From bd3868cfbf85fd5ba3f77187f81a207c913293d7 Mon Sep 17 00:00:00 2001 From: zhouyan Date: Sat, 23 Aug 2025 09:39:38 +0800 Subject: [PATCH] =?UTF-8?q?=E9=95=BF=E8=80=97=E6=97=B6tdd=E4=BC=98?= =?UTF-8?q?=E5=8C=96=E4=B8=8E=E6=96=B0=E5=A2=9E=E9=94=80=E9=87=8Fclient=20?= =?UTF-8?q?code=E5=80=BC=E6=A0=A1=E9=AA=8C-6.0release=E6=8C=91=E5=8D=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: zhouyan Change-Id: Ifb294bb9968b5ab3d704a20fb3f4cc519c3f5b59 --- .../test/unittest/src/privacy_kit_test.cpp | 63 +++--------------- .../accesstoken_manager_service_test.cpp | 2 +- .../src/record/permission_record_manager.cpp | 9 +++ .../src/service/privacy_manager_service.cpp | 5 -- .../privacymanager/test/unittest/BUILD.gn | 15 ++++- .../unittest/client_code_compare_test.cpp | 65 +++++++++++++++++++ .../permission_record_manager_test.cpp | 50 +++++++++++++- .../gethaptokenidservice_fuzzer/corpus/init | 13 ++++ .../gethaptokeninfoservice_fuzzer/corpus/init | 13 ++++ 9 files changed, 171 insertions(+), 64 deletions(-) create mode 100644 services/privacymanager/test/unittest/client_code_compare_test.cpp diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index cacd0b9a6..fae1e1f2e 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -62,8 +62,6 @@ static constexpr int32_t THIRD_INDEX = 2; static constexpr int32_t RESULT_NUM_ONE = 1; static constexpr int32_t RESULT_NUM_TWO = 2; static constexpr int32_t RESULT_NUM_THREE = 3; -// if change this, origin value in privacy_manager_proxy.cpp should change together -const static uint32_t MAX_PERMISSION_USED_TYPE_SIZE = 2000; const static int32_t NOT_EXSIT_PID = 99999999; const static int32_t INVALID_USER_ID = -1; const static int32_t USER_ID_2 = 2; @@ -196,6 +194,14 @@ static BundleUsedRecord g_bundleUsedRecord = { .bundleName = "com.ohos.test", }; +PermissionStateFull g_infoManagerTestStateD = { + .permissionName = "ohos.permission.MICROPHONE_BACKGROUND", + .isGeneral = true, + .resDeviceID = {"localC"}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .grantFlags = {1} +}; + static AccessTokenID g_selfTokenId = 0; static AccessTokenID g_tokenIdA = 0; static AccessTokenID g_tokenIdB = 0; @@ -1558,19 +1564,11 @@ HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission006, TestSize.Level0) .appIDDesc = "privacy_test.microphone" }; - PermissionStateFull infoManagerTestStateD = { - .permissionName = "ohos.permission.MICROPHONE_BACKGROUND", - .isGeneral = true, - .resDeviceID = {"localC"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {1} - }; - HapPolicyParams policy = { .apl = APL_NORMAL, .domain = "test.domain", .permList = {}, - .permStateList = {infoManagerTestStateD} + .permStateList = {g_infoManagerTestStateD} }; AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(info, policy); @@ -2685,49 +2683,6 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos005, TestSize.Level0) } } -/* - * @tc.name: GetPermissionUsedTypeInfos006 - * @tc.desc: PrivacyKit::GetPermissionUsedTypeInfos function test - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedTypeInfos006, TestSize.Level0) -{ - uint32_t count = MAX_PERMISSION_USED_TYPE_SIZE + 1; - - // add 2001 permission used type record - std::vector tokenIdList; - - for (uint32_t i = 0; i < count; i++) { - HapInfoParams infoParms = g_infoParmsC; - HapPolicyParams policyPrams = g_policyPramsC; - infoParms.bundleName = infoParms.bundleName + std::to_string(i); - - AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(infoParms, policyPrams); - AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; - EXPECT_NE(INVALID_TOKENID, tokenId); - tokenIdList.emplace_back(tokenId); - - AddPermParamInfo info; - info.tokenId = tokenId; - info.permissionName = "ohos.permission.READ_CONTACTS"; - info.successCount = 1; - info.failCount = 0; - EXPECT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(info)); - } - - AccessTokenID tokenId = 0; - std::string permissionName; - std::vector results; - // record over size - EXPECT_EQ(PrivacyError::ERR_OVERSIZE, PrivacyKit::GetPermissionUsedTypeInfos(tokenId, permissionName, results)); - - for (const auto& id : tokenIdList) { - EXPECT_EQ(RET_SUCCESS, PrivacyKit::RemovePermissionUsedRecords(id)); - EXPECT_EQ(RET_SUCCESS, PrivacyTestCommon::DeleteTestHapToken(id)); - } -} - /** * @tc.name: SetMutePolicyTest001 * @tc.desc: Test SetMutePolicy with invalid param diff --git a/services/accesstokenmanager/test/unittest/accesstoken_manager_service_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_manager_service_test.cpp index 954d49109..a6409e89e 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_manager_service_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_manager_service_test.cpp @@ -309,7 +309,7 @@ HWTEST_F(AccessTokenManagerServiceTest, UpdateHapTokenTest001, TestSize.Level0) ASSERT_EQ(1, results2.size()); ASSERT_EQ(static_cast(tokenId), results2[0].GetInt(TokenFiledConst::FIELD_TOKEN_ID)); // undefine permission change from INVALIDA to INVALIDB - ASSERT_EQ(g_state3.permissionName, results2[0].GetString(TokenFiledConst::FIELD_PERMISSION_NAME)); + ASSERT_EQ(g_state3.permissionName, results2[0].GetString(TokenFiledConst::FIELD_PERMISSION_NAME)); ASSERT_EQ(0, atManagerService_->DeleteToken(tokenId)); } diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 974ae69ff..7d4434502 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -73,6 +73,11 @@ static const uint32_t SEC_COMPONENT_TYPE_ADD_VALUE = 4; static constexpr int64_t ONE_MINUTE_MILLISECONDS = 60 * 1000; // 1 min = 60 * 1000 ms static constexpr int32_t MAX_USER_ID = 10736; static constexpr int32_t BASE_USER_RANGE = 200000; +#ifndef MAX_COUNT_TEST +static const uint32_t MAX_PERMISSION_USED_TYPE_SIZE = 2000; +#else +static const uint32_t MAX_PERMISSION_USED_TYPE_SIZE = 20; +#endif constexpr const char* EDM_PROCESS_NAME = "edm"; std::recursive_mutex g_instanceMutex; } @@ -1726,6 +1731,10 @@ int32_t PermissionRecordManager::GetPermissionUsedTypeInfos(AccessTokenID tokenI AddDataValueToResults(valueResult, results); } + if (results.size() > MAX_PERMISSION_USED_TYPE_SIZE) { + return PrivacyError::ERR_OVERSIZE; + } + LOGI(PRI_DOMAIN, PRI_TAG, "Get %{public}zu permission used type records.", results.size()); return Constant::SUCCESS; diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index 9e011b213..3aead1a67 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -46,7 +46,6 @@ constexpr const char* PERMISSION_RECORD_TOGGLE = "ohos.permission.PERMISSION_REC constexpr const char* SET_FOREGROUND_HAP_REMINDER = "ohos.permission.SET_FOREGROUND_HAP_REMINDER"; constexpr const char* SET_MUTE_POLICY = "ohos.permission.SET_MUTE_POLICY"; static const int32_t SA_ID_PRIVACY_MANAGER_SERVICE = 3505; -static const uint32_t MAX_PERMISSION_USED_TYPE_SIZE = 2000; static const uint32_t PERM_LIST_SIZE_MAX = 1024; } @@ -470,10 +469,6 @@ int32_t PrivacyManagerService::GetPermissionUsedTypeInfos(const AccessTokenID to return res; } - if (results.size() > MAX_PERMISSION_USED_TYPE_SIZE) { - return PrivacyError::ERR_OVERSIZE; - } - for (const auto& result : results) { PermissionUsedTypeInfoParcel parcel; parcel.info = result; diff --git a/services/privacymanager/test/unittest/BUILD.gn b/services/privacymanager/test/unittest/BUILD.gn index cf33c3df3..992b2480f 100644 --- a/services/privacymanager/test/unittest/BUILD.gn +++ b/services/privacymanager/test/unittest/BUILD.gn @@ -81,7 +81,10 @@ if (is_standard_system && ability_base_enable == true) { "sensitive_manager_test.cpp", ] - cflags_cc = [ "-DHILOG_ENABLE" ] + cflags_cc = [ + "-DHILOG_ENABLE", + "-DMAX_COUNT_TEST", + ] configs = [ "${access_token_path}/config:coverage_flags", @@ -147,5 +150,15 @@ if (is_standard_system && ability_base_enable == true) { include_dirs += [ "${access_token_path}/services/common/ability_manager/include" ] } + + if (ability_runtime_enable) { + external_deps += [ + "ability_runtime:ability_manager", + "ability_runtime:app_manager", + ] + include_dirs += + [ "${access_token_path}/services/common/ability_manager/include" ] + sources += [ "client_code_compare_test.cpp" ] + } } } diff --git a/services/privacymanager/test/unittest/client_code_compare_test.cpp b/services/privacymanager/test/unittest/client_code_compare_test.cpp new file mode 100644 index 000000000..51a50913c --- /dev/null +++ b/services/privacymanager/test/unittest/client_code_compare_test.cpp @@ -0,0 +1,65 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "ability_manager_adapter.h" +#include "ability_manager_ipc_interface_code.h" +#include "app_manager_access_client.h" +#include "app_mgr_ipc_interface_code.h" + +using namespace testing::ext; + +namespace OHOS { +namespace Security { +namespace AccessToken { +class ClientCodeCompareTest : public testing::Test { +public: + static void SetUpTestCase(); + static void TearDownTestCase(); + void SetUp(); + void TearDown(); +}; + +void ClientCodeCompareTest::SetUpTestCase() {} +void ClientCodeCompareTest::TearDownTestCase() {} +void ClientCodeCompareTest::SetUp() {} +void ClientCodeCompareTest::TearDown() {} + +/* + * @tc.name: AmsCodeTest001 + * @tc.desc: test ability manager service interface code consistency. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(ClientCodeCompareTest, AmsCodeTest001, TestSize.Level1) +{ + // ability manager interface code + EXPECT_EQ(static_cast(AbilityManagerAdapter::Message::START_ABILITY), + static_cast(AAFwk::AbilityManagerInterfaceCode::START_ABILITY)); + EXPECT_EQ(static_cast(AbilityManagerAdapter::Message::KILL_PROCESS_FOR_PERMISSION_UPDATE), + static_cast(AAFwk::AbilityManagerInterfaceCode::KILL_PROCESS_FOR_PERMISSION_UPDATE)); + + // app manager interface code + EXPECT_EQ(static_cast(AppManagerAccessClient::Message::REGISTER_APPLICATION_STATE_OBSERVER), + static_cast(AppExecFwk::AppMgrInterfaceCode::REGISTER_APPLICATION_STATE_OBSERVER)); + EXPECT_EQ(static_cast(AppManagerAccessClient::Message::UNREGISTER_APPLICATION_STATE_OBSERVER), + static_cast(AppExecFwk::AppMgrInterfaceCode::UNREGISTER_APPLICATION_STATE_OBSERVER)); + EXPECT_EQ(static_cast(AppManagerAccessClient::Message::GET_FOREGROUND_APPLICATIONS), + static_cast(AppExecFwk::AppMgrInterfaceCode::GET_FOREGROUND_APPLICATIONS)); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/privacymanager/test/unittest/permission_record_manager_test.cpp b/services/privacymanager/test/unittest/permission_record_manager_test.cpp index 17877d3af..c4f13f697 100644 --- a/services/privacymanager/test/unittest/permission_record_manager_test.cpp +++ b/services/privacymanager/test/unittest/permission_record_manager_test.cpp @@ -72,6 +72,7 @@ static const int32_t NORMAL_TYPE_ADD_VALUE = 1; static const int32_t PICKER_TYPE_ADD_VALUE = 2; static const int32_t SEC_COMPONENT_TYPE_ADD_VALUE = 4; static const int32_t VALUE_MAX_LEN = 32; +const static uint32_t TEST_MAX_PERMISSION_USED_TYPE_SIZE = 20; static const char* EDM_MIC_MUTE_KEY = "persist.edm.mic_disable"; static MockNativeToken* g_mock = nullptr; static PermissionStateFull g_testState1 = { @@ -911,12 +912,12 @@ HWTEST_F(PermissionRecordManagerTest, RegisterPermActiveStatusCallback003, TestS } /* - * @tc.name: GetPermissionUsedType001 - * @tc.desc: PermissionRecordManager::GetPermissionUsedType function test + * @tc.name: GetPermissionUsedTypeInfos001 + * @tc.desc: PermissionRecordManager::GetPermissionUsedTypeInfos001 function test * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedType001, TestSize.Level0) +HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedTypeInfos001, TestSize.Level0) { uint32_t tokenId = RANDOM_TOKENID; std::string permissionName = "ohos.permission.PERMISSION_RECORD_MANAGER_TEST"; @@ -934,6 +935,49 @@ HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedType001, TestSize.Level0) ASSERT_EQ(0, PermissionRecordManager::GetInstance().GetPermissionUsedTypeInfos(tokenId, permissionName, results)); } +/* + * @tc.name: GetPermissionUsedTypeInfos002 + * @tc.desc: PrivacyKit::GetPermissionUsedTypeInfos function test + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PermissionRecordManagerTest, GetPermissionUsedType002, TestSize.Level0) +{ + MockNativeToken mock("audio_server"); // set self tokenID to audio_service with PERMISSION_USED_STATS + // add 21 permission used type record + std::vector tokenIdList; + uint32_t count = TEST_MAX_PERMISSION_USED_TYPE_SIZE + 1; + for (uint32_t i = 0; i < count; i++) { + HapInfoParams infoParms = g_InfoParms1; + HapPolicyParams policyPrams = g_PolicyPrams1; + infoParms.bundleName = infoParms.bundleName + std::to_string(i); + + AccessTokenIDEx tokenIdEx = PrivacyTestCommon::AllocTestHapToken(infoParms, policyPrams); + AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; + EXPECT_NE(INVALID_TOKENID, tokenId); + tokenIdList.emplace_back(tokenId); + + AddPermParamInfo info; + info.tokenId = tokenId; + info.permissionName = "ohos.permission.READ_MESSAGES"; + info.successCount = 1; + info.failCount = 0; + EXPECT_EQ(RET_SUCCESS, PrivacyKit::AddPermissionUsedRecord(info)); + } + + AccessTokenID tokenId = 0; + std::string permissionName = "ohos.permission.READ_MESSAGES"; + std::vector results; + // record over size + EXPECT_EQ(PrivacyError::ERR_OVERSIZE, + PermissionRecordManager::GetInstance().GetPermissionUsedTypeInfos(tokenId, permissionName, results)); + + for (const auto& id : tokenIdList) { + EXPECT_EQ(RET_SUCCESS, PrivacyKit::RemovePermissionUsedRecords(id)); + EXPECT_EQ(RET_SUCCESS, PrivacyTestCommon::DeleteTestHapToken(id)); + } +} + /* * @tc.name: AddDataValueToResults001 * @tc.desc: PermissionRecordManager::AddDataValueToResults function test diff --git a/test/fuzztest/normalize_service/accesstoken/gethaptokenidservice_fuzzer/corpus/init b/test/fuzztest/normalize_service/accesstoken/gethaptokenidservice_fuzzer/corpus/init index 26cdf7c64..f3c5c238f 100644 --- a/test/fuzztest/normalize_service/accesstoken/gethaptokenidservice_fuzzer/corpus/init +++ b/test/fuzztest/normalize_service/accesstoken/gethaptokenidservice_fuzzer/corpus/init @@ -1 +1,14 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + 0x6f0x680x6f0x730x2e0x670x6c0x6f0x620x610x6c0x2e0x730x790x730x740x650x6d0x720x650x735c0000000000 \ No newline at end of file diff --git a/test/fuzztest/normalize_service/accesstoken/gethaptokeninfoservice_fuzzer/corpus/init b/test/fuzztest/normalize_service/accesstoken/gethaptokeninfoservice_fuzzer/corpus/init index 342d76d4a..f8e3e81a3 100644 --- a/test/fuzztest/normalize_service/accesstoken/gethaptokeninfoservice_fuzzer/corpus/init +++ b/test/fuzztest/normalize_service/accesstoken/gethaptokeninfoservice_fuzzer/corpus/init @@ -1 +1,14 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + 15460020 \ No newline at end of file -- Gitee