te * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner001, TestSize.Level0) { // systemapp with need permission int32_t ret = privacyManagerService_->UnRegisterPermActiveStatusCallback(nullptr); @@ -1001,7 +1001,7 @@ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner001, * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner002, TestSize.Level0) { std::vector reqPerm; MockHapToken mock("UnRegisterPermActiveStatusCallbackInner002", reqPerm, false); // set self tokenID to normal app @@ -1017,7 +1017,7 @@ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner002, * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner003, TestSize.Level0) { std::vector reqPerm; MockHapToken mock("UnRegisterPermActiveStatusCallbackInner003", reqPerm, true); // set self tokenID to system app @@ -1033,7 +1033,7 @@ HWTEST_F(PrivacyManagerServiceTest, UnRegisterPermActiveStatusCallbackInner003, * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner001, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -1052,7 +1052,7 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner001, TestSize.L * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner002, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -1073,7 +1073,7 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner002, TestSize.L * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner003, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -1094,7 +1094,7 @@ HWTEST_F(PrivacyManagerServiceTest, IsAllowedUsingPermissionInner003, TestSize.L * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner001, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -1112,7 +1112,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner001, TestSize * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner002, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -1131,7 +1131,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner002, TestSize * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner003, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID std::string permissionName = "ohos.permission.test"; // is invalid permission @@ -1150,7 +1150,7 @@ HWTEST_F(PrivacyManagerServiceTest, GetPermissionUsedTypeInfosInner003, TestSize * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner001, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID uint32_t policyType = 0; @@ -1170,7 +1170,7 @@ HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner002, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner002, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID uint32_t policyType = 0; @@ -1189,7 +1189,7 @@ HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner003, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner003, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID uint32_t policyType = 0; @@ -1208,7 +1208,7 @@ HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner004, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner004, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID uint32_t policyType = 0; @@ -1227,7 +1227,7 @@ HWTEST_F(PrivacyManagerServiceTest, SetMutePolicyInner004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, SetHapWithFGReminderInner001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, SetHapWithFGReminderInner001, TestSize.Level0) { AccessTokenID tokenID = 123; // 123 is invalid tokenID bool isAllowed = true; @@ -1246,7 +1246,7 @@ HWTEST_F(PrivacyManagerServiceTest, SetHapWithFGReminderInner001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PrivacyManagerServiceTest, GetProxyDeathHandle001, TestSize.Level1) +HWTEST_F(PrivacyManagerServiceTest, GetProxyDeathHandle001, TestSize.Level0) { auto handler1 = privacyManagerService_->GetProxyDeathHandler(); ASSERT_NE(nullptr, handler1); diff --git a/services/tokensyncmanager/test/coverage/BUILD.gn b/services/tokensyncmanager/test/coverage/BUILD.gn index f39c25053..89e3219e2 100644 --- a/services/tokensyncmanager/test/coverage/BUILD.gn +++ b/services/tokensyncmanager/test/coverage/BUILD.gn @@ -16,8 +16,7 @@ import("../../../../access_token.gni") ohos_unittest("libtoken_sync_service_coverage_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp b/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp index c464d8a7e..4e8f3079b 100644 --- a/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp +++ b/services/tokensyncmanager/test/coverage/token_sync_service_coverage_test.cpp @@ -158,7 +158,7 @@ void TokenSyncServiceTest::OnDeviceOffline(const DistributedHardware::DmDeviceIn * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, CheckAndCopyStr001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, CheckAndCopyStr001, TestSize.Level4) { std::string test_src = "testSrc"; ASSERT_FALSE(SoftBusManager::GetInstance().CheckAndCopyStr(nullptr, test_src.length(), test_src)); @@ -170,7 +170,7 @@ HWTEST_F(TokenSyncServiceTest, CheckAndCopyStr001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, CloseSocket001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, CloseSocket001, TestSize.Level4) { ASSERT_EQ(Constant::FAILURE, SoftBusManager::GetInstance().CloseSocket(-1)); ASSERT_EQ(Constant::SUCCESS, SoftBusManager::GetInstance().CloseSocket(OUT_OF_MAP_SOCKET)); @@ -184,7 +184,7 @@ HWTEST_F(TokenSyncServiceTest, CloseSocket001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, GetUniversallyUniqueIdByNodeId001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, GetUniversallyUniqueIdByNodeId001, TestSize.Level4) { SoftBusManager::GetInstance().Initialize(); SoftBusManager::GetInstance().SetDefaultConfigValue(); @@ -198,7 +198,7 @@ HWTEST_F(TokenSyncServiceTest, GetUniversallyUniqueIdByNodeId001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, InsertCallbackAndExcute001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, InsertCallbackAndExcute001, TestSize.Level4) { SoftBusDeviceConnectionListener listener; listener.OnDeviceOffline(g_devInfo); diff --git a/services/tokensyncmanager/test/unittest/BUILD.gn b/services/tokensyncmanager/test/unittest/BUILD.gn index bec90ffc7..07348bdf7 100644 --- a/services/tokensyncmanager/test/unittest/BUILD.gn +++ b/services/tokensyncmanager/test/unittest/BUILD.gn @@ -16,8 +16,7 @@ import("../../../../access_token.gni") ohos_unittest("libtoken_sync_service_standard_test") { subsystem_name = "accesscontrol" - part_name = "access_token" - module_out_path = part_name + "/" + part_name + module_out_path = module_output_path_unittest_accesstoken sanitize = { cfi = true cfi_cross_dso = true diff --git a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp index eeeab26dd..4e2f18465 100644 --- a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp +++ b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp @@ -274,7 +274,7 @@ static void DeleteAndAllocToken(AccessTokenID& tokenId) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ProcessOneCommand001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ProcessOneCommand001, TestSize.Level0) { std::string nodeId = "test_nodeId"; auto executor = std::make_shared(nodeId); @@ -287,7 +287,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessOneCommand001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ProcessOneCommand002, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ProcessOneCommand002, TestSize.Level0) { std::string nodeId = "test_nodeId"; auto executor = std::make_shared(nodeId); @@ -302,7 +302,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessOneCommand002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ProcessOneCommand003, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ProcessOneCommand003, TestSize.Level0) { std::string nodeId = ConstantCommon::GetLocalDeviceId(); auto executor = std::make_shared(nodeId); @@ -317,7 +317,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessOneCommand003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, AddCommand001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, AddCommand001, TestSize.Level0) { std::string nodeId = "test_nodeId"; auto executor = std::make_shared(nodeId); @@ -330,7 +330,7 @@ HWTEST_F(TokenSyncServiceTest, AddCommand001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, AddCommand002, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, AddCommand002, TestSize.Level0) { std::string nodeId = "test_nodeId"; auto executor = std::make_shared(nodeId); @@ -344,7 +344,7 @@ HWTEST_F(TokenSyncServiceTest, AddCommand002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands001, TestSize.Level0) { std::string nodeId = "test_nodeId"; auto executor = std::make_shared(nodeId); @@ -358,7 +358,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands002, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands002, TestSize.Level0) { std::string nodeId = "test_nodeId"; auto executor = std::make_shared(nodeId); @@ -373,7 +373,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands003, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands003, TestSize.Level0) { std::string nodeId = "test_nodeId"; auto executor = std::make_shared(nodeId); @@ -389,7 +389,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands004, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands004, TestSize.Level0) { std::string nodeId = "test_nodeId"; auto executor = std::make_shared(nodeId); @@ -405,7 +405,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommands004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ClientProcessResult001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ClientProcessResult001, TestSize.Level0) { std::string nodeId = "test_nodeId"; auto executor = std::make_shared(nodeId); @@ -420,7 +420,7 @@ HWTEST_F(TokenSyncServiceTest, ClientProcessResult001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ClientProcessResult002, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ClientProcessResult002, TestSize.Level0) { std::string nodeId = ConstantCommon::GetLocalDeviceId(); auto executor = std::make_shared(nodeId); @@ -437,7 +437,7 @@ HWTEST_F(TokenSyncServiceTest, ClientProcessResult002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ToNativeTokenInfoJson001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ToNativeTokenInfoJson001, TestSize.Level0) { NativeTokenInfoBase native1 = { .ver = 1, @@ -457,7 +457,7 @@ HWTEST_F(TokenSyncServiceTest, ToNativeTokenInfoJson001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, FromPermStateListJson001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, FromPermStateListJson001, TestSize.Level0) { HapTokenInfo baseInfo = { .ver = 1, @@ -509,7 +509,7 @@ HWTEST_F(TokenSyncServiceTest, FromPermStateListJson001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, FromNativeTokenInfoJson001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, FromNativeTokenInfoJson001, TestSize.Level0) { auto cmd = std::make_shared(); @@ -544,7 +544,7 @@ HWTEST_F(TokenSyncServiceTest, FromNativeTokenInfoJson001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, FromPermStateListJson002, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, FromPermStateListJson002, TestSize.Level0) { auto cmd = std::make_shared(); @@ -583,7 +583,7 @@ HWTEST_F(TokenSyncServiceTest, FromPermStateListJson002, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6T5 AR000GK6T9 */ -HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo002, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo002, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo002 start."); @@ -638,7 +638,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo002, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6T5 AR000GK6T9 */ -HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo003, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo003, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo003 start."); g_jsonBefore = "{\"commandName\":\"SyncRemoteHapTokenCommand\", \"id\":\""; @@ -670,7 +670,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo003, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6T5 AR000GK6T9 */ -HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo004, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo004, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo004 start."); g_jsonBefore = "{\"commandName\":\"SyncRemoteHapTokenCommand\", \"id\":\""; @@ -702,7 +702,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo004, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6T5 AR000GK6T9 */ -HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo005, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo005, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo005 start."); g_jsonBefore = "{\"commandName\":\"SyncRemoteHapTokenCommand\", \"id\":\""; @@ -735,7 +735,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo005, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6T5 AR000GK6T9 */ -HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo006, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo006, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo006 start."); g_jsonBefore = "{\"commandName\":\"SyncRemoteHapTokenCommand\", \"id\":\""; @@ -769,7 +769,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo006, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6T5 AR000GK6T9 */ -HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo007, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo007, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo007 start."); g_jsonBefore = "{\"commandName\":\"SyncRemoteHapTokenCommand\", \"id\":\""; @@ -802,7 +802,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo007, TestSize.Level1) * @tc.type: FUNC * @tc.require:AR000GK6T5 AR000GK6T9 */ -HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo008, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo008, TestSize.Level0) { LOGI(ATM_DOMAIN, ATM_TAG, "GetRemoteHapTokenInfo008 start."); // create local token @@ -851,7 +851,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo008, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(TokenSyncServiceTest, DeleteRemoteTokenCommand001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, DeleteRemoteTokenCommand001, TestSize.Level0) { std::string srcDeviceId = "001"; std::string dstDeviceId = "002"; @@ -880,7 +880,7 @@ HWTEST_F(TokenSyncServiceTest, DeleteRemoteTokenCommand001, TestSize.Level1) * @tc.type: FUNC * @tc.require: Issue Number */ -HWTEST_F(TokenSyncServiceTest, NewUpdateRemoteHapTokenCommand001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, NewUpdateRemoteHapTokenCommand001, TestSize.Level0) { std::string srcDeviceId = "001"; std::string dstDeviceId = "002"; @@ -900,7 +900,7 @@ HWTEST_F(TokenSyncServiceTest, NewUpdateRemoteHapTokenCommand001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, AddDeviceInfo001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, AddDeviceInfo001, TestSize.Level0) { std::string networkId; std::string universallyUniqueId; @@ -939,7 +939,7 @@ HWTEST_F(TokenSyncServiceTest, AddDeviceInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, RemoveAllRemoteDeviceInfo001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, RemoveAllRemoteDeviceInfo001, TestSize.Level0) { DeviceInfoManager::GetInstance().RemoveAllRemoteDeviceInfo(); // FindDeviceInfo false @@ -966,7 +966,7 @@ HWTEST_F(TokenSyncServiceTest, RemoveAllRemoteDeviceInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, RemoveRemoteDeviceInfo001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, RemoveRemoteDeviceInfo001, TestSize.Level0) { std::string nodeId; DeviceIdType deviceIdType = DeviceIdType::UNKNOWN; @@ -1013,7 +1013,7 @@ HWTEST_F(TokenSyncServiceTest, RemoveRemoteDeviceInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ConvertToUniversallyUniqueIdOrFetch001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ConvertToUniversallyUniqueIdOrFetch001, TestSize.Level0) { std::string nodeId; ASSERT_EQ("", DeviceInfoManager::GetInstance().ConvertToUniversallyUniqueIdOrFetch(nodeId)); // nodeId invalid @@ -1050,7 +1050,7 @@ HWTEST_F(TokenSyncServiceTest, ConvertToUniversallyUniqueIdOrFetch001, TestSize. * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ConvertToUniqueDeviceIdOrFetch001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ConvertToUniqueDeviceIdOrFetch001, TestSize.Level0) { std::string nodeId; ASSERT_EQ("", DeviceInfoManager::GetInstance().ConvertToUniqueDeviceIdOrFetch(nodeId)); // nodeId invalid @@ -1087,7 +1087,7 @@ HWTEST_F(TokenSyncServiceTest, ConvertToUniqueDeviceIdOrFetch001, TestSize.Level * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, IsDeviceUniversallyUniqueId001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, IsDeviceUniversallyUniqueId001, TestSize.Level0) { std::string nodeId; ASSERT_EQ(false, DeviceInfoManager::GetInstance().IsDeviceUniversallyUniqueId(nodeId)); // nodeId invalid @@ -1116,7 +1116,7 @@ HWTEST_F(TokenSyncServiceTest, IsDeviceUniversallyUniqueId001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, FindDeviceInfo001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, FindDeviceInfo001, TestSize.Level0) { std::string networkId = "123"; std::string universallyUniqueId = "123"; @@ -1163,7 +1163,7 @@ HWTEST_F(TokenSyncServiceTest, FindDeviceInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo001, TestSize.Level0) { std::string deviceID = "dev-001"; AccessTokenID tokenID = 123; // 123 is random input @@ -1179,7 +1179,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, DeleteRemoteHapTokenInfo001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, DeleteRemoteHapTokenInfo001, TestSize.Level0) { AccessTokenID tokenId; @@ -1216,7 +1216,7 @@ HWTEST_F(TokenSyncServiceTest, DeleteRemoteHapTokenInfo001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ExistDeviceInfo001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ExistDeviceInfo001, TestSize.Level0) { std::string nodeId = "111"; DeviceIdType type = DeviceIdType::NETWORK_ID; @@ -1250,7 +1250,7 @@ public: * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, OnRemoteRequest001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, OnRemoteRequest001, TestSize.Level0) { OHOS::MessageParcel data; OHOS::MessageParcel reply; @@ -1283,7 +1283,7 @@ HWTEST_F(TokenSyncServiceTest, OnRemoteRequest001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, OnRemoteRequest002, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, OnRemoteRequest002, TestSize.Level0) { OHOS::MessageParcel data; OHOS::MessageParcel reply; @@ -1319,7 +1319,7 @@ HWTEST_F(TokenSyncServiceTest, OnRemoteRequest002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, OnStart001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, OnStart001, TestSize.Level0) { tokenSyncManagerService_->OnStop(); ASSERT_EQ(ServiceRunningState::STATE_NOT_START, tokenSyncManagerService_->state_); @@ -1334,7 +1334,7 @@ HWTEST_F(TokenSyncServiceTest, OnStart001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, RemoteCommandManager001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, RemoteCommandManager001, TestSize.Level0) { RemoteCommandManager::GetInstance().Init(); std::string udid = "test_udId"; @@ -1365,7 +1365,7 @@ HWTEST_F(TokenSyncServiceTest, RemoteCommandManager001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, RemoteCommandManager002, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, RemoteCommandManager002, TestSize.Level0) { RemoteCommandManager::GetInstance().Init(); std::string udid = "test_udId_1"; @@ -1382,7 +1382,7 @@ HWTEST_F(TokenSyncServiceTest, RemoteCommandManager002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, RemoteCommandManager003, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, RemoteCommandManager003, TestSize.Level0) { RemoteCommandManager::GetInstance().Init(); std::string nodeId = "test_udId"; @@ -1399,7 +1399,7 @@ HWTEST_F(TokenSyncServiceTest, RemoteCommandManager003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ProcessDeviceCommandImmediately001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ProcessDeviceCommandImmediately001, TestSize.Level0) { std::string udid = "test_udId_1"; RemoteCommandManager::GetInstance().executors_[udid] = nullptr; @@ -1414,7 +1414,7 @@ HWTEST_F(TokenSyncServiceTest, ProcessDeviceCommandImmediately001, TestSize.Leve * @tc.type: FUNC * @tc.require: */ -HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommandsWithThread001, TestSize.Level1) +HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommandsWithThread001, TestSize.Level0) { std::string nodeId = "test_nodeId"; auto executor = std::make_shared(nodeId); -- Gitee From 9d06417cf4221e36843cfd6d62ecd4c034f47cf5 Mon Sep 17 00:00:00 2001 From: Haryslee Date: Wed, 14 May 2025 14:03:25 +0800 Subject: [PATCH 103/103] feat: suport customizable of save button Signed-off-by: Haryslee --- .../accesstoken/include/accesstoken_kit.h | 7 + .../accesstoken/libaccesstoken_sdk.map | 1 + .../accesstoken/src/accesstoken_kit.cpp | 5 + .../src/accesstoken_manager_client.cpp | 19 +++ .../src/accesstoken_manager_client.h | 1 + .../security_component_grant_test.cpp | 14 ++ services/accesstokenmanager/BUILD.gn | 3 +- .../idl/IAccessTokenManager.idl | 5 +- .../include/seccomp/sec_comp_enhance_agent.h | 23 +-- .../cpp/include/seccomp/sec_comp_monitor.h | 69 ++++++++ .../service/accesstoken_manager_service.h | 3 +- .../src/seccomp/sec_comp_enhance_agent.cpp | 15 +- .../main/cpp/src/seccomp/sec_comp_monitor.cpp | 156 ++++++++++++++++++ .../service/accesstoken_manager_service.cpp | 13 +- .../accesstokenmanager/test/coverage/BUILD.gn | 2 + .../accesstokenmanager/test/mock/BUILD.gn | 2 + .../accesstokenmanager/test/unittest/BUILD.gn | 3 + .../test/unittest/sec_comp_monitor_test.cpp | 86 ++++++++++ .../test/unittest/sec_comp_monitor_test.h | 43 +++++ .../include/service/privacy_manager_service.h | 3 - test/fuzztest/innerkits/accesstoken/BUILD.gn | 1 + .../istoastshownneeded_fuzzer/BUILD.gn | 44 +++++ .../istoastshownneeded_fuzzer/corpus/init | 14 ++ .../istoastshownneeded_fuzzer.cpp | 49 ++++++ .../istoastshownneeded_fuzzer.h | 21 +++ .../istoastshownneeded_fuzzer/project.xml | 25 +++ .../accesstoken/access_token_service_fuzz.gni | 1 + 27 files changed, 585 insertions(+), 43 deletions(-) create mode 100644 services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_monitor.h create mode 100644 services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp create mode 100644 services/accesstokenmanager/test/unittest/sec_comp_monitor_test.cpp create mode 100644 services/accesstokenmanager/test/unittest/sec_comp_monitor_test.h create mode 100644 test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/BUILD.gn create mode 100644 test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/corpus/init create mode 100644 test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.cpp create mode 100644 test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.h create mode 100644 test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/project.xml diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index 45f95f878..1e9ceb137 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -552,6 +552,13 @@ public: * @return bool */ static bool IsAtomicServiceByFullTokenID(uint64_t tokenId); + + /** + * @brief whether the process need to show the toast + * @param pid process id + * @return bool + */ + static bool IsToastShownNeeded(int32_t pid); }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map index fbf53530a..6ff38a5da 100644 --- a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map +++ b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map @@ -85,6 +85,7 @@ "OHOS::Security::AccessToken::AccessTokenKit::RegisterSecCompEnhance(OHOS::Security::AccessToken::SecCompEnhanceData const&)"; "OHOS::Security::AccessToken::AccessTokenKit::UpdateSecCompEnhance(int, unsigned int)"; "OHOS::Security::AccessToken::AccessTokenKit::GetSecCompEnhance(int, OHOS::Security::AccessToken::SecCompEnhanceData&)"; + "OHOS::Security::AccessToken::AccessTokenKit::IsToastShownNeeded(int)"; "OHOS::Security::AccessToken::AccessTokenKit::GetKernelPermissions(unsigned int, std::__h::vector>&)"; "OHOS::Security::AccessToken::AccessTokenKit::GetSelfPermissionStatus(std::__h::basic_string, std::__h::allocator> const&, OHOS::Security::AccessToken::TypePermissionOper&)"; OHOS::Security::AccessToken::AccessTokenKit::IsSystemAppByFullTokenID*; diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 5668cb06b..9e64a8b7a 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -857,6 +857,11 @@ bool AccessTokenKit::IsAtomicServiceByFullTokenID(uint64_t tokenId) LOGI(ATM_DOMAIN, ATM_TAG, "Called, tokenId=%{public}" PRId64, tokenId); return (tokenId & ATOMIC_SERVICE_MASK) == ATOMIC_SERVICE_MASK; } + +bool AccessTokenKit::IsToastShownNeeded(int32_t pid) +{ + return AccessTokenManagerClient::GetInstance().IsToastShownNeeded(pid); +} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index 1092c26af..6847c7a67 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -1244,6 +1244,25 @@ int32_t AccessTokenManagerClient::GetSecCompEnhance(int32_t pid, SecCompEnhanceD return RET_SUCCESS; } #endif + +bool AccessTokenManagerClient::IsToastShownNeeded(int32_t pid) +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null."); + return true; + } + + bool needToShow; + int32_t errCode = proxy->IsToastShownNeeded(pid, needToShow); + if (errCode != RET_SUCCESS) { + errCode = ConvertResult(errCode); + LOGE(ATM_DOMAIN, ATM_TAG, "Request fail, result: %{public}d", errCode); + return true; + } + + return needToShow; +} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index 021dfcd4e..64ddbd8c6 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -118,6 +118,7 @@ public: int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum); int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance); #endif // SECURITY_COMPONENT_ENHANCE_ENABLE + bool IsToastShownNeeded(int32_t pid); private: AccessTokenManagerClient(); diff --git a/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp index 2228b119b..baad01dbb 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SecurityComponentTest/security_component_grant_test.cpp @@ -568,6 +568,20 @@ HWTEST_F(SecurityComponentGrantTest, SecurityComponentGrantTest011, TestSize.Lev ASSERT_EQ(res, RET_SUCCESS); } +/** + * @tc.name: IsToastShownNeededTest001 + * @tc.desc: test whether the security component need to show the toast. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(SecurityComponentGrantTest, IsToastShownNeededTest001, TestSize.Level0) +{ + int32_t pid = 10; + MockNativeToken mock("security_component_service"); + EXPECT_EQ(true, AccessTokenKit::IsToastShownNeeded(pid)); + EXPECT_EQ(false, AccessTokenKit::IsToastShownNeeded(pid)); +} + #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE /** * @tc.name: RegisterSecCompEnhance001 diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index 7d5f3bbd0..28d7d1208 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -61,6 +61,7 @@ if (is_standard_system) { "main/cpp/include/callback", "main/cpp/include/database", "main/cpp/include/dfx", + "main/cpp/include/seccomp", "main/cpp/include/service", "main/cpp/include/form_manager", "main/cpp/include/token", @@ -90,6 +91,7 @@ if (is_standard_system) { "main/cpp/src/permission/permission_validator.cpp", "main/cpp/src/permission/short_grant_manager.cpp", "main/cpp/src/permission/temp_permission_observer.cpp", + "main/cpp/src/seccomp/sec_comp_monitor.cpp", "main/cpp/src/service/accesstoken_manager_service.cpp", "main/cpp/src/token/accesstoken_id_manager.cpp", "main/cpp/src/token/accesstoken_info_manager.cpp", @@ -197,7 +199,6 @@ if (is_standard_system) { if (security_component_enhance_enable == true) { cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] - include_dirs += [ "main/cpp/include/seccomp" ] sources += [ "main/cpp/src/seccomp/sec_comp_enhance_agent.cpp" ] } diff --git a/services/accesstokenmanager/idl/IAccessTokenManager.idl b/services/accesstokenmanager/idl/IAccessTokenManager.idl index c72dfa48e..d2e29972a 100644 --- a/services/accesstokenmanager/idl/IAccessTokenManager.idl +++ b/services/accesstokenmanager/idl/IAccessTokenManager.idl @@ -90,5 +90,6 @@ interface OHOS.Security.AccessToken.IAccessTokenManager{ [ipccode 81] void GetSelfPermissionStatus([in] String permissionName, [out] int status); [ipccode 101, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE, oneway] void RegisterSecCompEnhance([in] SecCompEnhanceDataParcel enhanceParcel); [ipccode 102, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void UpdateSecCompEnhance([in] int pid, [in] unsigned int seqNum); - [ipccode 103, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void GetSecCompEnhance([in] int pid, [out] SecCompEnhanceDataParcel enhanceParcel); -} \ No newline at end of file + [ipccode 103, macrodef SECURITY_COMPONENT_ENHANCE_ENABLE] void GetSecCompEnhance([in] int pid, [out] SecCompEnhanceDataParcel enhanceParcel); + [ipccode 104] void IsToastShownNeeded([in] int pid, [out] boolean needToShow); +} diff --git a/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_enhance_agent.h b/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_enhance_agent.h index 0efe7b077..099be0afd 100644 --- a/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_enhance_agent.h +++ b/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_enhance_agent.h @@ -21,28 +21,12 @@ #include "app_status_change_callback.h" #include "nocopyable.h" #include "sec_comp_enhance_data.h" +#include "sec_comp_monitor.h" namespace OHOS { namespace Security { namespace AccessToken { -class AppUsingSecCompStateObserver : public ApplicationStateObserverStub { -public: - AppUsingSecCompStateObserver() = default; - ~AppUsingSecCompStateObserver() = default; - - void OnProcessDied(const ProcessData &processData) override; - DISALLOW_COPY_AND_MOVE(AppUsingSecCompStateObserver); -}; - -class SecCompAppManagerDeathCallback : public AppManagerDeathCallback { -public: - SecCompAppManagerDeathCallback() = default; - ~SecCompAppManagerDeathCallback() = default; - - void NotifyAppManagerDeath() override; - DISALLOW_COPY_AND_MOVE(SecCompAppManagerDeathCallback); -}; - +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE class SecCompEnhanceAgent final { public: static SecCompEnhanceAgent& GetInstance(); @@ -60,11 +44,12 @@ private: DISALLOW_COPY_AND_MOVE(SecCompEnhanceAgent); private: - sptr observer_ = nullptr; + sptr observer_ = nullptr; std::shared_ptr appManagerDeathCallback_ = nullptr; std::mutex secCompEnhanceMutex_; std::vector secCompEnhanceData_; }; +#endif } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_monitor.h b/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_monitor.h new file mode 100644 index 000000000..5cd28ce65 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/seccomp/sec_comp_monitor.h @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef PERMISSION_SEC_COMP_MONITOR_H +#define PERMISSION_SEC_COMP_MONITOR_H + +#include +#include +#include +#include "app_manager_death_callback.h" +#include "app_status_change_callback.h" +#include "nocopyable.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class SecCompUsageObserver : public ApplicationStateObserverStub { +public: + SecCompUsageObserver() = default; + ~SecCompUsageObserver() = default; + + void OnProcessDied(const ProcessData &processData) override; + void OnProcessStateChanged(const ProcessData &processData) override; + void OnAppCacheStateChanged(const AppStateData &appStateData) override; + DISALLOW_COPY_AND_MOVE(SecCompUsageObserver); +}; + +class SecCompAppManagerDeathCallback : public AppManagerDeathCallback { +public: + SecCompAppManagerDeathCallback() = default; + ~SecCompAppManagerDeathCallback() = default; + + void NotifyAppManagerDeath() override; + DISALLOW_COPY_AND_MOVE(SecCompAppManagerDeathCallback); +}; + +class SecCompMonitor final { +public: + static SecCompMonitor& GetInstance(); + ~SecCompMonitor(); + + void RemoveProcessFromForegroundList(int32_t pid); + bool IsToastShownNeeded(int32_t pid); + void OnAppMgrRemoteDiedHandle(); + +private: + SecCompMonitor(); + void InitAppObserver(); + DISALLOW_COPY_AND_MOVE(SecCompMonitor); + sptr observer_ = nullptr; + std::shared_ptr appManagerDeathCallback_ = nullptr; + std::mutex appfgLock_; + std::set appsInForeground_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_SEC_COMP_MONITOR_H diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index f1f6796d1..cd14e79d9 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -102,6 +102,7 @@ public: int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum) override; int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceDataParcel& enhanceParcel) override; #endif + int32_t IsToastShownNeeded(int32_t pid, bool& needToShow) override; #ifdef TOKEN_SYNC_ENABLE int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override; @@ -156,9 +157,7 @@ private: bool IsNativeProcessCalling(); bool IsSystemAppCalling() const; bool IsShellProcessCalling(); -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE bool IsSecCompServiceCalling(); -#endif #ifndef ATM_BUILD_VARIANT_USER_ENABLE static const int32_t ROOT_UID = 0; #endif diff --git a/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp b/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp index 79da6223b..5359bc3b4 100644 --- a/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp +++ b/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_enhance_agent.cpp @@ -29,19 +29,6 @@ namespace AccessToken { namespace { std::recursive_mutex g_instanceMutex; } -void AppUsingSecCompStateObserver::OnProcessDied(const ProcessData &processData) -{ - LOGI(ATM_DOMAIN, ATM_TAG, "OnProcessDied pid %{public}d", processData.pid); - SecCompEnhanceAgent::GetInstance().RemoveSecCompEnhance(processData.pid); -} - -void SecCompAppManagerDeathCallback::NotifyAppManagerDeath() -{ - LOGI(ATM_DOMAIN, ATM_TAG, "AppManagerDeath called"); - - SecCompEnhanceAgent::GetInstance().OnAppMgrRemoteDiedHandle(); -} - SecCompEnhanceAgent& SecCompEnhanceAgent::GetInstance() { static SecCompEnhanceAgent* instance = nullptr; @@ -60,7 +47,7 @@ void SecCompEnhanceAgent::InitAppObserver() if (observer_ != nullptr) { return; } - observer_ = new (std::nothrow) AppUsingSecCompStateObserver(); + observer_ = new (std::nothrow) SecCompUsageObserver(); if (observer_ == nullptr) { LOGE(ATM_DOMAIN, ATM_TAG, "New observer failed."); return; diff --git a/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp b/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp new file mode 100644 index 000000000..1248b5f9b --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp @@ -0,0 +1,156 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "sec_comp_monitor.h" + +#include "access_token.h" +#include "access_token_error.h" +#include "accesstoken_kit.h" +#include "accesstoken_common_log.h" +#include "accesstoken_info_manager.h" +#include "app_manager_access_client.h" +#include "ipc_skeleton.h" +#include "securec.h" +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE +#include "sec_comp_enhance_agent.h" +#endif + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static std::mutex g_instanceMutex; +constexpr int32_t APP_STATE_CACHED = 100; +} +void SecCompUsageObserver::OnProcessDied(const ProcessData &processData) +{ + LOGI(ATM_DOMAIN, ATM_TAG, "OnProcessDied pid %{public}d", processData.pid); +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE + SecCompEnhanceAgent::GetInstance().RemoveSecCompEnhance(processData.pid); +#endif + SecCompMonitor::GetInstance().RemoveProcessFromForegroundList(processData.pid); +} + +void SecCompUsageObserver::OnProcessStateChanged(const ProcessData &processData) +{ + LOGI(ATM_DOMAIN, ATM_TAG, "OnChange pid=%{public}d.", processData.pid); + + if (processData.state != AppProcessState::APP_STATE_BACKGROUND) { + return; + } + SecCompMonitor::GetInstance().RemoveProcessFromForegroundList(processData.pid); +} + +void SecCompUsageObserver::OnAppCacheStateChanged(const AppStateData &appStateData) +{ + LOGI(ATM_DOMAIN, ATM_TAG, "OnAppCacheStateChanged pid %{public}d", appStateData.pid); + if (appStateData.state != APP_STATE_CACHED) { + return; + } + + SecCompMonitor::GetInstance().RemoveProcessFromForegroundList(appStateData.pid); +} + +void SecCompAppManagerDeathCallback::NotifyAppManagerDeath() +{ + LOGI(ATM_DOMAIN, ATM_TAG, "AppManagerDeath called"); + +#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE + SecCompEnhanceAgent::GetInstance().OnAppMgrRemoteDiedHandle(); +#endif + SecCompMonitor::GetInstance().OnAppMgrRemoteDiedHandle(); +} + +bool SecCompMonitor::IsToastShownNeeded(int32_t pid) +{ + std::lock_guard lock(appfgLock_); + InitAppObserver(); + auto iter = appsInForeground_.find(pid); + if (iter != appsInForeground_.end()) { + return false; + } + + appsInForeground_.insert(pid); + return true; +} + +void SecCompMonitor::RemoveProcessFromForegroundList(int32_t pid) +{ + std::lock_guard lock(appfgLock_); + auto iter = appsInForeground_.find(pid); + if (iter == appsInForeground_.end()) { + return; + } + LOGI(ATM_DOMAIN, ATM_TAG, "Process pid=%{public}d removed from foreground list.", pid); + appsInForeground_.erase(pid); +} + +SecCompMonitor& SecCompMonitor::GetInstance() +{ + static SecCompMonitor* instance = nullptr; + if (instance == nullptr) { + std::lock_guard lock(g_instanceMutex); + if (instance == nullptr) { + SecCompMonitor* tmp = new SecCompMonitor(); + instance = std::move(tmp); + } + } + return *instance; +} + +void SecCompMonitor::InitAppObserver() +{ + if (observer_ != nullptr) { + return; + } + observer_ = new (std::nothrow) SecCompUsageObserver(); + if (observer_ == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "New observer failed."); + return; + } + if (AppManagerAccessClient::GetInstance().RegisterApplicationStateObserver(observer_) != 0) { + LOGE(ATM_DOMAIN, ATM_TAG, "Register observer failed."); + observer_ = nullptr; + return; + } + if (appManagerDeathCallback_ == nullptr) { + appManagerDeathCallback_ = std::make_shared(); + AppManagerAccessClient::GetInstance().RegisterDeathCallback(appManagerDeathCallback_); + } +} + +SecCompMonitor::SecCompMonitor() +{ + InitAppObserver(); +} + +SecCompMonitor::~SecCompMonitor() +{ + if (observer_ != nullptr) { + AppManagerAccessClient::GetInstance().UnregisterApplicationStateObserver(observer_); + observer_ = nullptr; + } +} + +void SecCompMonitor::OnAppMgrRemoteDiedHandle() +{ + LOGI(ATM_DOMAIN, ATM_TAG, "OnAppMgrRemoteDiedHandle."); + if (observer_ != nullptr) { + AppManagerAccessClient::GetInstance().UnregisterApplicationStateObserver(observer_); + observer_ = nullptr; + } +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 02262ad1d..e9d93c5e3 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -45,6 +45,7 @@ #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE #include "sec_comp_enhance_agent.h" #endif +#include "sec_comp_monitor.h" #include "short_grant_manager.h" #include "string_ex.h" #include "system_ability_definition.h" @@ -1449,7 +1450,6 @@ bool AccessTokenManagerService::IsSystemAppCalling() const return TokenIdKit::IsSystemAppByFullTokenID(fullTokenId); } -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE bool AccessTokenManagerService::IsSecCompServiceCalling() { uint32_t tokenCaller = IPCSkeleton::GetCallingTokenID(); @@ -1458,7 +1458,6 @@ bool AccessTokenManagerService::IsSecCompServiceCalling() } return tokenCaller == secCompTokenId_; } -#endif int32_t AccessTokenManagerService::CallbackEnter(uint32_t code) { @@ -1513,6 +1512,16 @@ int32_t AccessTokenManagerService::GetSecCompEnhance(int32_t pid, SecCompEnhance return RET_SUCCESS; } #endif + +int32_t AccessTokenManagerService::IsToastShownNeeded(int32_t pid, bool& needToShow) +{ + if (!IsSecCompServiceCalling()) { + return AccessTokenError::ERR_PERMISSION_DENIED; + } + + needToShow = SecCompMonitor::GetInstance().IsToastShownNeeded(pid); + return RET_SUCCESS; +} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/accesstokenmanager/test/coverage/BUILD.gn b/services/accesstokenmanager/test/coverage/BUILD.gn index ecc13840b..2b5141008 100644 --- a/services/accesstokenmanager/test/coverage/BUILD.gn +++ b/services/accesstokenmanager/test/coverage/BUILD.gn @@ -35,6 +35,7 @@ accesstoken_manager_service_source = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp", + "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp", @@ -75,6 +76,7 @@ ohos_unittest("libaccesstoken_manager_service_coverage_test") { "${access_token_path}/services/accesstokenmanager/main/cpp/include/dfx", "${access_token_path}/services/accesstokenmanager/main/cpp/include/form_manager", "${access_token_path}/services/accesstokenmanager/main/cpp/include/permission", + "${access_token_path}/services/accesstokenmanager/main/cpp/include/seccomp", "${access_token_path}/services/accesstokenmanager/main/cpp/include/service", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", ] diff --git a/services/accesstokenmanager/test/mock/BUILD.gn b/services/accesstokenmanager/test/mock/BUILD.gn index 4accc53c0..424c963fb 100644 --- a/services/accesstokenmanager/test/mock/BUILD.gn +++ b/services/accesstokenmanager/test/mock/BUILD.gn @@ -35,6 +35,7 @@ accesstoken_manager_service_source = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp", + "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp", @@ -75,6 +76,7 @@ ohos_unittest("libpermission_manager_mock_test") { "${access_token_path}/services/accesstokenmanager/main/cpp/include/dfx", "${access_token_path}/services/accesstokenmanager/main/cpp/include/form_manager", "${access_token_path}/services/accesstokenmanager/main/cpp/include/permission", + "${access_token_path}/services/accesstokenmanager/main/cpp/include/seccomp", "${access_token_path}/services/accesstokenmanager/main/cpp/include/service", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", ] diff --git a/services/accesstokenmanager/test/unittest/BUILD.gn b/services/accesstokenmanager/test/unittest/BUILD.gn index 1074f025e..c5eb71583 100644 --- a/services/accesstokenmanager/test/unittest/BUILD.gn +++ b/services/accesstokenmanager/test/unittest/BUILD.gn @@ -35,6 +35,7 @@ accesstoken_manager_service_source = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp", + "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp", @@ -75,6 +76,7 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") { "${access_token_path}/services/accesstokenmanager/main/cpp/include/dfx", "${access_token_path}/services/accesstokenmanager/main/cpp/include/form_manager", "${access_token_path}/services/accesstokenmanager/main/cpp/include/permission", + "${access_token_path}/services/accesstokenmanager/main/cpp/include/seccomp", "${access_token_path}/services/accesstokenmanager/main/cpp/include/service", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", "${access_token_path}/services/accesstokenmanager/test/unittest", @@ -89,6 +91,7 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") { "parameters.cpp", "permission_grant_event_test.cpp", "permission_manager_test.cpp", + "sec_comp_monitor_test.cpp", "short_grant_manager_test.cpp", ] diff --git a/services/accesstokenmanager/test/unittest/sec_comp_monitor_test.cpp b/services/accesstokenmanager/test/unittest/sec_comp_monitor_test.cpp new file mode 100644 index 000000000..79f75db14 --- /dev/null +++ b/services/accesstokenmanager/test/unittest/sec_comp_monitor_test.cpp @@ -0,0 +1,86 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "sec_comp_monitor_test.h" + +using namespace testing::ext; +using namespace OHOS; + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +constexpr int32_t APP_STATE_CACHED = 100; +} + +void SecCompMonitorTest::SetUpTestCase() +{ +} + +void SecCompMonitorTest::TearDownTestCase() +{ + sleep(3); // delay 3 minutes +} + +void SecCompMonitorTest::SetUp() +{ + if (appStateObserver_ != nullptr) { + return; + } + appStateObserver_ = std::make_shared(); +} + +void SecCompMonitorTest::TearDown() +{ + appStateObserver_ = nullptr; +} + +/** + * @tc.name: ProcessFromForegroundList001 + * @tc.desc: Monitor foreground list for process after process state changed + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(SecCompMonitorTest, ProcessFromForegroundList001, TestSize.Level0) +{ + EXPECT_EQ(true, SecCompMonitor::GetInstance().IsToastShownNeeded(10)); + EXPECT_EQ(false, SecCompMonitor::GetInstance().IsToastShownNeeded(10)); + ASSERT_NE(nullptr, appStateObserver_); + EXPECT_EQ(1, SecCompMonitor::GetInstance().appsInForeground_.size()); + ProcessData processData; + processData.state = AppProcessState::APP_STATE_BACKGROUND; + processData.pid = 10; + // change to background + appStateObserver_->OnProcessStateChanged(processData); + EXPECT_EQ(0, SecCompMonitor::GetInstance().appsInForeground_.size()); + + EXPECT_EQ(true, SecCompMonitor::GetInstance().IsToastShownNeeded(10)); + EXPECT_EQ(1, SecCompMonitor::GetInstance().appsInForeground_.size()); + // change to die + appStateObserver_->OnProcessDied(processData); + EXPECT_EQ(0, SecCompMonitor::GetInstance().appsInForeground_.size()); + + EXPECT_EQ(true, SecCompMonitor::GetInstance().IsToastShownNeeded(10)); + EXPECT_EQ(1, SecCompMonitor::GetInstance().appsInForeground_.size()); + AppStateData appStateData; + appStateData.state = APP_STATE_CACHED; + appStateData.pid = 10; + // change to background + appStateObserver_->OnAppCacheStateChanged(appStateData); + EXPECT_EQ(0, SecCompMonitor::GetInstance().appsInForeground_.size()); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/test/unittest/sec_comp_monitor_test.h b/services/accesstokenmanager/test/unittest/sec_comp_monitor_test.h new file mode 100644 index 000000000..11bd071dd --- /dev/null +++ b/services/accesstokenmanager/test/unittest/sec_comp_monitor_test.h @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SEC_COMP_MONITOR_TEST_H +#define SEC_COMP_MONITOR_TEST_H + +#include + +#define private public +#include "sec_comp_monitor.h" +#undef private + +namespace OHOS { +namespace Security { +namespace AccessToken { +class SecCompMonitorTest : public testing::Test { +public: + static void SetUpTestCase(); + + static void TearDownTestCase(); + + void SetUp(); + + void TearDown(); + + std::shared_ptr appStateObserver_ = nullptr; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // SEC_COMP_MONITOR_TEST_H diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h index 9cd117d47..73ed0238d 100644 --- a/services/privacymanager/include/service/privacy_manager_service.h +++ b/services/privacymanager/include/service/privacy_manager_service.h @@ -72,9 +72,6 @@ private: void ProcessProxyDeathStub(const sptr& anonyStub, int32_t callerPid); void ReleaseDeathStub(int32_t callerPid); -#ifdef SECURITY_COMPONENT_ENHANCE_ENABLE - bool IsSecCompServiceCalling(); -#endif bool IsPrivilegedCalling() const; bool IsAccessTokenCalling() const; bool IsSystemAppCalling() const; diff --git a/test/fuzztest/innerkits/accesstoken/BUILD.gn b/test/fuzztest/innerkits/accesstoken/BUILD.gn index 646d954f9..e7e49c309 100644 --- a/test/fuzztest/innerkits/accesstoken/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/BUILD.gn @@ -47,6 +47,7 @@ group("fuzztest") { "grantpermission_fuzzer:GrantPermissionFuzzTest", "grantpermissionforspecifiedtime_fuzzer:GrantPermissionForSpecifiedTimeFuzzTest", "inithaptoken_fuzzer:InitHapTokenFuzzTest", + "istoastshownneeded_fuzzer:IsToastShownNeededFuzzTest", "registerpermstatechangecallback_fuzzer:RegisterPermStateChangeCallbackFuzzTest", "requestapppermonsetting_fuzzer:RequestAppPermOnSettingFuzzTest", "revokeusergrantedpermission_fuzzer:RevokeUserGrantedPermissionFuzzTest", diff --git a/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/BUILD.gn new file mode 100644 index 000000000..57774825a --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/BUILD.gn @@ -0,0 +1,44 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../access_token.gni") + +ohos_fuzztest("IsToastShownNeededFuzzTest") { + module_out_path = module_output_path_interface_access_token + fuzz_config_file = "." + include_dirs = [ + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/test/fuzztest/common", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "istoastshownneeded_fuzzer.cpp" ] + + deps = [ + "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + ] + + configs = [ "${access_token_path}/config:coverage_flags" ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + "ipc:ipc_core", + ] +} diff --git a/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/corpus/init new file mode 100644 index 000000000..2aea1356e --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ diff --git a/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.cpp new file mode 100644 index 000000000..5dd6fa856 --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.cpp @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "istoastshownneeded_fuzzer.h" + +#include +#include +#include +#include + +#include "accesstoken_fuzzdata.h" +#undef private +#include "accesstoken_kit.h" + +using namespace std; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { + bool IsToastShownNeededFuzzTest(const uint8_t* data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + AccessTokenFuzzData fuzzData(data, size); + + return AccessTokenKit::IsToastShownNeeded(fuzzData.GetData()); + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::IsToastShownNeededFuzzTest(data, size); + return 0; +} diff --git a/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.h b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.h new file mode 100644 index 000000000..f17b40fc9 --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/istoastshownneeded_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_ISTOASTSHOWNNEEDED_FUZZER_H +#define TEST_FUZZTEST_ISTOASTSHOWNNEEDED_FUZZER_H + +#define FUZZ_PROJECT_NAME "istoastshownneeded_fuzzer" + +#endif // TEST_FUZZTEST_ISTOASTSHOWNNEEDED_FUZZER_H diff --git a/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/project.xml new file mode 100644 index 000000000..66e1dcac4 --- /dev/null +++ b/test/fuzztest/innerkits/accesstoken/istoastshownneeded_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni index 37402c406..9e61ae9cc 100644 --- a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni +++ b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni @@ -103,6 +103,7 @@ access_token_sources = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp", + "${access_token_path}/services/accesstokenmanager/main/cpp/src/seccomp/sec_comp_monitor.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp", -- Gitee