From fd61425c59020bb85912a2dd248b6264e54bd649 Mon Sep 17 00:00:00 2001
From: lsq <linshuqing2@huawei.com>
Date: Tue, 13 Sep 2022 09:19:42 +0800
Subject: [PATCH 01/51] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=8E=A5=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: lsq <linshuqing2@huawei.com>
Change-Id: I92aec53ecfe7fb1c0644063296a7e0a0ac82ed87
---
 .../accesstoken/include/accesstoken_kit.h     |  1 +
 .../accesstoken/src/accesstoken_kit.cpp       |  5 ++
 .../unittest/src/accesstoken_kit_test.cpp     | 12 ++++
 .../accesstoken/napi/include/napi_atmanager.h |  9 ++-
 .../accesstoken/napi/src/napi_atmanager.cpp   | 63 +++++++++++++++++--
 5 files changed, 81 insertions(+), 9 deletions(-)

diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
index b5fef3e72..640a694e6 100644
--- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
+++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
@@ -63,6 +63,7 @@ public:
     static int32_t UnRegisterPermStateChangeCallback(const std::shared_ptr<PermStateChangeCallbackCustomize>& callback);
     static int32_t GetHapDlpFlag(AccessTokenID tokenID);
     static int32_t ReloadNativeTokenInfo();
+    static int32_t GetVersion(void);
 
 #ifdef TOKEN_SYNC_ENABLE
     static int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync);
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
index f18c0837b..1ab19e338 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
@@ -377,6 +377,11 @@ void AccessTokenKit::DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo)
     ACCESSTOKEN_LOG_DEBUG(LABEL, "called, tokenID=%{public}d", tokenID);
     AccessTokenManagerClient::GetInstance().DumpTokenInfo(tokenID, dumpInfo);
 }
+
+int32_t AccessTokenKit::GetVersion(void)
+{
+    return DEFAULT_TOKEN_VERSION;
+}
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
index d6c419f10..415c82547 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
@@ -3675,6 +3675,18 @@ HWTEST_F(AccessTokenKitTest, UnRegisterPermStateChangeCallback002, TestSize.Leve
     res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
     ASSERT_EQ(RET_FAILED, res);
 }
+
+/**
+ * @tc.name: GetVersion001
+ * @tc.desc: GetVersion001 test.
+ * @tc.type: FUNC
+ * @tc.require: issueI5NT1X
+ */
+HWTEST_F(AccessTokenKitTest, GetVersion001, TestSize.Level1)
+{
+    int32_t res = AccessTokenKit::GetVersion();
+    ASSERT_EQ(DEFAULT_TOKEN_VERSION, res);
+}
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
diff --git a/interfaces/kits/accesstoken/napi/include/napi_atmanager.h b/interfaces/kits/accesstoken/napi/include/napi_atmanager.h
index d208a4912..976eeda60 100644
--- a/interfaces/kits/accesstoken/napi/include/napi_atmanager.h
+++ b/interfaces/kits/accesstoken/napi/include/napi_atmanager.h
@@ -104,6 +104,7 @@ private:
     static napi_value GrantUserGrantedPermission(napi_env env, napi_callback_info info);
     static napi_value RevokeUserGrantedPermission(napi_env env, napi_callback_info info);
     static napi_value GetPermissionFlags(napi_env env, napi_callback_info info);
+    static napi_value GetVersion(napi_env env, napi_callback_info info);
 
     static void ParseInputVerifyPermissionOrGetFlag(const napi_env env, const napi_callback_info info,
         AtManagerAsyncContext& asyncContext);
@@ -111,11 +112,13 @@ private:
     static void VerifyAccessTokenComplete(napi_env env, napi_status status, void *data);
     static void ParseInputGrantOrRevokePermission(const napi_env env, const napi_callback_info info,
         AtManagerAsyncContext& asyncContext);
-    static void GrantUserGrantedPermissionExcute(napi_env env, void *data);
+    static void GrantUserGrantedPermissionExecute(napi_env env, void *data);
     static void GrantUserGrantedPermissionComplete(napi_env env, napi_status status, void *data);
-    static void RevokeUserGrantedPermissionExcute(napi_env env, void *data);
+    static void RevokeUserGrantedPermissionExecute(napi_env env, void *data);
     static void RevokeUserGrantedPermissionComplete(napi_env env, napi_status status, void *data);
-    static void GetPermissionFlagsExcute(napi_env env, void *data);
+    static void GetVersionExecute(napi_env env, void *data);
+    static void GetVersionComplete(napi_env env, napi_status status, void *data);
+    static void GetPermissionFlagsExecute(napi_env env, void *data);
     static void GetPermissionFlagsComplete(napi_env env, napi_status status, void *data);
     static void SetNamedProperty(napi_env env, napi_value dstObj, const int32_t objValue, const char *propName);
     static bool ParseInputToRegister(const napi_env env, napi_callback_info cbInfo,
diff --git a/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp b/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp
index aa0628df1..1bf506854 100644
--- a/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp
+++ b/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp
@@ -167,6 +167,7 @@ napi_value NapiAtManager::Init(napi_env env, napi_value exports)
         DECLARE_NAPI_FUNCTION("getPermissionFlags", GetPermissionFlags),
         DECLARE_NAPI_FUNCTION("on", RegisterPermStateChangeCallback),
         DECLARE_NAPI_FUNCTION("off", UnregisterPermStateChangeCallback),
+        DECLARE_NAPI_FUNCTION("getVersion", GetVersion),
     };
 
     napi_value cons = nullptr;
@@ -410,7 +411,7 @@ void NapiAtManager::ParseInputGrantOrRevokePermission(const napi_env env, const
         asyncContext.tokenId, asyncContext.permissionName, asyncContext.flag);
 }
 
-void NapiAtManager::GrantUserGrantedPermissionExcute(napi_env env, void *data)
+void NapiAtManager::GrantUserGrantedPermissionExecute(napi_env env, void *data)
 {
     AtManagerAsyncContext* asyncContext = reinterpret_cast<AtManagerAsyncContext *>(data);
     PermissionDef permissionDef;
@@ -474,6 +475,56 @@ void NapiAtManager::GrantUserGrantedPermissionComplete(napi_env env, napi_status
     delete asyncContext;
 }
 
+napi_value NapiAtManager::GetVersion(napi_env env, napi_callback_info info)
+{
+    ACCESSTOKEN_LOG_DEBUG(LABEL, "GetVersion begin.");
+
+    auto *asyncContext = new (std::nothrow) AtManagerAsyncContext(); // for async work deliver data
+    if (asyncContext == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "new struct fail.");
+        return nullptr;
+    }
+    asyncContext->result = AT_PERM_OPERA_FAIL;
+
+    napi_value result = nullptr;
+
+    napi_create_promise(env, &(asyncContext->deferred), &result);
+
+    napi_value resource = nullptr;
+    napi_create_string_utf8(env, "GetVersion", NAPI_AUTO_LENGTH, &resource);
+
+    napi_create_async_work(
+        env, nullptr, resource, GetVersionExecute, GetVersionComplete,
+        reinterpret_cast<void *>(asyncContext), &(asyncContext->work));
+
+    napi_queue_async_work(env, asyncContext->work); // add async work handle to the napi queue and wait for result
+
+    ACCESSTOKEN_LOG_DEBUG(LABEL, "GetVersion end.");
+
+    return result;
+}
+
+void NapiAtManager::GetVersionExecute(napi_env env, void *data)
+{
+    AtManagerAsyncContext* asyncContext = reinterpret_cast<AtManagerAsyncContext *>(data);
+    asyncContext->result = AccessTokenKit::GetVersion();
+    ACCESSTOKEN_LOG_DEBUG(LABEL, "version result = %{public}d.", asyncContext->result);
+}
+
+void NapiAtManager::GetVersionComplete(napi_env env, napi_status status, void *data)
+{
+    AtManagerAsyncContext* asyncContext = reinterpret_cast<AtManagerAsyncContext *>(data);
+    napi_value result;
+
+    ACCESSTOKEN_LOG_DEBUG(LABEL, "version result = %{public}d.", asyncContext->result);
+
+    napi_create_int32(env, asyncContext->result, &result);
+    napi_resolve_deferred(env, asyncContext->deferred, result);
+
+    napi_delete_async_work(env, asyncContext->work);
+    delete asyncContext;
+}
+
 napi_value NapiAtManager::GrantUserGrantedPermission(napi_env env, napi_callback_info info)
 {
     ACCESSTOKEN_LOG_DEBUG(LABEL, "GrantUserGrantedPermission begin.");
@@ -507,7 +558,7 @@ napi_value NapiAtManager::GrantUserGrantedPermission(napi_env env, napi_callback
     napi_create_string_utf8(env, "GrantUserGrantedPermission", NAPI_AUTO_LENGTH, &resource);
 
     napi_create_async_work( // define work
-        env, nullptr, resource, GrantUserGrantedPermissionExcute, GrantUserGrantedPermissionComplete,
+        env, nullptr, resource, GrantUserGrantedPermissionExecute, GrantUserGrantedPermissionComplete,
         reinterpret_cast<void *>(asyncContext), &(asyncContext->work));
 
     napi_queue_async_work(env, asyncContext->work); // add async work handle to the napi queue and wait for result
@@ -517,7 +568,7 @@ napi_value NapiAtManager::GrantUserGrantedPermission(napi_env env, napi_callback
     return result;
 }
 
-void NapiAtManager::RevokeUserGrantedPermissionExcute(napi_env env, void *data)
+void NapiAtManager::RevokeUserGrantedPermissionExecute(napi_env env, void *data)
 {
     AtManagerAsyncContext* asyncContext = reinterpret_cast<AtManagerAsyncContext *>(data);
     PermissionDef permissionDef;
@@ -614,7 +665,7 @@ napi_value NapiAtManager::RevokeUserGrantedPermission(napi_env env, napi_callbac
     napi_create_string_utf8(env, "RevokeUserGrantedPermission", NAPI_AUTO_LENGTH, &resource);
 
     napi_create_async_work( // define work
-        env, nullptr, resource, RevokeUserGrantedPermissionExcute, RevokeUserGrantedPermissionComplete,
+        env, nullptr, resource, RevokeUserGrantedPermissionExecute, RevokeUserGrantedPermissionComplete,
         reinterpret_cast<void *>(asyncContext), &(asyncContext->work));
 
     napi_queue_async_work(env, asyncContext->work); // add async work handle to the napi queue and wait for result
@@ -624,7 +675,7 @@ napi_value NapiAtManager::RevokeUserGrantedPermission(napi_env env, napi_callbac
     return result;
 }
 
-void NapiAtManager::GetPermissionFlagsExcute(napi_env env, void *data)
+void NapiAtManager::GetPermissionFlagsExecute(napi_env env, void *data)
 {
     AtManagerAsyncContext* asyncContext = reinterpret_cast<AtManagerAsyncContext*>(data);
 
@@ -676,7 +727,7 @@ napi_value NapiAtManager::GetPermissionFlags(napi_env env, napi_callback_info in
     napi_create_string_utf8(env, "VerifyAccessToken", NAPI_AUTO_LENGTH, &resource);
 
     napi_create_async_work( // define work
-        env, nullptr, resource, GetPermissionFlagsExcute, GetPermissionFlagsComplete,
+        env, nullptr, resource, GetPermissionFlagsExecute, GetPermissionFlagsComplete,
         reinterpret_cast<void *>(asyncContext), &(asyncContext->work));
     napi_queue_async_work(env, asyncContext->work); // add async work handle to the napi queue and wait for result
 
-- 
Gitee


From 2f6a4efcf6a48ac60a55db3c866fda9e9e316582 Mon Sep 17 00:00:00 2001
From: lsq <linshuqing2@huawei.com>
Date: Fri, 9 Sep 2022 11:46:26 +0800
Subject: [PATCH 02/51] =?UTF-8?q?=E8=A1=A5=E5=85=85=E6=B5=8B=E8=AF=95?=
 =?UTF-8?q?=E5=A5=97?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: lsq <linshuqing2@huawei.com>
Change-Id: I422c61725cb06448ed36dfe4c7817ba3021b923c
---
 .../innerkits/accesstoken/test/BUILD.gn       |    5 +-
 .../unittest/src/remote_token_kit_test.cpp    | 1233 +++++++++++++++++
 .../test/unittest/src/remote_token_kit_test.h |   63 +
 3 files changed, 1300 insertions(+), 1 deletion(-)
 create mode 100644 interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
 create mode 100644 interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.h

diff --git a/interfaces/innerkits/accesstoken/test/BUILD.gn b/interfaces/innerkits/accesstoken/test/BUILD.gn
index 6069ca138..468d6af8e 100644
--- a/interfaces/innerkits/accesstoken/test/BUILD.gn
+++ b/interfaces/innerkits/accesstoken/test/BUILD.gn
@@ -28,7 +28,10 @@ ohos_unittest("libaccesstoken_sdk_test") {
     "//base/security/access_token/frameworks/common/include",
   ]
 
-  sources = [ "unittest/src/accesstoken_kit_test.cpp" ]
+  sources = [
+    "unittest/src/accesstoken_kit_test.cpp",
+    "unittest/src/remote_token_kit_test.cpp",
+  ]
 
   cflags_cc = [ "-DHILOG_ENABLE" ]
 
diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
new file mode 100644
index 000000000..4433d1a7b
--- /dev/null
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
@@ -0,0 +1,1233 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "remote_token_kit_test.h"
+#include <thread>
+
+#include "accesstoken_kit.h"
+#include "nativetoken_kit.h"
+#include "accesstoken_log.h"
+#include "token_setproc.h"
+#include "softbus_bus_center.h"
+
+using namespace testing::ext;
+using namespace OHOS::Security::AccessToken;
+
+namespace {
+static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "RemoteTokenKitTest"};
+
+PermissionStateFull g_grantPermissionReq = {
+    .permissionName = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS",
+    .isGeneral = true,
+    .resDeviceID = {"device"},
+    .grantStatus = {PermissionState::PERMISSION_GRANTED},
+    .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
+};
+PermissionStateFull g_revokePermissionReq = {
+    .permissionName = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS",
+    .isGeneral = true,
+    .resDeviceID = {"device"},
+    .grantStatus = {PermissionState::PERMISSION_GRANTED},
+    .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
+};
+
+PermissionDef g_infoManagerTestPermDef1 = {
+    .permissionName = "ohos.permission.test1",
+    .bundleName = "accesstoken_test",
+    .grantMode = 1,
+    .label = "label",
+    .labelId = 1,
+    .description = "open the door",
+    .descriptionId = 1,
+    .availableLevel = APL_NORMAL
+};
+
+PermissionDef g_infoManagerTestPermDef2 = {
+    .permissionName = "ohos.permission.test2",
+    .bundleName = "accesstoken_test",
+    .grantMode = 1,
+    .label = "label",
+    .labelId = 1,
+    .description = "break the door",
+    .descriptionId = 1,
+    .availableLevel = APL_NORMAL
+};
+
+PermissionStateFull g_infoManagerTestState1 = {
+    .grantFlags = {1},
+    .grantStatus = {PermissionState::PERMISSION_GRANTED},
+    .isGeneral = true,
+    .permissionName = "ohos.permission.test1",
+    .resDeviceID = {"local"}
+};
+
+PermissionStateFull g_infoManagerTestState2 = {
+    .permissionName = "ohos.permission.test2",
+    .isGeneral = false,
+    .grantFlags = {1, 2},
+    .grantStatus = {PermissionState::PERMISSION_GRANTED, PermissionState::PERMISSION_GRANTED},
+    .resDeviceID = {"device 1", "device 2"}
+};
+
+HapInfoParams g_infoManagerTestInfoParms = {
+    .bundleName = "accesstoken_test",
+    .userID = 1,
+    .instIndex = 0,
+    .appIDDesc = "testtesttesttest"
+};
+
+HapPolicyParams g_infoManagerTestPolicyPrams = {
+    .apl = APL_NORMAL,
+    .domain = "test.domain",
+    .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2},
+    .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2}
+};
+
+HapInfoParams g_infoManagerTestInfoParmsBak = {
+    .bundleName = "accesstoken_test",
+    .userID = 1,
+    .instIndex = 0,
+    .appIDDesc = "testtesttesttest"
+};
+
+HapPolicyParams g_infoManagerTestPolicyPramsBak = {
+    .apl = APL_NORMAL,
+    .domain = "test.domain",
+    .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2},
+    .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2}
+};
+}
+
+void NativeTokenGet()
+{
+    uint64_t tokenId;
+    const char **perms = new const char *[1];
+    perms[0] = "ohos.permission.DISTRIBUTED_DATASYNC"; // system_core
+    NativeTokenInfoParams infoInstance = {
+        .dcapsNum = 0,
+        .permsNum = 1,
+        .aclsNum = 0,
+        .dcaps = nullptr,
+        .perms = perms,
+        .acls = nullptr,
+        .aplStr = "system_basic",
+    };
+
+    infoInstance.processName = "SetUpTestCase";
+    tokenId = GetAccessTokenId(&infoInstance);
+    ASSERT_NE(tokenId, 0);
+    SetSelfTokenID(tokenId);
+    AccessTokenKit::ReloadNativeTokenInfo();
+    delete[] perms;
+}
+
+void RemoteTokenKitTest::SetUpTestCase()
+{
+    // make test case clean
+    AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
+                                                          g_infoManagerTestInfoParms.bundleName,
+                                                          g_infoManagerTestInfoParms.instIndex);
+    AccessTokenKit::DeleteToken(tokenID);
+
+    tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenKit::DeleteToken(tokenID);
+
+    NativeTokenGet();
+}
+
+void RemoteTokenKitTest::TearDownTestCase()
+{
+}
+
+void RemoteTokenKitTest::SetUp()
+{
+    selfTokenId_ = GetSelfTokenID();
+    g_infoManagerTestInfoParms = g_infoManagerTestInfoParmsBak;
+    g_infoManagerTestPolicyPrams = g_infoManagerTestPolicyPramsBak;
+    AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
+                                                          g_infoManagerTestInfoParms.bundleName,
+                                                          g_infoManagerTestInfoParms.instIndex);
+    AccessTokenKit::DeleteToken(tokenID);
+
+    NodeBasicInfo deviceInfo;
+    int32_t res = ::GetLocalNodeDeviceInfo(TEST_PKG_NAME.c_str(), &deviceInfo);
+    ASSERT_EQ(res, RET_SUCCESS);
+    char udid[128] = {0}; // 128 is udid length
+    ::GetNodeKeyInfo(TEST_PKG_NAME.c_str(), deviceInfo.networkId,
+        NodeDeviceInfoKey::NODE_KEY_UDID, (uint8_t *)udid, 128); // 128 is udid length
+
+    udid_.append(udid);
+    networkId_.append(deviceInfo.networkId);
+
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetUp ok.");
+}
+
+void RemoteTokenKitTest::TearDown()
+{
+    AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    AccessTokenKit::DeleteToken(tokenID);
+    SetSelfTokenID(selfTokenId_);
+    udid_.clear();
+    networkId_.clear();
+}
+
+unsigned int RemoteTokenKitTest::GetAccessTokenID(int userID, std::string bundleName, int instIndex)
+{
+    return AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex);
+}
+
+void RemoteTokenKitTest::DeleteTestToken() const
+{
+    AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
+                                                          g_infoManagerTestInfoParms.bundleName,
+                                                          g_infoManagerTestInfoParms.instIndex);
+    int ret = AccessTokenKit::DeleteToken(tokenID);
+    if (tokenID != 0) {
+        ASSERT_EQ(RET_SUCCESS, ret);
+    }
+}
+
+void RemoteTokenKitTest::AllocTestToken() const
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
+    ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID);
+}
+
+#ifdef TOKEN_SYNC_ENABLE
+/**
+ * @tc.name: SetRemoteHapTokenInfo001
+ * @tc.desc: set remote hap token info success
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5
+ */
+HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo001, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo001 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = deviceID,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    // Get local map token ID
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+
+    // check local map token
+    HapTokenInfo resultInfo;
+    ret = AccessTokenKit::GetHapTokenInfo(mapID, resultInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+    ASSERT_EQ(resultInfo.apl, remoteTokenInfo.baseInfo.apl);
+    ASSERT_EQ(resultInfo.ver, remoteTokenInfo.baseInfo.ver);
+    ASSERT_EQ(resultInfo.userID, remoteTokenInfo.baseInfo.userID);
+    ASSERT_EQ(resultInfo.bundleName, remoteTokenInfo.baseInfo.bundleName);
+    ASSERT_EQ(resultInfo.instIndex, remoteTokenInfo.baseInfo.instIndex);
+    ASSERT_EQ(resultInfo.appID, remoteTokenInfo.baseInfo.appID);
+    ASSERT_EQ(resultInfo.deviceID, remoteTokenInfo.baseInfo.deviceID);
+    ASSERT_NE(resultInfo.tokenID, remoteTokenInfo.baseInfo.tokenID); // tokenID already is map tokenID
+    ASSERT_EQ(resultInfo.tokenAttr, remoteTokenInfo.baseInfo.tokenAttr);
+
+    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
+    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
+
+    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    ASSERT_EQ(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: SetRemoteHapTokenInfo002
+ * @tc.desc: set remote hap token info, token info is wrong
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5
+ */
+HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo002, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo002 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo rightBaseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    HapTokenInfo wrongBaseInfo = rightBaseInfo;
+    wrongBaseInfo.apl = (ATokenAplEnum)11; // wrong apl
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = wrongBaseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_NE(ret, RET_SUCCESS);
+
+    std::string wrongStr(10241, 'x');
+
+    wrongBaseInfo = rightBaseInfo;
+    wrongBaseInfo.appID = wrongStr; // wrong appID
+    remoteTokenInfo.baseInfo = wrongBaseInfo;
+    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_NE(ret, RET_SUCCESS);
+
+    wrongBaseInfo = rightBaseInfo;
+    wrongBaseInfo.bundleName = wrongStr; // wrong bundleName
+    remoteTokenInfo.baseInfo = wrongBaseInfo;
+    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_NE(ret, RET_SUCCESS);
+
+    wrongBaseInfo = rightBaseInfo;
+    wrongBaseInfo.deviceID = wrongStr; // wrong deviceID
+    remoteTokenInfo.baseInfo = wrongBaseInfo;
+    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_NE(ret, RET_SUCCESS);
+
+    wrongBaseInfo = rightBaseInfo;
+    wrongBaseInfo.tokenID = 0; // wrong tokenID
+    remoteTokenInfo.baseInfo = wrongBaseInfo;
+    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_NE(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: SetRemoteHapTokenInfo003
+ * @tc.desc: set remote hap token wrong permission grant
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5
+ */
+HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo003, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo003 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {11}, // wrong flags
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    // Get local map token ID
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+
+    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
+    ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
+
+    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    ASSERT_EQ(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: SetRemoteHapTokenInfo004
+ * @tc.desc: update remote hap token when remote exist
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5
+ */
+HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo004, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo004 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
+        .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    // Get local map token ID
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+
+    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
+    ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
+
+    remoteTokenInfo.permStateList[0].grantStatus[0] = PermissionState::PERMISSION_GRANTED; // second granted
+    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
+    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
+
+    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    ASSERT_EQ(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: SetRemoteHapTokenInfo005
+ * @tc.desc: add remote hap token, it can not grant by GrantPermission
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5
+ */
+HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo005, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo005 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
+        .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    // Get local map token ID
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+
+    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
+    ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
+
+    ret = AccessTokenKit::GrantPermission(mapID, "ohos.permission.test1", PermissionFlag::PERMISSION_SYSTEM_FIXED);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
+    ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
+
+    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    ASSERT_EQ(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: SetRemoteHapTokenInfo006
+ * @tc.desc: add remote hap token, it can not revoke by RevokePermission
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5
+ */
+HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo006, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo006 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED}, // first grant
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    // Get local map token ID
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+
+    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
+    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
+
+    ret = AccessTokenKit::RevokePermission(mapID, "ohos.permission.test1", PermissionFlag::PERMISSION_SYSTEM_FIXED);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
+    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
+
+    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    ASSERT_EQ(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: SetRemoteHapTokenInfo007
+ * @tc.desc: add remote hap token, it can not delete by DeleteToken
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5
+ */
+HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo007, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo007 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
+        .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    // Get local map token ID
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+
+    ret = AccessTokenKit::DeleteToken(mapID);
+    ASSERT_EQ(ret, RET_FAILED);
+
+    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    ASSERT_EQ(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: SetRemoteHapTokenInfo008
+ * @tc.desc: add remote hap token, it can not update by UpdateHapToken
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5
+ */
+HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo008, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo008 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    int32_t DEFAULT_API_VERSION = 8;
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
+        .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    // Get local map token ID
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+
+    HapPolicyParams policy;
+
+    ret = AccessTokenKit::UpdateHapToken(mapID, "updateFailed", DEFAULT_API_VERSION, policy);
+    ASSERT_EQ(ret, RET_FAILED);
+
+    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    ASSERT_EQ(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: SetRemoteHapTokenInfo009
+ * @tc.desc: add remote hap token, it can not clear by ClearUserGrantedPermissionState
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5
+ */
+HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo009, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo009 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    // Get local map token ID
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+
+    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
+    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
+
+    ret = AccessTokenKit::ClearUserGrantedPermissionState(mapID);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
+    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
+
+    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    ASSERT_EQ(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: SetRemoteHapTokenInfo010
+ * @tc.desc: tokenID is not hap token
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5
+ */
+HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo010, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo009 start.");
+    std::string deviceID = udid_;
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x28100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_NE(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: DeleteRemoteDeviceToken001
+ * @tc.desc: delete exist device mapping tokenId
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TA
+ */
+HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceToken001, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens001 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = deviceID,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+
+    HapTokenInfo info;
+    ret = AccessTokenKit::GetHapTokenInfo(mapID, info);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    ret = AccessTokenKit::GetHapTokenInfo(mapID, info);
+    ASSERT_NE(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: DeleteRemoteDeviceToken002
+ * @tc.desc: delete exist device mapping tokenId
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TA
+ */
+HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceToken002, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens001 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = deviceID,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+
+    HapTokenInfo info;
+    ret = AccessTokenKit::GetHapTokenInfo(mapID, info);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0);
+    ASSERT_NE(ret, RET_SUCCESS);
+
+    // deviceID is wrong
+    std::string wrongStr(10241, 'x');
+    deviceID = wrongStr;
+    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    ASSERT_NE(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: DeleteRemoteDeviceToken003
+ * @tc.desc: delete exist device mapping tokenId
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TA
+ */
+HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceToken003, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceToken003 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+
+    int ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    ASSERT_NE(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: DeleteRemoteDeviceTokens001
+ * @tc.desc: delete all mapping tokens of exist device
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TA
+ */
+HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceTokens001, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens001 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100001);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    HapTokenInfoForSync remoteTokenInfo1 = remoteTokenInfo;
+    remoteTokenInfo1.baseInfo.tokenID = 0x20100001;
+    remoteTokenInfo1.baseInfo.bundleName = "com.ohos.access_token1";
+    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo1);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+    AccessTokenID mapID1 = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100001);
+    ASSERT_NE(mapID1, 0);
+
+    ret = AccessTokenKit::DeleteRemoteDeviceTokens(deviceID);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    HapTokenInfo info;
+    ret = AccessTokenKit::GetHapTokenInfo(mapID, info);
+    ASSERT_NE(ret, RET_SUCCESS);
+    ret = AccessTokenKit::GetHapTokenInfo(mapID1, info);
+    ASSERT_NE(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: DeleteRemoteDeviceTokens002
+ * @tc.desc: delete all mapping tokens of NOT exist device
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TA
+ */
+HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceTokens002, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens002 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100001);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    HapTokenInfoForSync remoteTokenInfo1 = remoteTokenInfo;
+    remoteTokenInfo1.baseInfo.tokenID = 0x20100001;
+    remoteTokenInfo1.baseInfo.bundleName = "com.ohos.access_token1";
+    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo1);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+    AccessTokenID mapID1 = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100001);
+    ASSERT_NE(mapID1, 0);
+
+    ret = AccessTokenKit::DeleteRemoteDeviceTokens("1111111");
+    ASSERT_NE(ret, RET_SUCCESS);
+
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100001);
+}
+
+/**
+ * @tc.name: GetHapTokenInfoFromRemote001
+ * @tc.desc: get normal local tokenInfo
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TA
+ */
+HWTEST_F(RemoteTokenKitTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "GetHapTokenInfoFromRemote001 start.");
+    AccessTokenIDEx tokenIdEx = {0};
+    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
+    AccessTokenID localTokenID = tokenIdEx.tokenIdExStruct.tokenID;
+
+    HapTokenInfoForSync infoSync;
+    int ret = AccessTokenKit::GetHapTokenInfoFromRemote(localTokenID, infoSync);
+    ASSERT_EQ(ret, RET_SUCCESS);
+    ASSERT_EQ(infoSync.baseInfo.apl, g_infoManagerTestPolicyPrams.apl);
+    ASSERT_EQ(infoSync.permStateList.size(), 2);
+    ASSERT_EQ(infoSync.permStateList[1].grantFlags.size(), 2);
+
+    ASSERT_EQ(infoSync.permStateList[0].permissionName, g_infoManagerTestPolicyPrams.permStateList[0].permissionName);
+    ASSERT_EQ(infoSync.permStateList[0].grantFlags[0], g_infoManagerTestPolicyPrams.permStateList[0].grantFlags[0]);
+    ASSERT_EQ(infoSync.permStateList[0].grantStatus[0], g_infoManagerTestPolicyPrams.permStateList[0].grantStatus[0]);
+    ASSERT_EQ(infoSync.permStateList[0].resDeviceID[0], g_infoManagerTestPolicyPrams.permStateList[0].resDeviceID[0]);
+    ASSERT_EQ(infoSync.permStateList[0].isGeneral, g_infoManagerTestPolicyPrams.permStateList[0].isGeneral);
+
+    ASSERT_EQ(infoSync.permStateList[1].permissionName, g_infoManagerTestPolicyPrams.permStateList[1].permissionName);
+    ASSERT_EQ(infoSync.permStateList[1].grantFlags[0], g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[0]);
+    ASSERT_EQ(infoSync.permStateList[1].grantStatus[0], g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[0]);
+    ASSERT_EQ(infoSync.permStateList[1].resDeviceID[0], g_infoManagerTestPolicyPrams.permStateList[1].resDeviceID[0]);
+    ASSERT_EQ(infoSync.permStateList[1].isGeneral, g_infoManagerTestPolicyPrams.permStateList[1].isGeneral);
+
+    ASSERT_EQ(infoSync.permStateList[1].grantFlags[1], g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[1]);
+    ASSERT_EQ(infoSync.permStateList[1].grantStatus[1], g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[1]);
+    ASSERT_EQ(infoSync.permStateList[1].resDeviceID[1], g_infoManagerTestPolicyPrams.permStateList[1].resDeviceID[1]);
+
+    ASSERT_EQ(infoSync.baseInfo.bundleName, g_infoManagerTestInfoParms.bundleName);
+    ASSERT_EQ(infoSync.baseInfo.userID, g_infoManagerTestInfoParms.userID);
+    ASSERT_EQ(infoSync.baseInfo.instIndex, g_infoManagerTestInfoParms.instIndex);
+    ASSERT_EQ(infoSync.baseInfo.appID, g_infoManagerTestInfoParms.appIDDesc);
+    ASSERT_EQ(infoSync.baseInfo.ver, 1);
+    ASSERT_EQ(infoSync.baseInfo.tokenID, localTokenID);
+    ASSERT_EQ(infoSync.baseInfo.tokenAttr, 0);
+
+    AccessTokenKit::DeleteToken(localTokenID);
+}
+
+/**
+ * @tc.name: GetHapTokenInfoFromRemote002
+ * @tc.desc: get remote mapping tokenInfo
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TA
+ */
+HWTEST_F(RemoteTokenKitTest, GetHapTokenInfoFromRemote002, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "GetHapTokenInfoFromRemote002 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+
+    HapTokenInfoForSync infoSync;
+    ret = AccessTokenKit::GetHapTokenInfoFromRemote(mapID, infoSync);
+    ASSERT_NE(ret, RET_SUCCESS);
+
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+}
+
+/**
+ * @tc.name: GetHapTokenInfoFromRemote003
+ * @tc.desc: get wrong tokenInfo
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TA
+ */
+HWTEST_F(RemoteTokenKitTest, GetHapTokenInfoFromRemote003, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "GetHapTokenInfoFromRemote003 start.");
+    HapTokenInfoForSync infoSync;
+    int ret = AccessTokenKit::GetHapTokenInfoFromRemote(0, infoSync);
+    ASSERT_NE(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: AllocLocalTokenID001
+ * @tc.desc: get already mapping tokenInfo, makesure ipc right
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5
+ */
+HWTEST_F(RemoteTokenKitTest, AllocLocalTokenID001, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "AllocLocalTokenID001 start.");
+    std::string deviceID = udid_;
+    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
+    HapTokenInfo baseInfo = {
+        .apl = APL_NORMAL,
+        .ver = 1,
+        .userID = 1,
+        .bundleName = "com.ohos.access_token",
+        .instIndex = 1,
+        .appID = "testtesttesttest",
+        .deviceID = udid_,
+        .tokenID = 0x20100000,
+        .tokenAttr = 0
+    };
+
+    PermissionStateFull infoManagerTestState = {
+        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .isGeneral = true,
+        .permissionName = "ohos.permission.test1",
+        .resDeviceID = {"local"}};
+    std::vector<PermissionStateFull> permStateList;
+    permStateList.emplace_back(infoManagerTestState);
+
+    HapTokenInfoForSync remoteTokenInfo = {
+        .baseInfo = baseInfo,
+        .permStateList = permStateList
+    };
+
+    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
+    ASSERT_NE(mapID, 0);
+}
+
+/**
+ * @tc.name: GetAllNativeTokenInfo001
+ * @tc.desc: get all native token with dcaps
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T6
+ */
+HWTEST_F(RemoteTokenKitTest, GetAllNativeTokenInfo001, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "GetAllNativeTokenInfo001 start.");
+
+    std::vector<NativeTokenInfoForSync> nativeTokenInfosRes;
+    int ret = AccessTokenKit::GetAllNativeTokenInfo(nativeTokenInfosRes);
+    ASSERT_EQ(ret, RET_SUCCESS);
+}
+
+/**
+ * @tc.name: SetRemoteNativeTokenInfo001
+ * @tc.desc: set already mapping tokenInfo
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T6
+ */
+HWTEST_F(RemoteTokenKitTest, SetRemoteNativeTokenInfo001, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteNativeTokenInfo001 start.");
+    std::string deviceID = udid_;
+
+    NativeTokenInfoForSync native1 = {
+        .baseInfo.apl = APL_NORMAL,
+        .baseInfo.ver = 1,
+        .baseInfo.processName = "native_test1",
+        .baseInfo.dcap = {"SYSDCAP", "DMSDCAP"},
+        .baseInfo.tokenID = 0x28000000,
+        .baseInfo.tokenAttr = 0,
+        .baseInfo.nativeAcls = {"ohos.permission.DISTRIBUTED_DATASYNC"},
+    };
+
+    std::vector<NativeTokenInfoForSync> nativeTokenInfoList;
+    nativeTokenInfoList.emplace_back(native1);
+
+    int ret = AccessTokenKit::SetRemoteNativeTokenInfo(deviceID, nativeTokenInfoList);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    AccessTokenID mapID = AccessTokenKit::GetRemoteNativeTokenID(deviceID, 0x28000000);
+    ASSERT_NE(mapID, 0);
+
+    NativeTokenInfo resultInfo;
+    ret = AccessTokenKit::GetNativeTokenInfo(mapID, resultInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+
+    ASSERT_EQ(resultInfo.apl, native1.baseInfo.apl);
+    ASSERT_EQ(resultInfo.ver, native1.baseInfo.ver);
+    ASSERT_EQ(resultInfo.processName, native1.baseInfo.processName);
+    ASSERT_EQ(resultInfo.dcap.size(), 2);
+    ASSERT_EQ(resultInfo.dcap[0], "SYSDCAP");
+    ASSERT_EQ(resultInfo.dcap[1], "DMSDCAP");
+    ASSERT_EQ(resultInfo.nativeAcls.size(), 1);
+    ASSERT_EQ(resultInfo.nativeAcls[0], "ohos.permission.DISTRIBUTED_DATASYNC");
+    ASSERT_EQ(resultInfo.tokenID, mapID);
+    ASSERT_EQ(resultInfo.tokenAttr, native1.baseInfo.tokenAttr);
+}
+#endif
\ No newline at end of file
diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.h b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.h
new file mode 100644
index 000000000..4627dc16c
--- /dev/null
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.h
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef REMOTE_TOKEN_KIT_TEST_H
+#define REMOTE_TOKEN_KIT_TEST_H
+
+#include <gtest/gtest.h>
+#include "access_token.h"
+#include "permission_def.h"
+#include "permission_state_full.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+static const std::string TEST_BUNDLE_NAME = "ohos";
+static const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA";
+static const std::string TEST_PERMISSION_NAME_BETA = "ohos.permission.BETA";
+static const std::string TEST_PERMISSION_NAME_GAMMA = "ohos.permission.GAMMA";
+static const std::string TEST_PKG_NAME = "com.softbus.test";
+static const int TEST_USER_ID = 0;
+static const int TEST_USER_ID_INVALID = -1;
+static const unsigned int TEST_TOKENID_INVALID = 0;
+static const int INVALID_BUNDLENAME_LEN = 260;
+static const int INVALID_APPIDDESC_LEN = 10244;
+static const int INVALID_LABEL_LEN = 260;
+static const int INVALID_DESCRIPTION_LEN = 260;
+static const int INVALID_PERMNAME_LEN = 260;
+static const int CYCLE_TIMES = 100;
+static const int THREAD_NUM = 3;
+static const int INVALID_DCAP_LEN = 1025;
+static const int INVALID_DLP_TYPE = 4;
+class RemoteTokenKitTest : public testing::Test {
+public:
+    static void SetUpTestCase();
+
+    static void TearDownTestCase();
+
+    void SetUp();
+
+    void TearDown();
+    unsigned int GetAccessTokenID(int userID, std::string bundleName, int instIndex);
+    void DeleteTestToken() const;
+    void AllocTestToken() const;
+    uint64_t selfTokenId_;
+    std::string udid_;
+    std::string networkId_;
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+#endif // REMOTE_TOKEN_KIT_TEST_H
\ No newline at end of file
-- 
Gitee


From cb6c2779c902d9049a13905b014604282d663d63 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 10:47:45 +0800
Subject: [PATCH 03/51] Signed-off-by: y1585740638 <yulei99@huawei.com>
 Change-Id: I6f36fbbd57dbf4f08b294f779a6c4013e61cfc2e

---
 interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
index 6736123e1..7425a6ed3 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
@@ -320,7 +320,7 @@ int32_t AccessTokenKit::ReloadNativeTokenInfo()
 AccessTokenID AccessTokenKit::GetNativeTokenId(const std::string& processName)
 {
     if (!DataValidator::IsProcessNameValid(processName)) {
-        ACCESSTOKEN_LOG_ERROR(LABEL, "processName is invalid");
+        ACCESSTOKEN_LOG_ERROR(LABEL, "processName is invalid, processName=%{public}s", processName.c_str());
         return INVALID_TOKENID;
     }
     return AccessTokenManagerClient::GetInstance().GetNativeTokenId(processName);
-- 
Gitee


From 3f6549e9c4e66db86b918a0f5e28b30667799f0c Mon Sep 17 00:00:00 2001
From: cc_ggboy <chenweimin8@huawei.com>
Date: Tue, 13 Sep 2022 17:07:48 +0800
Subject: [PATCH 04/51] =?UTF-8?q?=E7=A8=8B=E5=BA=8F=E8=AE=BF=E9=97=AE?=
 =?UTF-8?q?=E6=8E=A7=E5=88=B6=E6=96=B0=E5=A2=9Efuzz=E6=B5=8B=E8=AF=95?=
 =?UTF-8?q?=E7=94=A8=E4=BE=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: cc_ggboy <chenweimin8@huawei.com>
---
 test/fuzztest/access_token/BUILD.gn           |  6 ++
 .../getdefpermissions_fuzzer/BUILD.gn         | 42 +++++++++++++
 .../getdefpermissions_fuzzer/corpus/init      | 13 ++++
 .../getdefpermissions_fuzzer.cpp              | 50 +++++++++++++++
 .../getdefpermissions_fuzzer.h                | 28 +++++++++
 .../getdefpermissions_fuzzer/project.xml      | 25 ++++++++
 .../gethaptokenid_fuzzer/BUILD.gn             | 39 ++++++++++++
 .../gethaptokenid_fuzzer/corpus/init          | 14 +++++
 .../gethaptokenid_fuzzer.cpp                  | 50 +++++++++++++++
 .../gethaptokenid_fuzzer.h                    | 28 +++++++++
 .../gethaptokenid_fuzzer/project.xml          | 25 ++++++++
 .../gethaptokeninfo_fuzzer/BUILD.gn           | 43 +++++++++++++
 .../gethaptokeninfo_fuzzer/corpus/init        | 14 +++++
 .../gethaptokeninfo_fuzzer.cpp                | 61 +++++++++++++++++++
 .../gethaptokeninfo_fuzzer.h                  | 28 +++++++++
 .../gethaptokeninfo_fuzzer/project.xml        | 25 ++++++++
 .../getnativetokeninfo_fuzzer/BUILD.gn        | 42 +++++++++++++
 .../getnativetokeninfo_fuzzer/corpus/init     | 13 ++++
 .../getnativetokeninfo_fuzzer.cpp             | 52 ++++++++++++++++
 .../getnativetokeninfo_fuzzer.h               | 28 +++++++++
 .../getnativetokeninfo_fuzzer/project.xml     | 25 ++++++++
 .../access_token/gettokentype_fuzzer/BUILD.gn | 43 +++++++++++++
 .../gettokentype_fuzzer/corpus/init           | 14 +++++
 .../gettokentype_fuzzer.cpp                   | 48 +++++++++++++++
 .../gettokentype_fuzzer/gettokentype_fuzzer.h | 28 +++++++++
 .../gettokentype_fuzzer/project.xml           | 25 ++++++++
 .../gettokentypeflag_fuzzer/BUILD.gn          | 39 ++++++++++++
 .../gettokentypeflag_fuzzer/corpus/init       | 14 +++++
 .../gettokentypeflag_fuzzer.cpp               | 46 ++++++++++++++
 .../gettokentypeflag_fuzzer.h                 | 28 +++++++++
 .../gettokentypeflag_fuzzer/project.xml       | 25 ++++++++
 31 files changed, 961 insertions(+)
 create mode 100644 test/fuzztest/access_token/getdefpermissions_fuzzer/BUILD.gn
 create mode 100644 test/fuzztest/access_token/getdefpermissions_fuzzer/corpus/init
 create mode 100644 test/fuzztest/access_token/getdefpermissions_fuzzer/getdefpermissions_fuzzer.cpp
 create mode 100644 test/fuzztest/access_token/getdefpermissions_fuzzer/getdefpermissions_fuzzer.h
 create mode 100644 test/fuzztest/access_token/getdefpermissions_fuzzer/project.xml
 create mode 100644 test/fuzztest/access_token/gethaptokenid_fuzzer/BUILD.gn
 create mode 100644 test/fuzztest/access_token/gethaptokenid_fuzzer/corpus/init
 create mode 100644 test/fuzztest/access_token/gethaptokenid_fuzzer/gethaptokenid_fuzzer.cpp
 create mode 100644 test/fuzztest/access_token/gethaptokenid_fuzzer/gethaptokenid_fuzzer.h
 create mode 100644 test/fuzztest/access_token/gethaptokenid_fuzzer/project.xml
 create mode 100644 test/fuzztest/access_token/gethaptokeninfo_fuzzer/BUILD.gn
 create mode 100644 test/fuzztest/access_token/gethaptokeninfo_fuzzer/corpus/init
 create mode 100644 test/fuzztest/access_token/gethaptokeninfo_fuzzer/gethaptokeninfo_fuzzer.cpp
 create mode 100644 test/fuzztest/access_token/gethaptokeninfo_fuzzer/gethaptokeninfo_fuzzer.h
 create mode 100644 test/fuzztest/access_token/gethaptokeninfo_fuzzer/project.xml
 create mode 100644 test/fuzztest/access_token/getnativetokeninfo_fuzzer/BUILD.gn
 create mode 100644 test/fuzztest/access_token/getnativetokeninfo_fuzzer/corpus/init
 create mode 100644 test/fuzztest/access_token/getnativetokeninfo_fuzzer/getnativetokeninfo_fuzzer.cpp
 create mode 100644 test/fuzztest/access_token/getnativetokeninfo_fuzzer/getnativetokeninfo_fuzzer.h
 create mode 100644 test/fuzztest/access_token/getnativetokeninfo_fuzzer/project.xml
 create mode 100644 test/fuzztest/access_token/gettokentype_fuzzer/BUILD.gn
 create mode 100644 test/fuzztest/access_token/gettokentype_fuzzer/corpus/init
 create mode 100644 test/fuzztest/access_token/gettokentype_fuzzer/gettokentype_fuzzer.cpp
 create mode 100644 test/fuzztest/access_token/gettokentype_fuzzer/gettokentype_fuzzer.h
 create mode 100644 test/fuzztest/access_token/gettokentype_fuzzer/project.xml
 create mode 100644 test/fuzztest/access_token/gettokentypeflag_fuzzer/BUILD.gn
 create mode 100644 test/fuzztest/access_token/gettokentypeflag_fuzzer/corpus/init
 create mode 100644 test/fuzztest/access_token/gettokentypeflag_fuzzer/gettokentypeflag_fuzzer.cpp
 create mode 100644 test/fuzztest/access_token/gettokentypeflag_fuzzer/gettokentypeflag_fuzzer.h
 create mode 100644 test/fuzztest/access_token/gettokentypeflag_fuzzer/project.xml

diff --git a/test/fuzztest/access_token/BUILD.gn b/test/fuzztest/access_token/BUILD.gn
index e37d93e7f..69dee3310 100644
--- a/test/fuzztest/access_token/BUILD.gn
+++ b/test/fuzztest/access_token/BUILD.gn
@@ -25,7 +25,13 @@ group("fuzztest") {
     "deleteremotetoken_fuzzer:DeleteRemoteTokenFuzzTest",
     "deletetoken_fuzzer:DeleteTokenFuzzTest",
     "getdefpermission_fuzzer:GetDefPermissionFuzzTest",
+    "getdefpermissions_fuzzer:GetDefPermissionsFuzzTest",
+    "gethaptokenid_fuzzer:GetHapTokenIDFuzzTest",
+    "gethaptokeninfo_fuzzer:GetHapTokenInfoFuzzTest",
+    "getnativetokeninfo_fuzzer:GetNativeTokenInfoFuzzTest",
     "getpermissionflags_fuzzer:GetPermissionFlagsFuzzTest",
+    "gettokentype_fuzzer:GetTokenTypeFuzzTest",
+    "gettokentypeflag_fuzzer:GetTokenTypeFlagFuzzTest",
     "grantpermission_fuzzer:GrantPermissionFuzzTest",
     "revokeusergrantedpermission_fuzzer:RevokeUserGrantedPermissionFuzzTest",
     "setremotehaptokeninfo_fuzzer:SetRemoteHapTokenInfoFuzzTest",
diff --git a/test/fuzztest/access_token/getdefpermissions_fuzzer/BUILD.gn b/test/fuzztest/access_token/getdefpermissions_fuzzer/BUILD.gn
new file mode 100644
index 000000000..c6ee63b5b
--- /dev/null
+++ b/test/fuzztest/access_token/getdefpermissions_fuzzer/BUILD.gn
@@ -0,0 +1,42 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/features.gni")
+import("//build/test.gni")
+
+module_output_path = "access_token/access_token"
+
+ohos_fuzztest("GetDefPermissionsFuzzTest") {
+  module_out_path = module_output_path
+  fuzz_config_file = "//base/security/access_token/test/fuzztest/access_token/getdefpermissions_fuzzer"
+
+  include_dirs = [
+    "//commonlibrary/c_utils/base/include",
+    "//base/security/access_token/interfaces/innerkits/accesstoken/include",
+  ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  sources = [ "getdefpermissions_fuzzer.cpp" ]
+  deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk" ]
+
+  configs = [ "//base/security/access_token/config:coverage_flags" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hiviewdfx_hilog_native:libhilog",
+  ]
+}
diff --git a/test/fuzztest/access_token/getdefpermissions_fuzzer/corpus/init b/test/fuzztest/access_token/getdefpermissions_fuzzer/corpus/init
new file mode 100644
index 000000000..1b910144f
--- /dev/null
+++ b/test/fuzztest/access_token/getdefpermissions_fuzzer/corpus/init
@@ -0,0 +1,13 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+FUZZ
\ No newline at end of file
diff --git a/test/fuzztest/access_token/getdefpermissions_fuzzer/getdefpermissions_fuzzer.cpp b/test/fuzztest/access_token/getdefpermissions_fuzzer/getdefpermissions_fuzzer.cpp
new file mode 100644
index 000000000..bc3dbd706
--- /dev/null
+++ b/test/fuzztest/access_token/getdefpermissions_fuzzer/getdefpermissions_fuzzer.cpp
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "getdefpermissions_fuzzer.h"
+
+#include <string>
+#include <vector>
+#include <thread>
+#undef private
+#include "accesstoken_kit.h"
+
+using namespace std;
+using namespace OHOS::Security::AccessToken;
+
+namespace OHOS {
+    bool GetDefPermissionsFuzzTest(const uint8_t* data, size_t size)
+    {
+        bool result = false;
+        if ((data == nullptr) || (size <= 0)) {
+            return result;
+        }
+        if (size > 0) {
+            AccessTokenID TOKENID = static_cast<AccessTokenID>(size);
+            std::vector<PermissionDef> permDefList;
+            result = AccessTokenKit::GetDefPermissions(TOKENID, permDefList);
+        }
+        return result;
+    }
+}
+
+/* Fuzzer entry point */
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    OHOS::GetDefPermissionsFuzzTest(data, size);
+    return 0;
+}
+
diff --git a/test/fuzztest/access_token/getdefpermissions_fuzzer/getdefpermissions_fuzzer.h b/test/fuzztest/access_token/getdefpermissions_fuzzer/getdefpermissions_fuzzer.h
new file mode 100644
index 000000000..a4909408e
--- /dev/null
+++ b/test/fuzztest/access_token/getdefpermissions_fuzzer/getdefpermissions_fuzzer.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_GETDEFPERMISSIONS_FUZZER_H
+#define TEST_FUZZTEST_GETDEFPERMISSIONS_FUZZER_H
+
+#include <climits>
+#include <cstdlib>
+#include <cstdint>
+#include <cstdio>
+#include <fcntl.h>
+#include <unistd.h>
+
+#define FUZZ_PROJECT_NAME "getdefpermissions_fuzzer"
+
+#endif // TEST_FUZZTEST_GETDEFPERMISSIONS_FUZZER_H
diff --git a/test/fuzztest/access_token/getdefpermissions_fuzzer/project.xml b/test/fuzztest/access_token/getdefpermissions_fuzzer/project.xml
new file mode 100644
index 000000000..6e8ad2cfd
--- /dev/null
+++ b/test/fuzztest/access_token/getdefpermissions_fuzzer/project.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2022 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>
diff --git a/test/fuzztest/access_token/gethaptokenid_fuzzer/BUILD.gn b/test/fuzztest/access_token/gethaptokenid_fuzzer/BUILD.gn
new file mode 100644
index 000000000..1940694af
--- /dev/null
+++ b/test/fuzztest/access_token/gethaptokenid_fuzzer/BUILD.gn
@@ -0,0 +1,39 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/features.gni")
+import("//build/test.gni")
+
+module_output_path = "access_token/access_token"
+
+ohos_fuzztest("GetHapTokenIDFuzzTest") {
+  module_out_path = module_output_path
+  fuzz_config_file = "//base/security/access_token/test/fuzztest/access_token/gethaptokenid_fuzzer"
+
+  include_dirs = [
+    "//commonlibrary/c_utils/base/include",
+    "//base/security/access_token/interfaces/innerkits/accesstoken/include",
+  ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  sources = [ "gethaptokenid_fuzzer.cpp" ]
+  deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk" ]
+  external_deps = [
+    "c_utils:utils",
+    "hiviewdfx_hilog_native:libhilog",
+  ]
+}
diff --git a/test/fuzztest/access_token/gethaptokenid_fuzzer/corpus/init b/test/fuzztest/access_token/gethaptokenid_fuzzer/corpus/init
new file mode 100644
index 000000000..c49c21aa8
--- /dev/null
+++ b/test/fuzztest/access_token/gethaptokenid_fuzzer/corpus/init
@@ -0,0 +1,14 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ
\ No newline at end of file
diff --git a/test/fuzztest/access_token/gethaptokenid_fuzzer/gethaptokenid_fuzzer.cpp b/test/fuzztest/access_token/gethaptokenid_fuzzer/gethaptokenid_fuzzer.cpp
new file mode 100644
index 000000000..de19c9778
--- /dev/null
+++ b/test/fuzztest/access_token/gethaptokenid_fuzzer/gethaptokenid_fuzzer.cpp
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "gethaptokenid_fuzzer.h"
+
+#include <stddef.h>
+#include <stdint.h>
+#include "accesstoken_kit.h"
+
+using namespace std;
+using namespace OHOS::Security::AccessToken;
+
+namespace OHOS {
+    bool GetHapTokenIDFuzzTest(const uint8_t* data, size_t size)
+    {
+        bool result = false;
+        if ((data == nullptr) || (size <= 0)) {
+            return result;
+        }
+        if (size >= 0) {
+            int userID = static_cast<int>(size);
+            std::string testName(reinterpret_cast<const char*>(data), size);
+            int instIndex = static_cast<int>(size);
+            result = AccessTokenKit::GetHapTokenID(userID, testName, instIndex);
+
+        }
+        return result;
+    }
+}
+
+/* Fuzzer entry point */
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    OHOS::GetHapTokenIDFuzzTest(data, size);
+    return 0;
+}
+
diff --git a/test/fuzztest/access_token/gethaptokenid_fuzzer/gethaptokenid_fuzzer.h b/test/fuzztest/access_token/gethaptokenid_fuzzer/gethaptokenid_fuzzer.h
new file mode 100644
index 000000000..eb0e784cf
--- /dev/null
+++ b/test/fuzztest/access_token/gethaptokenid_fuzzer/gethaptokenid_fuzzer.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_GETHAPTOKENID_FUZZER_H
+#define TEST_FUZZTEST_GETHAPTOKENID_FUZZER_H
+
+#include <climits>
+#include <cstdlib>
+#include <cstdint>
+#include <cstdio>
+#include <fcntl.h>
+#include <unistd.h>
+
+#define FUZZ_PROJECT_NAME "gethaptokenid_fuzzer"
+
+#endif // TEST_FUZZTEST_GETHAPTOKENID_FUZZER_H
diff --git a/test/fuzztest/access_token/gethaptokenid_fuzzer/project.xml b/test/fuzztest/access_token/gethaptokenid_fuzzer/project.xml
new file mode 100644
index 000000000..6e8ad2cfd
--- /dev/null
+++ b/test/fuzztest/access_token/gethaptokenid_fuzzer/project.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2022 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>
diff --git a/test/fuzztest/access_token/gethaptokeninfo_fuzzer/BUILD.gn b/test/fuzztest/access_token/gethaptokeninfo_fuzzer/BUILD.gn
new file mode 100644
index 000000000..05ee27bc4
--- /dev/null
+++ b/test/fuzztest/access_token/gethaptokeninfo_fuzzer/BUILD.gn
@@ -0,0 +1,43 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/features.gni")
+import("//build/test.gni")
+
+module_output_path = "access_token/access_token"
+
+ohos_fuzztest("GetHapTokenInfoFuzzTest") {
+  module_out_path = module_output_path
+  fuzz_config_file = "//base/security/access_token/test/fuzztest/access_token/gethaptokeninfo_fuzzer"
+
+  include_dirs = [
+    "//commonlibrary/c_utils/base/include",
+    "//base/security/access_token/interfaces/innerkits/accesstoken/include",
+  ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  sources = [ "gethaptokeninfo_fuzzer.cpp" ]
+
+  deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk" ]
+
+  configs = [ "//base/security/access_token/config:coverage_flags" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hiviewdfx_hilog_native:libhilog",
+  ]
+}
diff --git a/test/fuzztest/access_token/gethaptokeninfo_fuzzer/corpus/init b/test/fuzztest/access_token/gethaptokeninfo_fuzzer/corpus/init
new file mode 100644
index 000000000..c49c21aa8
--- /dev/null
+++ b/test/fuzztest/access_token/gethaptokeninfo_fuzzer/corpus/init
@@ -0,0 +1,14 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ
\ No newline at end of file
diff --git a/test/fuzztest/access_token/gethaptokeninfo_fuzzer/gethaptokeninfo_fuzzer.cpp b/test/fuzztest/access_token/gethaptokeninfo_fuzzer/gethaptokeninfo_fuzzer.cpp
new file mode 100644
index 000000000..1bb724453
--- /dev/null
+++ b/test/fuzztest/access_token/gethaptokeninfo_fuzzer/gethaptokeninfo_fuzzer.cpp
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "gethaptokeninfo_fuzzer.h"
+
+#include <stddef.h>
+#include <stdint.h>
+#include "accesstoken_kit.h"
+#include "hap_token_info.h"
+
+using namespace OHOS::Security::AccessToken;
+
+namespace OHOS {
+    bool GetHapTokenInfoFuzzTest(const uint8_t* data, size_t size)
+    {
+        bool result = false;
+        if ((data == nullptr) || (size <= 0)) {
+            return result;
+        }
+        if (size > 0) {
+            int num = static_cast<int>(size);
+            char ver = static_cast<char>(size);
+            AccessTokenID TOKENID = static_cast<AccessTokenID>(size);
+            std::string testName(reinterpret_cast<const char*>(data), size);
+            HapTokenInfo HapTokenInfotest = {
+                .ver = ver,
+                .userID = num,
+                .bundleName = testName,
+                .instIndex = num,
+                .dlpType = num,
+                .appID = testName,
+                .deviceID = testName,
+                .tokenID = TOKENID,
+                .tokenAttr = TOKENID,
+            };
+            result = AccessTokenKit::GetHapTokenInfo(TOKENID, HapTokenInfotest);
+        }
+        return result;
+    }
+}
+
+/* Fuzzer entry point */
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    OHOS::GetHapTokenInfoFuzzTest(data, size);
+    return 0;
+}
+
diff --git a/test/fuzztest/access_token/gethaptokeninfo_fuzzer/gethaptokeninfo_fuzzer.h b/test/fuzztest/access_token/gethaptokeninfo_fuzzer/gethaptokeninfo_fuzzer.h
new file mode 100644
index 000000000..6a7bef7d7
--- /dev/null
+++ b/test/fuzztest/access_token/gethaptokeninfo_fuzzer/gethaptokeninfo_fuzzer.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_GETHAPTOKENINFO_FUZZER_H
+#define TEST_FUZZTEST_GETHAPTOKENINFO_FUZZER_H
+
+#include <climits>
+#include <cstdlib>
+#include <cstdint>
+#include <cstdio>
+#include <fcntl.h>
+#include <unistd.h>
+
+#define FUZZ_PROJECT_NAME "gethaptokeninfo_fuzzer"
+
+#endif // TEST_FUZZTEST_GETHAPTOKENINFO_FUZZER_H
diff --git a/test/fuzztest/access_token/gethaptokeninfo_fuzzer/project.xml b/test/fuzztest/access_token/gethaptokeninfo_fuzzer/project.xml
new file mode 100644
index 000000000..6e8ad2cfd
--- /dev/null
+++ b/test/fuzztest/access_token/gethaptokeninfo_fuzzer/project.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2022 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>
diff --git a/test/fuzztest/access_token/getnativetokeninfo_fuzzer/BUILD.gn b/test/fuzztest/access_token/getnativetokeninfo_fuzzer/BUILD.gn
new file mode 100644
index 000000000..e0fd53879
--- /dev/null
+++ b/test/fuzztest/access_token/getnativetokeninfo_fuzzer/BUILD.gn
@@ -0,0 +1,42 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/features.gni")
+import("//build/test.gni")
+
+module_output_path = "access_token/access_token"
+
+ohos_fuzztest("GetNativeTokenInfoFuzzTest") {
+  module_out_path = module_output_path
+  fuzz_config_file = "//base/security/access_token/test/fuzztest/access_token/getnativetokeninfo_fuzzer"
+
+  include_dirs = [
+    "//commonlibrary/c_utils/base/include",
+    "//base/security/access_token/interfaces/innerkits/accesstoken/include",
+  ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  sources = [ "getnativetokeninfo_fuzzer.cpp" ]
+  deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk" ]
+
+  configs = [ "//base/security/access_token/config:coverage_flags" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hiviewdfx_hilog_native:libhilog",
+  ]
+}
diff --git a/test/fuzztest/access_token/getnativetokeninfo_fuzzer/corpus/init b/test/fuzztest/access_token/getnativetokeninfo_fuzzer/corpus/init
new file mode 100644
index 000000000..1b910144f
--- /dev/null
+++ b/test/fuzztest/access_token/getnativetokeninfo_fuzzer/corpus/init
@@ -0,0 +1,13 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+FUZZ
\ No newline at end of file
diff --git a/test/fuzztest/access_token/getnativetokeninfo_fuzzer/getnativetokeninfo_fuzzer.cpp b/test/fuzztest/access_token/getnativetokeninfo_fuzzer/getnativetokeninfo_fuzzer.cpp
new file mode 100644
index 000000000..4dd6305e1
--- /dev/null
+++ b/test/fuzztest/access_token/getnativetokeninfo_fuzzer/getnativetokeninfo_fuzzer.cpp
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "getnativetokeninfo_fuzzer.h"
+
+#include <iostream>
+#include <thread>
+#include <string>
+#include <vector>
+#undef private
+#include "accesstoken_kit.h"
+
+using namespace std;
+using namespace OHOS::Security::AccessToken;
+
+namespace OHOS {
+    bool GetNativeTokenInfoFuzzTest(const uint8_t* data, size_t size)
+    {
+        bool result = false;
+        if ((data == nullptr) || (size <= 0)) {
+            return result;
+        }
+        if (size > 0) {
+            AccessTokenID TOKENID = static_cast<AccessTokenID>(size);
+            std::string testName(reinterpret_cast<const char*>(data), size);
+            NativeTokenInfo NativeTokenInfotest;
+            result = AccessTokenKit::GetNativeTokenInfo(TOKENID, NativeTokenInfotest);
+        }
+        return result;
+    }
+}
+
+/* Fuzzer entry point */
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    OHOS::GetNativeTokenInfoFuzzTest(data, size);
+    return 0;
+}
+
diff --git a/test/fuzztest/access_token/getnativetokeninfo_fuzzer/getnativetokeninfo_fuzzer.h b/test/fuzztest/access_token/getnativetokeninfo_fuzzer/getnativetokeninfo_fuzzer.h
new file mode 100644
index 000000000..cdf7d6f0c
--- /dev/null
+++ b/test/fuzztest/access_token/getnativetokeninfo_fuzzer/getnativetokeninfo_fuzzer.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_GETNATIVETOKENINFO_FUZZER_H
+#define TEST_FUZZTEST_GETNATIVETOKENINFO_FUZZER_H
+
+#include <climits>
+#include <cstdlib>
+#include <cstdint>
+#include <cstdio>
+#include <fcntl.h>
+#include <unistd.h>
+
+#define FUZZ_PROJECT_NAME "getnativetokeninfo_fuzzer"
+
+#endif // TEST_FUZZTEST_GETNATIVETOKENINFO_FUZZER_H
diff --git a/test/fuzztest/access_token/getnativetokeninfo_fuzzer/project.xml b/test/fuzztest/access_token/getnativetokeninfo_fuzzer/project.xml
new file mode 100644
index 000000000..6e8ad2cfd
--- /dev/null
+++ b/test/fuzztest/access_token/getnativetokeninfo_fuzzer/project.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2022 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>
diff --git a/test/fuzztest/access_token/gettokentype_fuzzer/BUILD.gn b/test/fuzztest/access_token/gettokentype_fuzzer/BUILD.gn
new file mode 100644
index 000000000..d448f999b
--- /dev/null
+++ b/test/fuzztest/access_token/gettokentype_fuzzer/BUILD.gn
@@ -0,0 +1,43 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/features.gni")
+import("//build/test.gni")
+
+module_output_path = "access_token/access_token"
+
+ohos_fuzztest("GetTokenTypeFuzzTest") {
+  module_out_path = module_output_path
+  fuzz_config_file = "//base/security/access_token/test/fuzztest/access_token/gettokentype_fuzzer"
+
+  include_dirs = [
+    "//commonlibrary/c_utils/base/include",
+    "//base/security/access_token/interfaces/innerkits/accesstoken/include",
+  ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  sources = [ "gettokentype_fuzzer.cpp" ]
+
+  deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk" ]
+
+  configs = [ "//base/security/access_token/config:coverage_flags" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hiviewdfx_hilog_native:libhilog",
+  ]
+}
diff --git a/test/fuzztest/access_token/gettokentype_fuzzer/corpus/init b/test/fuzztest/access_token/gettokentype_fuzzer/corpus/init
new file mode 100644
index 000000000..c49c21aa8
--- /dev/null
+++ b/test/fuzztest/access_token/gettokentype_fuzzer/corpus/init
@@ -0,0 +1,14 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ
\ No newline at end of file
diff --git a/test/fuzztest/access_token/gettokentype_fuzzer/gettokentype_fuzzer.cpp b/test/fuzztest/access_token/gettokentype_fuzzer/gettokentype_fuzzer.cpp
new file mode 100644
index 000000000..dffc609e9
--- /dev/null
+++ b/test/fuzztest/access_token/gettokentype_fuzzer/gettokentype_fuzzer.cpp
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "gettokentype_fuzzer.h"
+
+#include <stddef.h>
+#include <stdint.h>
+#include "accesstoken_kit.h"
+
+using namespace OHOS::Security::AccessToken;
+
+namespace OHOS {
+    bool GetTokenTypeFuzzTest(const uint8_t* data, size_t size)
+    {
+        bool result = false;
+        ATokenTypeEnum ATokenType;
+        if ((data == nullptr) || (size <= 0)) {
+            return result;
+        }
+        if (size > 0) {
+            AccessTokenID TOKENID = static_cast<AccessTokenID>(size);
+            ATokenType = AccessTokenKit::GetTokenType(TOKENID);
+            result = true;
+        }
+        return result;
+    }
+}
+
+/* Fuzzer entry point */
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    OHOS::GetTokenTypeFuzzTest(data, size);
+    return 0;
+}
+
diff --git a/test/fuzztest/access_token/gettokentype_fuzzer/gettokentype_fuzzer.h b/test/fuzztest/access_token/gettokentype_fuzzer/gettokentype_fuzzer.h
new file mode 100644
index 000000000..e6faf3320
--- /dev/null
+++ b/test/fuzztest/access_token/gettokentype_fuzzer/gettokentype_fuzzer.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_GETTOKENTYPE_FUZZER_H
+#define TEST_FUZZTEST_GETTOKENTYPE_FUZZER_H
+
+#include <climits>
+#include <cstdlib>
+#include <cstdint>
+#include <cstdio>
+#include <fcntl.h>
+#include <unistd.h>
+
+#define FUZZ_PROJECT_NAME "gettokentype_fuzzer"
+
+#endif // TEST_FUZZTEST_GETTOKENTYPE_FUZZER_H
\ No newline at end of file
diff --git a/test/fuzztest/access_token/gettokentype_fuzzer/project.xml b/test/fuzztest/access_token/gettokentype_fuzzer/project.xml
new file mode 100644
index 000000000..6e8ad2cfd
--- /dev/null
+++ b/test/fuzztest/access_token/gettokentype_fuzzer/project.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2022 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>
diff --git a/test/fuzztest/access_token/gettokentypeflag_fuzzer/BUILD.gn b/test/fuzztest/access_token/gettokentypeflag_fuzzer/BUILD.gn
new file mode 100644
index 000000000..193768d5d
--- /dev/null
+++ b/test/fuzztest/access_token/gettokentypeflag_fuzzer/BUILD.gn
@@ -0,0 +1,39 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/features.gni")
+import("//build/test.gni")
+
+module_output_path = "access_token/access_token"
+
+ohos_fuzztest("GetTokenTypeFlagFuzzTest") {
+  module_out_path = module_output_path
+  fuzz_config_file = "//base/security/access_token/test/fuzztest/access_token/gettokentypeflag_fuzzer"
+
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  sources = [ "gettokentypeflag_fuzzer.cpp" ]
+
+  deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk" ]
+
+  configs = [ "//base/security/access_token/config:coverage_flags" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hiviewdfx_hilog_native:libhilog",
+  ]
+}
diff --git a/test/fuzztest/access_token/gettokentypeflag_fuzzer/corpus/init b/test/fuzztest/access_token/gettokentypeflag_fuzzer/corpus/init
new file mode 100644
index 000000000..c49c21aa8
--- /dev/null
+++ b/test/fuzztest/access_token/gettokentypeflag_fuzzer/corpus/init
@@ -0,0 +1,14 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ
\ No newline at end of file
diff --git a/test/fuzztest/access_token/gettokentypeflag_fuzzer/gettokentypeflag_fuzzer.cpp b/test/fuzztest/access_token/gettokentypeflag_fuzzer/gettokentypeflag_fuzzer.cpp
new file mode 100644
index 000000000..ce7732073
--- /dev/null
+++ b/test/fuzztest/access_token/gettokentypeflag_fuzzer/gettokentypeflag_fuzzer.cpp
@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "gettokentypeflag_fuzzer.h"
+
+#include <stddef.h>
+#include <stdint.h>
+#include "accesstoken_kit.h"
+
+using namespace OHOS::Security::AccessToken;
+
+namespace OHOS {
+    bool GetTokenTypeFlagFuzzTest(const uint8_t* data, size_t size)
+    {
+        bool result = false;
+        if ((data == nullptr) || (size <= 0)) {
+            return result;
+        }
+        if (size > 0) {
+            AccessTokenID TOKENID = static_cast<AccessTokenID>(size);
+            result = AccessTokenKit::GetTokenTypeFlag(TOKENID);
+        }
+        return result;
+    }
+}
+
+/* Fuzzer entry point */
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    OHOS::GetTokenTypeFlagFuzzTest(data, size);
+    return 0;
+}
+
diff --git a/test/fuzztest/access_token/gettokentypeflag_fuzzer/gettokentypeflag_fuzzer.h b/test/fuzztest/access_token/gettokentypeflag_fuzzer/gettokentypeflag_fuzzer.h
new file mode 100644
index 000000000..af9797a3f
--- /dev/null
+++ b/test/fuzztest/access_token/gettokentypeflag_fuzzer/gettokentypeflag_fuzzer.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_GETTOKENTYPEFLAG_FUZZER_H
+#define TEST_FUZZTEST_GETTOKENTYPEFLAG_FUZZER_H
+
+#include <climits>
+#include <cstdlib>
+#include <cstdint>
+#include <cstdio>
+#include <fcntl.h>
+#include <unistd.h>
+
+#define FUZZ_PROJECT_NAME "gettokentypeflag_fuzzer"
+
+#endif // TEST_FUZZTEST_GETTOKENTYPEFLAG_FUZZER_H
diff --git a/test/fuzztest/access_token/gettokentypeflag_fuzzer/project.xml b/test/fuzztest/access_token/gettokentypeflag_fuzzer/project.xml
new file mode 100644
index 000000000..6e8ad2cfd
--- /dev/null
+++ b/test/fuzztest/access_token/gettokentypeflag_fuzzer/project.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2022 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>
-- 
Gitee


From b6097d8d9df7c95de570330e4cfd8599b831caa1 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 12:04:07 +0800
Subject: [PATCH 05/51] test

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 BUILD.gn                                      |   1 +
 frameworks/accesstoken/test/BUILD.gn          | 140 ++++++++++++++++++
 .../unittest/src/hap_info_parcel_test.cpp     |  76 ++++++++++
 .../unittest/src/hap_policy_parcel_test.cpp   |  94 ++++++++++++
 ...rmission_state_change_info_parcel_test.cpp |  72 +++++++++
 ...mission_state_change_scope_parcel_test.cpp |  76 ++++++++++
 6 files changed, 459 insertions(+)
 create mode 100644 frameworks/accesstoken/test/BUILD.gn
 create mode 100644 frameworks/accesstoken/test/unittest/src/hap_info_parcel_test.cpp
 create mode 100644 frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
 create mode 100644 frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp
 create mode 100644 frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp

diff --git a/BUILD.gn b/BUILD.gn
index f334150b7..2a2972062 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -19,6 +19,7 @@ group("accesstoken_build_module_test") {
   deps = []
   if (is_standard_system) {
     deps += [
+      "//base/security/access_token/frameworks/accesstoken/test:unittest",
       "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest",
       "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest",
       "//base/security/access_token/interfaces/innerkits/privacy/test:unittest",
diff --git a/frameworks/accesstoken/test/BUILD.gn b/frameworks/accesstoken/test/BUILD.gn
new file mode 100644
index 000000000..f4fc1de58
--- /dev/null
+++ b/frameworks/accesstoken/test/BUILD.gn
@@ -0,0 +1,140 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//base/security/access_token/access_token.gni")
+import("//build/test.gni")
+
+config("accesstoken_test_config") {
+  include_dirs = [
+    "//commonlibrary/c_utils/base/include",
+    "//third_party/googletest/include",
+    "//base/security/access_token/frameworks/accesstoken/include",
+    "//base/security/access_token/frameworks/common/include",
+  ]
+}
+ohos_unittest("libpermission_state_change_info_parcel_test") {
+  subsystem_name = "security"
+  part_name = "access_token"
+  module_out_path = part_name + "/" + part_name
+
+  sources = [ "unittest/src/permission_state_change_info_parcel_test.cpp" ]
+
+  cflags_cc = [ "-DHILOG_ENABLE" ]
+
+  configs = [
+    ":accesstoken_test_config",
+    "//base/security/access_token/config:coverage_flags",
+  ]
+
+  deps = [ "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "dsoftbus:softbus_client",
+    "hiviewdfx_hilog_native:libhilog",
+    "ipc:ipc_single",
+  ]
+  if (token_sync_enable == true) {
+    cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
+  }
+}
+
+ohos_unittest("libpermission_state_change_scope_parcel_test") {
+  subsystem_name = "security"
+  part_name = "access_token"
+  module_out_path = part_name + "/" + part_name
+
+  sources = [ "unittest/src/permission_state_change_scope_parcel_test.cpp" ]
+
+  cflags_cc = [ "-DHILOG_ENABLE" ]
+
+  configs = [
+    ":accesstoken_test_config",
+    "//base/security/access_token/config:coverage_flags",
+  ]
+
+  deps = [ "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "dsoftbus:softbus_client",
+    "hiviewdfx_hilog_native:libhilog",
+    "ipc:ipc_single",
+  ]
+  if (token_sync_enable == true) {
+    cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
+  }
+}
+
+ohos_unittest("libhap_info_parcel_test") {
+  subsystem_name = "security"
+  part_name = "access_token"
+  module_out_path = part_name + "/" + part_name
+
+  sources = [ "unittest/src/hap_info_parcel_test.cpp" ]
+
+  cflags_cc = [ "-DHILOG_ENABLE" ]
+
+  configs = [
+    ":accesstoken_test_config",
+    "//base/security/access_token/config:coverage_flags",
+  ]
+
+  deps = [ "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "dsoftbus:softbus_client",
+    "hiviewdfx_hilog_native:libhilog",
+    "ipc:ipc_single",
+  ]
+  if (token_sync_enable == true) {
+    cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
+  }
+}
+
+ohos_unittest("libhap_policy_parcel_test") {
+  subsystem_name = "security"
+  part_name = "access_token"
+  module_out_path = part_name + "/" + part_name
+
+  sources = [ "unittest/src/hap_policy_parcel_test.cpp" ]
+
+  cflags_cc = [ "-DHILOG_ENABLE" ]
+
+  configs = [
+    ":accesstoken_test_config",
+    "//base/security/access_token/config:coverage_flags",
+  ]
+
+  deps = [ "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "dsoftbus:softbus_client",
+    "hiviewdfx_hilog_native:libhilog",
+    "ipc:ipc_single",
+  ]
+  if (token_sync_enable == true) {
+    cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
+  }
+}
+group("unittest") {
+  testonly = true
+  deps = [
+    ":libhap_info_parcel_test",
+    ":libhap_policy_parcel_test",
+    ":libpermission_state_change_info_parcel_test",
+    ":libpermission_state_change_scope_parcel_test",
+  ]
+}
diff --git a/frameworks/accesstoken/test/unittest/src/hap_info_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/hap_info_parcel_test.cpp
new file mode 100644
index 000000000..82892541b
--- /dev/null
+++ b/frameworks/accesstoken/test/unittest/src/hap_info_parcel_test.cpp
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+#include <gtest/gtest.h>
+#include <memory>
+#include <string>
+#include "accesstoken_log.h"
+#include "access_token.h"
+#include "hap_info_parcel.h"
+#include "parcel.h"
+
+using namespace testing::ext;
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+static constexpr int32_t DEFAULT_API_VERSION = 8;
+}
+class HapInfoParcelTest : public testing::Test  {
+public:
+    static void SetUpTestCase(void);
+    static void TearDownTestCase(void);
+    void SetUp();
+    void TearDown();
+};
+
+void HapInfoParcelTest::SetUpTestCase(void) {}
+void HapInfoParcelTest::TearDownTestCase(void) {}
+void HapInfoParcelTest::SetUp(void) {}
+void HapInfoParcelTest::TearDown(void) {}
+
+/**
+ * @tc.name: HapInfoParcel001
+ * @tc.desc: Verify the CreateHapTokenInfo add one hap token function.
+ * @tc.type: FUNC
+ * @tc.require: I5QKZF
+ */
+HWTEST_F(HapInfoParcelTest, HapInfoParcel001, TestSize.Level1)
+{
+    HapInfoParcel hapinfoParcel;
+    hapinfoParcel.hapInfoParameter = {
+        .userID = 1,
+        .bundleName = "accesstoken_test",
+        .instIndex = 0,
+        .appIDDesc = "testtesttesttest",
+        .apiVersion = DEFAULT_API_VERSION,
+    };
+
+    Parcel parcel;
+    EXPECT_EQ(true, hapinfoParcel.Marshalling(parcel));
+
+    std::shared_ptr<HapInfoParcel> readedData(HapInfoParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+
+    EXPECT_EQ(hapinfoParcel.hapInfoParameter.userID, readedData->hapInfoParameter.userID);
+    EXPECT_EQ(true, hapinfoParcel.hapInfoParameter.bundleName == readedData->hapInfoParameter.bundleName);
+    EXPECT_EQ(hapinfoParcel.hapInfoParameter.instIndex, readedData->hapInfoParameter.instIndex);
+    EXPECT_EQ(true, hapinfoParcel.hapInfoParameter.appIDDesc == readedData->hapInfoParameter.appIDDesc);
+    EXPECT_EQ(hapinfoParcel.hapInfoParameter.apiVersion, readedData->hapInfoParameter.apiVersion);
+}
+}
+}
+}
\ No newline at end of file
diff --git a/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
new file mode 100644
index 000000000..303c9f2c6
--- /dev/null
+++ b/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
@@ -0,0 +1,94 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+#include <gtest/gtest.h>
+#include <memory>
+#include <string>
+#include "accesstoken_log.h"
+#include "access_token.h"
+#include "hap_policy_parcel.h"
+#include "hap_token_info.h"
+#include "parcel.h"
+#include "permission_state_full.h"
+
+using namespace testing::ext;
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+static const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA";
+static const std::string TEST_PERMISSION_NAME_BETA = "ohos.permission.BETA";
+}
+class HapPolicyParcelTest : public testing::Test  {
+public:
+    static void SetUpTestCase(void);
+    static void TearDownTestCase(void);
+    void SetUp();
+    void TearDown();
+};
+
+void HapPolicyParcelTest::SetUpTestCase(void) {}
+void HapPolicyParcelTest::TearDownTestCase(void) {}
+void HapPolicyParcelTest::SetUp(void) {}
+void HapPolicyParcelTest::TearDown(void) {}
+
+/**
+ * @tc.name: HapPolicyParcel001
+ * @tc.desc: Verify the CreateHapTokenInfo add one hap token function.
+ * @tc.type: FUNC
+ * @tc.require: I5QKZF
+ */
+HWTEST_F(HapPolicyParcelTest, HapPolicyParcel001, TestSize.Level1)
+{
+    PermissionStateFull permStatAlpha = {
+        .permissionName = TEST_PERMISSION_NAME_ALPHA,
+        .isGeneral = true,
+        .resDeviceID = {"device"},
+        .grantStatus = {PermissionState::PERMISSION_DENIED},
+        .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
+    };
+    PermissionStateFull permStatBeta = {
+        .permissionName = TEST_PERMISSION_NAME_BETA,
+        .isGeneral = true,
+        .resDeviceID = {"device"},
+        .grantStatus = {PermissionState::PERMISSION_GRANTED},
+        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
+    };
+    HapPolicyParcel hapPolicyParcel;
+    hapPolicyParcel.hapPolicyParameter.apl = ATokenAplEnum::APL_NORMAL; 
+    hapPolicyParcel.hapPolicyParameter.domain = "test.domain";   
+    hapPolicyParcel.hapPolicyParameter.permStateList.emplace_back(permStatAlpha);
+    hapPolicyParcel.hapPolicyParameter.permStateList.emplace_back(permStatBeta);
+    Parcel parcel;
+    EXPECT_EQ(true, hapPolicyParcel.Marshalling(parcel));
+
+    std::shared_ptr<HapPolicyParcel> readedData(HapPolicyParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+
+    EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.apl, readedData->hapPolicyParameter.apl);
+    EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.domain == readedData->hapPolicyParameter.domain);
+    EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList.size() != 0);
+    for(int32_t i = 0; i < hapPolicyParcel.hapPolicyParameter.permStateList.size(); i++) {
+        EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList[i].permissionName == readedData->hapPolicyParameter.permStateList[i].permissionName);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].isGeneral, readedData->hapPolicyParameter.permStateList[i].isGeneral);
+        EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList[i].resDeviceID == readedData->hapPolicyParameter.permStateList[i].resDeviceID);
+        EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList[i].grantStatus == readedData->hapPolicyParameter.permStateList[i].grantStatus);
+        EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList[i].grantFlags == readedData->hapPolicyParameter.permStateList[i].grantFlags);
+    }
+}
+}
+}
+}
\ No newline at end of file
diff --git a/frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp
new file mode 100644
index 000000000..f6a3453da
--- /dev/null
+++ b/frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+#include <gtest/gtest.h>
+#include <memory>
+#include <string>
+#include "accesstoken_log.h"
+#include "parcel.h"
+#include "permission_state_change_info_parcel.h"
+#include "permission_state_change_info.h"
+
+using namespace testing::ext;
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+static constexpr int32_t TEST_PERMSTATE_CHANGE_TYPE = 10001;
+static constexpr AccessTokenID TEST_TOKEN_ID = 10002;
+static const std::string TEST_PERMISSION_NAME = "ohos.permission.PERMISSION_STATE_CHANGE_INFO";
+
+class PermissionStateChangeInfoParcelTest : public testing::Test  {
+public:
+    static void SetUpTestCase(void);
+    static void TearDownTestCase(void);
+    void SetUp();
+    void TearDown();
+};
+
+void PermissionStateChangeInfoParcelTest::SetUpTestCase(void) {}
+void PermissionStateChangeInfoParcelTest::TearDownTestCase(void) {}
+void PermissionStateChangeInfoParcelTest::SetUp(void) {}
+void PermissionStateChangeInfoParcelTest::TearDown(void) {}
+
+/**
+ * @tc.name: PermissionStateChangeInfoParcel001
+ * @tc.desc: Verify the CreateHapTokenInfo add one hap token function.
+ * @tc.type: FUNC
+ * @tc.require: I5QKZF
+ */
+HWTEST_F(PermissionStateChangeInfoParcelTest, PermissionStateChangeInfoParcel001, TestSize.Level1)
+{
+    PermissionStateChangeInfoParcel permissionStateParcel;
+    permissionStateParcel.changeInfo.PermStateChangeType = TEST_PERMSTATE_CHANGE_TYPE;
+    permissionStateParcel.changeInfo.tokenID = TEST_TOKEN_ID;
+    permissionStateParcel.changeInfo.permissionName = TEST_PERMISSION_NAME;
+
+    Parcel parcel;
+    EXPECT_EQ(true, permissionStateParcel.Marshalling(parcel));
+
+    std::shared_ptr<PermissionStateChangeInfoParcel> readedData(PermissionStateChangeInfoParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+    EXPECT_EQ(permissionStateParcel.changeInfo.PermStateChangeType, readedData->changeInfo.PermStateChangeType);
+    EXPECT_EQ(permissionStateParcel.changeInfo.tokenID, readedData->changeInfo.tokenID);
+    EXPECT_EQ(permissionStateParcel.changeInfo.permissionName, readedData->changeInfo.permissionName);
+}
+}
+}
+}
+}
\ No newline at end of file
diff --git a/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
new file mode 100644
index 000000000..807c59cd9
--- /dev/null
+++ b/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+#include <gtest/gtest.h>
+#include <memory>
+#include <string>
+#include "accesstoken_log.h"
+#include "parcel.h"
+#include "permission_state_change_scope_parcel.h"
+
+using namespace testing::ext;
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+static constexpr AccessTokenID TEST_TOKEN_ID = 10002;
+static const std::string TEST_PERMISSION_NAME = "ohos.permission.PERMISSION_STATE_CHANGE_INFO";
+
+class PermStateChangeScopeParcelTest : public testing::Test  {
+public:
+    static void SetUpTestCase(void);
+    static void TearDownTestCase(void);
+    void SetUp();
+    void TearDown();
+};
+
+void PermStateChangeScopeParcelTest::SetUpTestCase(void) {}
+void PermStateChangeScopeParcelTest::TearDownTestCase(void) {}
+void PermStateChangeScopeParcelTest::SetUp(void) {}
+void PermStateChangeScopeParcelTest::TearDown(void) {}
+
+/**
+ * @tc.name: PermStateChangeScopeParcel001
+ * @tc.desc: Verify the CreateHapTokenInfo add one hap token function.
+ * @tc.type: FUNC
+ * @tc.require: I5QKZF
+ */
+HWTEST_F(PermStateChangeScopeParcelTest, PermStateChangeScopeParcel001, TestSize.Level1)
+{
+    PermStateChangeScopeParcel permStateChangeScopeParcel;
+    permStateChangeScopeParcel.scope.tokenIDs.emplace_back(TEST_TOKEN_ID);
+    permStateChangeScopeParcel.scope.permList.emplace_back(TEST_PERMISSION_NAME);
+
+    Parcel parcel;
+    EXPECT_EQ(true, permStateChangeScopeParcel.Marshalling(parcel));
+
+    std::shared_ptr<PermStateChangeScopeParcel> readedData(PermStateChangeScopeParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+    
+    EXPECT_EQ(true,  readedData->scope.tokenIDs.size() != 0);
+    EXPECT_EQ(true,  readedData->scope.permList.size() != 0);
+
+    for(int32_t i = 0; i < readedData->scope.tokenIDs.size(); i++) {
+        EXPECT_EQ(permStateChangeScopeParcel.scope.tokenIDs[i], readedData->scope.tokenIDs[i]);
+    }
+    for(int32_t i = 0;i < readedData->scope.permList.size(); i++) {
+        EXPECT_EQ(true, permStateChangeScopeParcel.scope.permList[i] == readedData->scope.permList[i]);
+    } 
+}
+}
+}
+}
+}
\ No newline at end of file
-- 
Gitee


From 5f013afefc3ece1712970922cbe6dfa2ac40ec32 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 04:42:48 +0000
Subject: [PATCH 06/51] update
 frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 .../unittest/src/permission_state_change_info_parcel_test.cpp  | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp
index f6a3453da..bc5f7d4c6 100644
--- a/frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp
+++ b/frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp
@@ -30,7 +30,7 @@ namespace {
 static constexpr int32_t TEST_PERMSTATE_CHANGE_TYPE = 10001;
 static constexpr AccessTokenID TEST_TOKEN_ID = 10002;
 static const std::string TEST_PERMISSION_NAME = "ohos.permission.PERMISSION_STATE_CHANGE_INFO";
-
+}
 class PermissionStateChangeInfoParcelTest : public testing::Test  {
 public:
     static void SetUpTestCase(void);
@@ -68,5 +68,4 @@ HWTEST_F(PermissionStateChangeInfoParcelTest, PermissionStateChangeInfoParcel001
 }
 }
 }
-}
 }
\ No newline at end of file
-- 
Gitee


From 8728880e23bb6ac32d2e5ecc0e947a0017f60a02 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 04:43:25 +0000
Subject: [PATCH 07/51] update
 frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 .../unittest/src/permission_state_change_scope_parcel_test.cpp | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
index 807c59cd9..a7e3f8405 100644
--- a/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
+++ b/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
@@ -28,7 +28,7 @@ namespace AccessToken {
 namespace {
 static constexpr AccessTokenID TEST_TOKEN_ID = 10002;
 static const std::string TEST_PERMISSION_NAME = "ohos.permission.PERMISSION_STATE_CHANGE_INFO";
-
+}
 class PermStateChangeScopeParcelTest : public testing::Test  {
 public:
     static void SetUpTestCase(void);
@@ -72,5 +72,4 @@ HWTEST_F(PermStateChangeScopeParcelTest, PermStateChangeScopeParcel001, TestSize
 }
 }
 }
-}
 }
\ No newline at end of file
-- 
Gitee


From 1443cbdd9b65ae44ea80f10dd542844eee008b7b Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 06:33:20 +0000
Subject: [PATCH 08/51] update
 frameworks/accesstoken/test/unittest/src/hap_info_parcel_test.cpp.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 .../accesstoken/test/unittest/src/hap_info_parcel_test.cpp       | 1 -
 1 file changed, 1 deletion(-)

diff --git a/frameworks/accesstoken/test/unittest/src/hap_info_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/hap_info_parcel_test.cpp
index 82892541b..58e4cb85a 100644
--- a/frameworks/accesstoken/test/unittest/src/hap_info_parcel_test.cpp
+++ b/frameworks/accesstoken/test/unittest/src/hap_info_parcel_test.cpp
@@ -16,7 +16,6 @@
 #include <gtest/gtest.h>
 #include <memory>
 #include <string>
-#include "accesstoken_log.h"
 #include "access_token.h"
 #include "hap_info_parcel.h"
 #include "parcel.h"
-- 
Gitee


From 4f9a58e3c0341f99bf8ea6f47e4f25015cb6d1a4 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 06:33:47 +0000
Subject: [PATCH 09/51] update
 frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 .../accesstoken/test/unittest/src/hap_policy_parcel_test.cpp     | 1 -
 1 file changed, 1 deletion(-)

diff --git a/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
index 303c9f2c6..f15dfbfc3 100644
--- a/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
+++ b/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
@@ -16,7 +16,6 @@
 #include <gtest/gtest.h>
 #include <memory>
 #include <string>
-#include "accesstoken_log.h"
 #include "access_token.h"
 #include "hap_policy_parcel.h"
 #include "hap_token_info.h"
-- 
Gitee


From 9e3526f30ff09246b574e0fdb623d952a264ebed Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 06:34:50 +0000
Subject: [PATCH 10/51] update
 frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 .../unittest/src/permission_state_change_scope_parcel_test.cpp | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
index a7e3f8405..5940a359e 100644
--- a/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
+++ b/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
@@ -16,7 +16,6 @@
 #include <gtest/gtest.h>
 #include <memory>
 #include <string>
-#include "accesstoken_log.h"
 #include "parcel.h"
 #include "permission_state_change_scope_parcel.h"
 
@@ -66,7 +65,7 @@ HWTEST_F(PermStateChangeScopeParcelTest, PermStateChangeScopeParcel001, TestSize
     for(int32_t i = 0; i < readedData->scope.tokenIDs.size(); i++) {
         EXPECT_EQ(permStateChangeScopeParcel.scope.tokenIDs[i], readedData->scope.tokenIDs[i]);
     }
-    for(int32_t i = 0;i < readedData->scope.permList.size(); i++) {
+    for(int32_t i = 0; i < readedData->scope.permList.size(); i++) {
         EXPECT_EQ(true, permStateChangeScopeParcel.scope.permList[i] == readedData->scope.permList[i]);
     } 
 }
-- 
Gitee


From 5adec0f7eb55e31a1e937497eb58a205f4dfe9a1 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 06:35:15 +0000
Subject: [PATCH 11/51] update
 frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 .../unittest/src/permission_state_change_info_parcel_test.cpp    | 1 -
 1 file changed, 1 deletion(-)

diff --git a/frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp
index bc5f7d4c6..a0e69baab 100644
--- a/frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp
+++ b/frameworks/accesstoken/test/unittest/src/permission_state_change_info_parcel_test.cpp
@@ -16,7 +16,6 @@
 #include <gtest/gtest.h>
 #include <memory>
 #include <string>
-#include "accesstoken_log.h"
 #include "parcel.h"
 #include "permission_state_change_info_parcel.h"
 #include "permission_state_change_info.h"
-- 
Gitee


From b57916bcada018601954437e4f10f79bbaf5f4ac Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 06:37:55 +0000
Subject: [PATCH 12/51] update frameworks/accesstoken/test/BUILD.gn.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 frameworks/accesstoken/test/BUILD.gn | 21 ---------------------
 1 file changed, 21 deletions(-)

diff --git a/frameworks/accesstoken/test/BUILD.gn b/frameworks/accesstoken/test/BUILD.gn
index f4fc1de58..c6bf4a1db 100644
--- a/frameworks/accesstoken/test/BUILD.gn
+++ b/frameworks/accesstoken/test/BUILD.gn
@@ -29,8 +29,6 @@ ohos_unittest("libpermission_state_change_info_parcel_test") {
 
   sources = [ "unittest/src/permission_state_change_info_parcel_test.cpp" ]
 
-  cflags_cc = [ "-DHILOG_ENABLE" ]
-
   configs = [
     ":accesstoken_test_config",
     "//base/security/access_token/config:coverage_flags",
@@ -41,12 +39,8 @@ ohos_unittest("libpermission_state_change_info_parcel_test") {
   external_deps = [
     "c_utils:utils",
     "dsoftbus:softbus_client",
-    "hiviewdfx_hilog_native:libhilog",
     "ipc:ipc_single",
   ]
-  if (token_sync_enable == true) {
-    cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
-  }
 }
 
 ohos_unittest("libpermission_state_change_scope_parcel_test") {
@@ -56,8 +50,6 @@ ohos_unittest("libpermission_state_change_scope_parcel_test") {
 
   sources = [ "unittest/src/permission_state_change_scope_parcel_test.cpp" ]
 
-  cflags_cc = [ "-DHILOG_ENABLE" ]
-
   configs = [
     ":accesstoken_test_config",
     "//base/security/access_token/config:coverage_flags",
@@ -71,9 +63,6 @@ ohos_unittest("libpermission_state_change_scope_parcel_test") {
     "hiviewdfx_hilog_native:libhilog",
     "ipc:ipc_single",
   ]
-  if (token_sync_enable == true) {
-    cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
-  }
 }
 
 ohos_unittest("libhap_info_parcel_test") {
@@ -83,8 +72,6 @@ ohos_unittest("libhap_info_parcel_test") {
 
   sources = [ "unittest/src/hap_info_parcel_test.cpp" ]
 
-  cflags_cc = [ "-DHILOG_ENABLE" ]
-
   configs = [
     ":accesstoken_test_config",
     "//base/security/access_token/config:coverage_flags",
@@ -98,9 +85,6 @@ ohos_unittest("libhap_info_parcel_test") {
     "hiviewdfx_hilog_native:libhilog",
     "ipc:ipc_single",
   ]
-  if (token_sync_enable == true) {
-    cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
-  }
 }
 
 ohos_unittest("libhap_policy_parcel_test") {
@@ -110,8 +94,6 @@ ohos_unittest("libhap_policy_parcel_test") {
 
   sources = [ "unittest/src/hap_policy_parcel_test.cpp" ]
 
-  cflags_cc = [ "-DHILOG_ENABLE" ]
-
   configs = [
     ":accesstoken_test_config",
     "//base/security/access_token/config:coverage_flags",
@@ -125,9 +107,6 @@ ohos_unittest("libhap_policy_parcel_test") {
     "hiviewdfx_hilog_native:libhilog",
     "ipc:ipc_single",
   ]
-  if (token_sync_enable == true) {
-    cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
-  }
 }
 group("unittest") {
   testonly = true
-- 
Gitee


From 29678131d64e71bf4e9e7374c21efaece605d3bb Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 06:38:44 +0000
Subject: [PATCH 13/51] update frameworks/accesstoken/test/BUILD.gn.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 frameworks/accesstoken/test/BUILD.gn | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/frameworks/accesstoken/test/BUILD.gn b/frameworks/accesstoken/test/BUILD.gn
index c6bf4a1db..ae8260e81 100644
--- a/frameworks/accesstoken/test/BUILD.gn
+++ b/frameworks/accesstoken/test/BUILD.gn
@@ -60,7 +60,6 @@ ohos_unittest("libpermission_state_change_scope_parcel_test") {
   external_deps = [
     "c_utils:utils",
     "dsoftbus:softbus_client",
-    "hiviewdfx_hilog_native:libhilog",
     "ipc:ipc_single",
   ]
 }
@@ -82,7 +81,6 @@ ohos_unittest("libhap_info_parcel_test") {
   external_deps = [
     "c_utils:utils",
     "dsoftbus:softbus_client",
-    "hiviewdfx_hilog_native:libhilog",
     "ipc:ipc_single",
   ]
 }
@@ -104,7 +102,6 @@ ohos_unittest("libhap_policy_parcel_test") {
   external_deps = [
     "c_utils:utils",
     "dsoftbus:softbus_client",
-    "hiviewdfx_hilog_native:libhilog",
     "ipc:ipc_single",
   ]
 }
-- 
Gitee


From 6f296275972cb3403f0f8d6d2dd7b440e9156ac0 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 07:27:20 +0000
Subject: [PATCH 14/51] update
 frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 .../accesstoken/test/unittest/src/hap_policy_parcel_test.cpp   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
index f15dfbfc3..6e8bc44c9 100644
--- a/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
+++ b/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
@@ -79,7 +79,8 @@ HWTEST_F(HapPolicyParcelTest, HapPolicyParcel001, TestSize.Level1)
 
     EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.apl, readedData->hapPolicyParameter.apl);
     EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.domain == readedData->hapPolicyParameter.domain);
-    EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList.size() != 0);
+    EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList.size() == readedData->hapPolicyParameter.permStateList.size());
+
     for(int32_t i = 0; i < hapPolicyParcel.hapPolicyParameter.permStateList.size(); i++) {
         EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList[i].permissionName == readedData->hapPolicyParameter.permStateList[i].permissionName);
         EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].isGeneral, readedData->hapPolicyParameter.permStateList[i].isGeneral);
-- 
Gitee


From 5f6ddd712d9ff47bb8db739f115053f6a554c637 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 07:28:11 +0000
Subject: [PATCH 15/51] update
 frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 .../src/permission_state_change_scope_parcel_test.cpp         | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
index 5940a359e..27c98bab7 100644
--- a/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
+++ b/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
@@ -59,8 +59,8 @@ HWTEST_F(PermStateChangeScopeParcelTest, PermStateChangeScopeParcel001, TestSize
     std::shared_ptr<PermStateChangeScopeParcel> readedData(PermStateChangeScopeParcel::Unmarshalling(parcel));
     EXPECT_EQ(true, readedData != nullptr);
     
-    EXPECT_EQ(true,  readedData->scope.tokenIDs.size() != 0);
-    EXPECT_EQ(true,  readedData->scope.permList.size() != 0);
+    EXPECT_EQ(true,  readedData->scope.tokenIDs.size() == readedData->scope.tokenIDs.size());
+    EXPECT_EQ(true,  readedData->scope.permList.size() == readedData->scope.permList.size());
 
     for(int32_t i = 0; i < readedData->scope.tokenIDs.size(); i++) {
         EXPECT_EQ(permStateChangeScopeParcel.scope.tokenIDs[i], readedData->scope.tokenIDs[i]);
-- 
Gitee


From 63fbb6f0cc4f2e59cdd283e27cc411ce8ce58382 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Wed, 14 Sep 2022 07:28:51 +0000
Subject: [PATCH 16/51] update
 frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 .../src/permission_state_change_scope_parcel_test.cpp         | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
index 27c98bab7..f4f812a76 100644
--- a/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
+++ b/frameworks/accesstoken/test/unittest/src/permission_state_change_scope_parcel_test.cpp
@@ -59,8 +59,8 @@ HWTEST_F(PermStateChangeScopeParcelTest, PermStateChangeScopeParcel001, TestSize
     std::shared_ptr<PermStateChangeScopeParcel> readedData(PermStateChangeScopeParcel::Unmarshalling(parcel));
     EXPECT_EQ(true, readedData != nullptr);
     
-    EXPECT_EQ(true,  readedData->scope.tokenIDs.size() == readedData->scope.tokenIDs.size());
-    EXPECT_EQ(true,  readedData->scope.permList.size() == readedData->scope.permList.size());
+    EXPECT_EQ(true,  permStateChangeScopeParcel.scope.tokenIDs.size() == readedData->scope.tokenIDs.size());
+    EXPECT_EQ(true,  permStateChangeScopeParcel.scope.permList.size() == readedData->scope.permList.size());
 
     for(int32_t i = 0; i < readedData->scope.tokenIDs.size(); i++) {
         EXPECT_EQ(permStateChangeScopeParcel.scope.tokenIDs[i], readedData->scope.tokenIDs[i]);
-- 
Gitee


From 4dbd85c1c6d4703dc48b5f93f319ad99f7ca4461 Mon Sep 17 00:00:00 2001
From: cc_ggboy <chenweimin8@huawei.com>
Date: Wed, 14 Sep 2022 15:36:33 +0800
Subject: [PATCH 17/51] =?UTF-8?q?TDD=E4=BF=AE=E5=A4=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: cc_ggboy <chenweimin8@huawei.com>
---
 .../token_sync_service_test.cpp               | 50 -------------------
 1 file changed, 50 deletions(-)

diff --git a/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp b/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp
index 3517a2721..3cc859af7 100644
--- a/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp
+++ b/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp
@@ -406,56 +406,6 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo007, TestSize.Level1)
     ASSERT_EQ(mapID, (AccessTokenID)0);
 }
 
-/**
- * @tc.name: GetRemoteHapTokenInfo008
- * @tc.desc: test remote hap recv func, tokenID is not exist
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5 AR000GK6T9
- */
-HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo008, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "GetRemoteHapTokenInfo008 start.");
-    // create local token
-    AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
-                                                          g_infoManagerTestInfoParms.bundleName,
-                                                          g_infoManagerTestInfoParms.instIndex);
-    AccessTokenKit::DeleteToken(tokenID);
-
-    // tokenID is not exist
-    std::string jsonBefore =
-        "{\"commandName\":\"SyncRemoteHapTokenCommand\",\"id\":\"0065e65f-\",\"jsonPayload\":"
-        "\"{\\\"HapTokenInfo\\\":{\\\"apl\\\":1,\\\"appID\\\":\\\"\\\",\\\"bundleName\\\":\\\"\\\","
-        "\\\"deviceID\\\":\\\"\\\",\\\"instIndex\\\":0,\\\"permState\\\":null,\\\"tokenAttr\\\":0,"
-        "\\\"tokenID\\\":0,\\\"userID\\\":0,\\\"version\\\":1},\\\"commandName\\\":\\\"SyncRemoteHapTokenCommand\\\","
-        "\\\"dstDeviceId\\\":\\\"local:udid-001\\\",\\\"dstDeviceLevel\\\":\\\"\\\",\\\"message\\\":\\\"success\\\","
-        "\\\"requestTokenId\\\":";
-    std::string tokenJsonStr = std::to_string(tokenID);
-    std::string jsonAfter = ",\\\"requestVersion\\\":2,\\\"responseDeviceId\\\":\\\"\\\",\\\"responseVersion\\\":2,"
-        "\\\"srcDeviceId\\\":\\\"deviceid-1:udid-001\\\",\\\"srcDeviceLevel\\\":\\\"\\\",\\\"statusCode\\\":100001,"
-        "\\\"uniqueId\\\":\\\"SyncRemoteHapTokenCommand\\\"}\",\"type\":\"request\"}";
-
-    // create recv message
-    std::string recvJson = jsonBefore + tokenJsonStr + jsonAfter;
-    unsigned char *recvBuffer = (unsigned char *)malloc(0x1000);
-    int recvLen = 0x1000;
-    CompressMock(recvJson, recvBuffer, recvLen);
-
-    ResetSendMessFlagMock();
-    g_ptrDeviceStateCallback->OnDeviceOnline(g_devInfo);
-    SoftBusSessionListener::OnBytesReceived(1, recvBuffer, recvLen);
-
-    int count = 0;
-    while (!GetSendMessFlagMock() && count < 10) {
-        sleep(1);
-        count ++;
-    }
-    free(recvBuffer);
-
-    ResetSendMessFlagMock();
-    std::string uuidMessage = GetUuidMock();
-    ASSERT_EQ(uuidMessage, "0065e65f-");
-}
-
 /**
  * @tc.name: SyncNativeTokens001
  * @tc.desc: when device is online, sync remote nativetokens which have dcap
-- 
Gitee


From e2d9a04b43907737522bcb51186d7f75802de515 Mon Sep 17 00:00:00 2001
From: liushuling <liushuling1@huawei.com>
Date: Thu, 15 Sep 2022 10:29:07 +0800
Subject: [PATCH 18/51] add UT test

Signed-off-by: liushuling <liushuling1@huawei.com>
---
 BUILD.gn                                      |   1 +
 services/common/database/test/BUILD.gn        |  50 +++++
 .../test/unittest/src/generic_values_test.cpp | 175 ++++++++++++++++++
 3 files changed, 226 insertions(+)
 create mode 100644 services/common/database/test/BUILD.gn
 create mode 100644 services/common/database/test/unittest/src/generic_values_test.cpp

diff --git a/BUILD.gn b/BUILD.gn
index 2a2972062..9bb4e5844 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -26,6 +26,7 @@ group("accesstoken_build_module_test") {
       "//base/security/access_token/interfaces/innerkits/token_callback/test:unittest",
       "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest",
       "//base/security/access_token/services/accesstokenmanager/test:unittest",
+      "//base/security/access_token/services/common/database/test:unittest",
     ]
   }
   if (token_sync_enable == true) {
diff --git a/services/common/database/test/BUILD.gn b/services/common/database/test/BUILD.gn
new file mode 100644
index 000000000..3727a3445
--- /dev/null
+++ b/services/common/database/test/BUILD.gn
@@ -0,0 +1,50 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/test.gni")
+
+ohos_unittest("libdatabase_values_test") {
+  subsystem_name = "security"
+  part_name = "access_token"
+  module_out_path = part_name + "/" + part_name
+
+  include_dirs = [
+    "//commonlibrary/c_utils/base/include",
+    "//third_party/googletest/include",
+    "//base/security/access_token/services/common/database/include",
+    "//base/security/access_token/frameworks/common/include",
+    "//base/security/access_token/services/accesstokenmanager/main/cpp/include/database",
+  ]
+
+  sources = [ "unittest/src/generic_values_test.cpp" ]
+
+  cflags_cc = [ "-DHILOG_ENABLE" ]
+
+  configs = [ "//base/security/access_token/config:coverage_flags" ]
+
+  deps = [
+    "//base/security/access_token/services/common/database:accesstoken_database_cxx",
+    "//third_party/sqlite:sqlite",
+    "//base/security/access_token/services/accesstokenmanager:accesstoken_manager_service",
+  ]
+
+  external_deps = [
+    "c_utils:utils",
+    "hiviewdfx_hilog_native:libhilog",
+  ]
+}
+
+group("unittest") {
+  testonly = true
+  deps = [ ":libdatabase_values_test" ]
+}
diff --git a/services/common/database/test/unittest/src/generic_values_test.cpp b/services/common/database/test/unittest/src/generic_values_test.cpp
new file mode 100644
index 000000000..777a23721
--- /dev/null
+++ b/services/common/database/test/unittest/src/generic_values_test.cpp
@@ -0,0 +1,175 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gtest/gtest.h>
+#include <memory>
+#include <string>
+#include "sqlite_storage.h"
+#include "generic_values.h"
+#include "variant_value.h"
+
+using namespace testing::ext;
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+static constexpr int32_t GET_INT64_TRUE_VALUE = -1;
+static constexpr int32_t ROLLBACK_TRANSACTION_RESULT_ABNORMAL = -1;
+static constexpr int32_t EXECUTESQL_RESULT_ABNORMAL = -1;
+static const int32_t DEFAULT_VALUE = -1;
+} // namespace
+class DatabaseTest : public testing::Test {
+public:
+    static void SetUpTestCase(void);
+    static void TearDownTestCase(void);
+    void SetUp();
+    void TearDown();
+};
+
+void DatabaseTest::SetUpTestCase(void)
+{}
+void DatabaseTest::TearDownTestCase(void)
+{}
+void DatabaseTest::SetUp(void)
+{}
+void DatabaseTest::TearDown(void)
+{}
+
+/**
+ * @tc.name: PutInt64001
+ * @tc.desc: Verify the GenericValues put and get int64 value function.
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(DatabaseTest, PutInt64001, TestSize.Level1)
+{
+    GenericValues outGenericValues;
+    std::string key = "databasetest";
+    int64_t data = 1;
+    outGenericValues.Put(key, data);
+    int64_t outdata = outGenericValues.GetInt64(key);
+    EXPECT_EQ(outdata, data);
+    outGenericValues.Remove(key);
+    outdata = outGenericValues.GetInt64(key);
+    EXPECT_EQ(GET_INT64_TRUE_VALUE, outdata);
+}
+
+/**
+ * @tc.name: RollbackTransaction001
+ * @tc.desc: RollbackTransaction001 Abnormal branch res != SQLITE_OK
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(DatabaseTest, RollbackTransaction001, TestSize.Level1)
+{
+    int32_t result = SqliteStorage::GetInstance().RollbackTransaction();
+    EXPECT_EQ(result, ROLLBACK_TRANSACTION_RESULT_ABNORMAL);
+}
+
+/**
+ * @tc.name: RollbackTransaction002
+ * @tc.desc: RollbackTransaction002 Abnormal branch db_ = nullptr
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(DatabaseTest, RollbackTransaction002, TestSize.Level1)
+{
+    SqliteStorage::GetInstance().Close();
+    EXPECT_EQ(SqliteStorage::GetInstance().RollbackTransaction(), ROLLBACK_TRANSACTION_RESULT_ABNORMAL);
+}
+
+/**
+ * @tc.name: ExecuteSql001
+ * @tc.desc: ExecuteSql001 Abnormal branch res != SQLITE_OK
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(DatabaseTest, ExecuteSql001, TestSize.Level1)
+{
+    std::string testSql = "test";
+    EXPECT_EQ(SqliteStorage::GetInstance().ExecuteSql(testSql), EXECUTESQL_RESULT_ABNORMAL);
+}
+
+/**
+ * @tc.name: ExecuteSql002
+ * @tc.desc: ExecuteSql002 Abnormal branch db_ = nullptr
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(DatabaseTest, ExecuteSql002, TestSize.Level1)
+{
+    std::string testSql = "test";
+    SqliteStorage::GetInstance().Close();
+    EXPECT_EQ(SqliteStorage::GetInstance().ExecuteSql(testSql), EXECUTESQL_RESULT_ABNORMAL);
+}
+
+/**
+ * @tc.name: SpitError001
+ * @tc.desc: SpitError001 Abnormal branch db_ = nullptr
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(DatabaseTest, SpitError001, TestSize.Level1)
+{
+    SqliteStorage::GetInstance().Close();
+    std::string result = SqliteStorage::GetInstance().SpitError().c_str();
+    EXPECT_EQ(result.empty(), true);
+}
+
+/**
+ * @tc.name: SpitError002
+ * @tc.desc: SpitError002 use SpitError
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(DatabaseTest, SpitError002, TestSize.Level1)
+{
+    SqliteStorage::GetInstance().Open();
+    std::string result = SqliteStorage::GetInstance().SpitError().c_str();
+    EXPECT_EQ(result.length() > 0, true);
+}
+
+/**
+ * @tc.name: VariantValue64001
+ * @tc.desc: VariantValue64001 use VariantValue
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(DatabaseTest, VariantValue64001, TestSize.Level1)
+{
+    int64_t testValue = 1;
+    VariantValue Test(testValue);
+    EXPECT_EQ(Test.GetInt64(), testValue);
+}
+
+/**
+ * @tc.name: VariantValue64002
+ * @tc.desc: VariantValue64002 getint and getint64 Abnormal branch
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(DatabaseTest, VariantValue64002, TestSize.Level1)
+{
+    int32_t ntestValue = 1;
+    VariantValue Ntest(ntestValue);
+    EXPECT_EQ(DEFAULT_VALUE, Ntest.GetInt64());
+    int64_t testValue = 1;
+    VariantValue Test(testValue);
+    EXPECT_EQ(DEFAULT_VALUE, Test.GetInt());
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
\ No newline at end of file
-- 
Gitee


From aed4f61744724ccee95b88827526112f37c0112d Mon Sep 17 00:00:00 2001
From: liushuling <liushuling1@huawei.com>
Date: Thu, 15 Sep 2022 10:32:48 +0800
Subject: [PATCH 19/51] add UT test

Signed-off-by: liushuling <liushuling1@huawei.com>
---
 services/common/database/test/BUILD.gn | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/services/common/database/test/BUILD.gn b/services/common/database/test/BUILD.gn
index 3727a3445..7125ad43a 100644
--- a/services/common/database/test/BUILD.gn
+++ b/services/common/database/test/BUILD.gn
@@ -28,14 +28,12 @@ ohos_unittest("libdatabase_values_test") {
 
   sources = [ "unittest/src/generic_values_test.cpp" ]
 
-  cflags_cc = [ "-DHILOG_ENABLE" ]
-
   configs = [ "//base/security/access_token/config:coverage_flags" ]
 
   deps = [
+    "//base/security/access_token/services/accesstokenmanager:accesstoken_manager_service",
     "//base/security/access_token/services/common/database:accesstoken_database_cxx",
     "//third_party/sqlite:sqlite",
-    "//base/security/access_token/services/accesstokenmanager:accesstoken_manager_service",
   ]
 
   external_deps = [
-- 
Gitee


From 9cac9077122826568b041ca0ee1c0c6f7849d416 Mon Sep 17 00:00:00 2001
From: lsq <linshuqing2@huawei.com>
Date: Thu, 15 Sep 2022 11:19:37 +0800
Subject: [PATCH 20/51] =?UTF-8?q?=E6=A3=80=E8=A7=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: lsq <linshuqing2@huawei.com>
Change-Id: I3367482a954b644f5c4d8a2ca8ef473d9bf7197d
---
 .../accesstoken/include/accesstoken_kit.h     |  2 +-
 .../accesstoken/napi/src/napi_atmanager.cpp   | 22 +++++++++----------
 2 files changed, 11 insertions(+), 13 deletions(-)

diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
index 640a694e6..316c3221e 100644
--- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
+++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
@@ -61,9 +61,9 @@ public:
     static int32_t RegisterPermStateChangeCallback(
         const std::shared_ptr<PermStateChangeCallbackCustomize>& callback);
     static int32_t UnRegisterPermStateChangeCallback(const std::shared_ptr<PermStateChangeCallbackCustomize>& callback);
+    static int32_t GetVersion(void);
     static int32_t GetHapDlpFlag(AccessTokenID tokenID);
     static int32_t ReloadNativeTokenInfo();
-    static int32_t GetVersion(void);
 
 #ifdef TOKEN_SYNC_ENABLE
     static int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync);
diff --git a/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp b/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp
index 1bf506854..b88c10015 100644
--- a/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp
+++ b/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp
@@ -484,23 +484,21 @@ napi_value NapiAtManager::GetVersion(napi_env env, napi_callback_info info)
         ACCESSTOKEN_LOG_ERROR(LABEL, "new struct fail.");
         return nullptr;
     }
+    std::unique_ptr<AtManagerAsyncContext> context {asyncContext};
     asyncContext->result = AT_PERM_OPERA_FAIL;
 
     napi_value result = nullptr;
-
-    napi_create_promise(env, &(asyncContext->deferred), &result);
+    NAPI_CALL(env, napi_create_promise(env, &(asyncContext->deferred), &result));
 
     napi_value resource = nullptr;
-    napi_create_string_utf8(env, "GetVersion", NAPI_AUTO_LENGTH, &resource);
-
-    napi_create_async_work(
-        env, nullptr, resource, GetVersionExecute, GetVersionComplete,
-        reinterpret_cast<void *>(asyncContext), &(asyncContext->work));
+    NAPI_CALL(env, napi_create_string_utf8(env, "GetVersion", NAPI_AUTO_LENGTH, &resource));
 
-    napi_queue_async_work(env, asyncContext->work); // add async work handle to the napi queue and wait for result
+    NAPI_CALL(env, napi_create_async_work(env, nullptr, resource, GetVersionExecute, GetVersionComplete,
+        reinterpret_cast<void *>(asyncContext), &(asyncContext->work)));
+    NAPI_CALL(env, napi_queue_async_work(env, asyncContext->work));
 
+    context.release();
     ACCESSTOKEN_LOG_DEBUG(LABEL, "GetVersion end.");
-
     return result;
 }
 
@@ -518,10 +516,10 @@ void NapiAtManager::GetVersionComplete(napi_env env, napi_status status, void *d
 
     ACCESSTOKEN_LOG_DEBUG(LABEL, "version result = %{public}d.", asyncContext->result);
 
-    napi_create_int32(env, asyncContext->result, &result);
-    napi_resolve_deferred(env, asyncContext->deferred, result);
+    NAPI_CALL_RETURN_VOID(env, napi_create_int32(env, asyncContext->result, &result));
+    NAPI_CALL_RETURN_VOID(env, napi_resolve_deferred(env, asyncContext->deferred, result));
 
-    napi_delete_async_work(env, asyncContext->work);
+    NAPI_CALL_RETURN_VOID(env, napi_delete_async_work(env, asyncContext->work));
     delete asyncContext;
 }
 
-- 
Gitee


From c44822c837216dc75f6b6ebd1c2e511956d6f4ee Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Thu, 15 Sep 2022 15:15:49 +0800
Subject: [PATCH 21/51] Signed-off-by: y1585740638 <yulei99@huawei.com>
 Change-Id: I0b855b59cda4addc24d8522865706a7ff6281913

---
 .../test/unittest/src/privacy_kit_test.cpp       | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
index bfc684e18..905ea5ed1 100644
--- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
+++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
@@ -931,6 +931,22 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback007, TestSize.Level1)
     ASSERT_EQ(RET_ERROR, res);
 }
 
+/**
+ * @tc.name: IsAllowedUsingPermission001
+ * @tc.desc: IsAllowedUsingPermission with invalid tokenId or permission.
+ * @tc.type: FUNC
+ * @tc.require: issueI5NT1X
+ */
+
+HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission001, TestSize.Level1)
+{
+    std::string permissionName = "ohos.permission.CAMERA";
+    bool ret = PrivacyKit::IsAllowedUsingPermission(g_TokenId_E, permissionName);
+    ASSERT_EQ(false, ret);
+    ret = PrivacyKit::IsAllowedUsingPermission(0, permissionName);
+    ASSERT_EQ(false, ret);
+}
+
 /**
  * @tc.name: StartUsingPermission001
  * @tc.desc: StartUsingPermission with invalid tokenId or permission.
-- 
Gitee


From 254cf3e74e94f0620cd5849b3407668caa27c09e Mon Sep 17 00:00:00 2001
From: lsq <linshuqing2@huawei.com>
Date: Thu, 15 Sep 2022 12:49:59 +0800
Subject: [PATCH 22/51] =?UTF-8?q?=E6=A3=80=E8=A7=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: lsq <linshuqing2@huawei.com>
Change-Id: Ie75e312427643d03de9069e540e3649e47cbdc7a
---
 .../unittest/src/remote_token_kit_test.cpp    | 55 +++++++++++--------
 .../test/unittest/src/remote_token_kit_test.h | 19 +------
 2 files changed, 32 insertions(+), 42 deletions(-)

diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
index 4433d1a7b..30df69b07 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
@@ -17,10 +17,10 @@
 #include <thread>
 
 #include "accesstoken_kit.h"
-#include "nativetoken_kit.h"
 #include "accesstoken_log.h"
-#include "token_setproc.h"
+#include "nativetoken_kit.h"
 #include "softbus_bus_center.h"
+#include "token_setproc.h"
 
 using namespace testing::ext;
 using namespace OHOS::Security::AccessToken;
@@ -28,6 +28,13 @@ using namespace OHOS::Security::AccessToken;
 namespace {
 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "RemoteTokenKitTest"};
 
+static const std::string TEST_BUNDLE_NAME = "ohos";
+static const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA";
+static const std::string TEST_PERMISSION_NAME_BETA = "ohos.permission.BETA";
+static const std::string TEST_PERMISSION_NAME_GAMMA = "ohos.permission.GAMMA";
+static const std::string TEST_PKG_NAME = "com.softbus.test";
+static const int TEST_USER_ID = 0;
+
 PermissionStateFull g_grantPermissionReq = {
     .permissionName = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS",
     .isGeneral = true,
@@ -127,7 +134,7 @@ void NativeTokenGet()
 
     infoInstance.processName = "SetUpTestCase";
     tokenId = GetAccessTokenId(&infoInstance);
-    ASSERT_NE(tokenId, 0);
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetUpTestCase tokenId is %{public}llu", tokenId);
     SetSelfTokenID(tokenId);
     AccessTokenKit::ReloadNativeTokenInfo();
     delete[] perms;
@@ -211,7 +218,7 @@ void RemoteTokenKitTest::AllocTestToken() const
  * @tc.name: SetRemoteHapTokenInfo001
  * @tc.desc: set remote hap token info success
  * @tc.type: FUNC
- * @tc.require:AR000GK6T5
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo001, TestSize.Level1)
 {
@@ -276,7 +283,7 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo001, TestSize.Level1)
  * @tc.name: SetRemoteHapTokenInfo002
  * @tc.desc: set remote hap token info, token info is wrong
  * @tc.type: FUNC
- * @tc.require:AR000GK6T5
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo002, TestSize.Level1)
 {
@@ -346,7 +353,7 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo002, TestSize.Level1)
  * @tc.name: SetRemoteHapTokenInfo003
  * @tc.desc: set remote hap token wrong permission grant
  * @tc.type: FUNC
- * @tc.require:AR000GK6T5
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo003, TestSize.Level1)
 {
@@ -397,7 +404,7 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo003, TestSize.Level1)
  * @tc.name: SetRemoteHapTokenInfo004
  * @tc.desc: update remote hap token when remote exist
  * @tc.type: FUNC
- * @tc.require:AR000GK6T5
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo004, TestSize.Level1)
 {
@@ -455,7 +462,7 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo004, TestSize.Level1)
  * @tc.name: SetRemoteHapTokenInfo005
  * @tc.desc: add remote hap token, it can not grant by GrantPermission
  * @tc.type: FUNC
- * @tc.require:AR000GK6T5
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo005, TestSize.Level1)
 {
@@ -512,7 +519,7 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo005, TestSize.Level1)
  * @tc.name: SetRemoteHapTokenInfo006
  * @tc.desc: add remote hap token, it can not revoke by RevokePermission
  * @tc.type: FUNC
- * @tc.require:AR000GK6T5
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo006, TestSize.Level1)
 {
@@ -569,7 +576,7 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo006, TestSize.Level1)
  * @tc.name: SetRemoteHapTokenInfo007
  * @tc.desc: add remote hap token, it can not delete by DeleteToken
  * @tc.type: FUNC
- * @tc.require:AR000GK6T5
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo007, TestSize.Level1)
 {
@@ -620,7 +627,7 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo007, TestSize.Level1)
  * @tc.name: SetRemoteHapTokenInfo008
  * @tc.desc: add remote hap token, it can not update by UpdateHapToken
  * @tc.type: FUNC
- * @tc.require:AR000GK6T5
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo008, TestSize.Level1)
 {
@@ -674,7 +681,7 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo008, TestSize.Level1)
  * @tc.name: SetRemoteHapTokenInfo009
  * @tc.desc: add remote hap token, it can not clear by ClearUserGrantedPermissionState
  * @tc.type: FUNC
- * @tc.require:AR000GK6T5
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo009, TestSize.Level1)
 {
@@ -731,7 +738,7 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo009, TestSize.Level1)
  * @tc.name: SetRemoteHapTokenInfo010
  * @tc.desc: tokenID is not hap token
  * @tc.type: FUNC
- * @tc.require:AR000GK6T5
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo010, TestSize.Level1)
 {
@@ -771,7 +778,7 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo010, TestSize.Level1)
  * @tc.name: DeleteRemoteDeviceToken001
  * @tc.desc: delete exist device mapping tokenId
  * @tc.type: FUNC
- * @tc.require:AR000GK6TA
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceToken001, TestSize.Level1)
 {
@@ -825,7 +832,7 @@ HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceToken001, TestSize.Level1)
  * @tc.name: DeleteRemoteDeviceToken002
  * @tc.desc: delete exist device mapping tokenId
  * @tc.type: FUNC
- * @tc.require:AR000GK6TA
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceToken002, TestSize.Level1)
 {
@@ -882,7 +889,7 @@ HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceToken002, TestSize.Level1)
  * @tc.name: DeleteRemoteDeviceToken003
  * @tc.desc: delete exist device mapping tokenId
  * @tc.type: FUNC
- * @tc.require:AR000GK6TA
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceToken003, TestSize.Level1)
 {
@@ -898,7 +905,7 @@ HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceToken003, TestSize.Level1)
  * @tc.name: DeleteRemoteDeviceTokens001
  * @tc.desc: delete all mapping tokens of exist device
  * @tc.type: FUNC
- * @tc.require:AR000GK6TA
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceTokens001, TestSize.Level1)
 {
@@ -960,7 +967,7 @@ HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceTokens001, TestSize.Level1)
  * @tc.name: DeleteRemoteDeviceTokens002
  * @tc.desc: delete all mapping tokens of NOT exist device
  * @tc.type: FUNC
- * @tc.require:AR000GK6TA
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceTokens002, TestSize.Level1)
 {
@@ -1019,7 +1026,7 @@ HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceTokens002, TestSize.Level1)
  * @tc.name: GetHapTokenInfoFromRemote001
  * @tc.desc: get normal local tokenInfo
  * @tc.type: FUNC
- * @tc.require:AR000GK6TA
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
 {
@@ -1066,7 +1073,7 @@ HWTEST_F(RemoteTokenKitTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
  * @tc.name: GetHapTokenInfoFromRemote002
  * @tc.desc: get remote mapping tokenInfo
  * @tc.type: FUNC
- * @tc.require:AR000GK6TA
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, GetHapTokenInfoFromRemote002, TestSize.Level1)
 {
@@ -1116,7 +1123,7 @@ HWTEST_F(RemoteTokenKitTest, GetHapTokenInfoFromRemote002, TestSize.Level1)
  * @tc.name: GetHapTokenInfoFromRemote003
  * @tc.desc: get wrong tokenInfo
  * @tc.type: FUNC
- * @tc.require:AR000GK6TA
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, GetHapTokenInfoFromRemote003, TestSize.Level1)
 {
@@ -1130,7 +1137,7 @@ HWTEST_F(RemoteTokenKitTest, GetHapTokenInfoFromRemote003, TestSize.Level1)
  * @tc.name: AllocLocalTokenID001
  * @tc.desc: get already mapping tokenInfo, makesure ipc right
  * @tc.type: FUNC
- * @tc.require:AR000GK6T5
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, AllocLocalTokenID001, TestSize.Level1)
 {
@@ -1174,7 +1181,7 @@ HWTEST_F(RemoteTokenKitTest, AllocLocalTokenID001, TestSize.Level1)
  * @tc.name: GetAllNativeTokenInfo001
  * @tc.desc: get all native token with dcaps
  * @tc.type: FUNC
- * @tc.require:AR000GK6T6
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, GetAllNativeTokenInfo001, TestSize.Level1)
 {
@@ -1189,7 +1196,7 @@ HWTEST_F(RemoteTokenKitTest, GetAllNativeTokenInfo001, TestSize.Level1)
  * @tc.name: SetRemoteNativeTokenInfo001
  * @tc.desc: set already mapping tokenInfo
  * @tc.type: FUNC
- * @tc.require:AR000GK6T6
+ * @tc.require:issue I5R4UF
  */
 HWTEST_F(RemoteTokenKitTest, SetRemoteNativeTokenInfo001, TestSize.Level1)
 {
diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.h b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.h
index 4627dc16c..0c7a6921d 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.h
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -24,23 +24,6 @@
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-static const std::string TEST_BUNDLE_NAME = "ohos";
-static const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA";
-static const std::string TEST_PERMISSION_NAME_BETA = "ohos.permission.BETA";
-static const std::string TEST_PERMISSION_NAME_GAMMA = "ohos.permission.GAMMA";
-static const std::string TEST_PKG_NAME = "com.softbus.test";
-static const int TEST_USER_ID = 0;
-static const int TEST_USER_ID_INVALID = -1;
-static const unsigned int TEST_TOKENID_INVALID = 0;
-static const int INVALID_BUNDLENAME_LEN = 260;
-static const int INVALID_APPIDDESC_LEN = 10244;
-static const int INVALID_LABEL_LEN = 260;
-static const int INVALID_DESCRIPTION_LEN = 260;
-static const int INVALID_PERMNAME_LEN = 260;
-static const int CYCLE_TIMES = 100;
-static const int THREAD_NUM = 3;
-static const int INVALID_DCAP_LEN = 1025;
-static const int INVALID_DLP_TYPE = 4;
 class RemoteTokenKitTest : public testing::Test {
 public:
     static void SetUpTestCase();
-- 
Gitee


From 342c464b73a65f90d351e562b819397c36544f38 Mon Sep 17 00:00:00 2001
From: liushuling <liushuling1@huawei.com>
Date: Thu, 15 Sep 2022 20:09:22 +0800
Subject: [PATCH 23/51] add UT test

Signed-off-by: liushuling <liushuling1@huawei.com>
Change-Id: I3206d27954eecb37443998fc59d07c912261d8ef
---
 services/accesstokenmanager/test/BUILD.gn     |   4 +
 .../cpp/src/accesstoken_info_manager_test.cpp | 159 ++++++++++++++++++
 .../cpp/src/native_token_receptor_test.cpp    |  46 +++++
 3 files changed, 209 insertions(+)

diff --git a/services/accesstokenmanager/test/BUILD.gn b/services/accesstokenmanager/test/BUILD.gn
index 14a41d363..acbb43f0d 100644
--- a/services/accesstokenmanager/test/BUILD.gn
+++ b/services/accesstokenmanager/test/BUILD.gn
@@ -49,6 +49,10 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") {
 
   configs = [ "//base/security/access_token/config:coverage_flags" ]
 
+  if (token_sync_enable == true) {
+    cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
+  }
+
   deps = [
     "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken",
     "//base/security/access_token/services/accesstokenmanager/:accesstoken_manager_service",
diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
index fbe8f922a..89f6c28ac 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
@@ -227,6 +227,93 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level1)
     ASSERT_EQ(nullptr, tokenInfo);
 }
 
+/**
+ * @tc.name: IsTokenIdExist001
+ * @tc.desc: Verify the IsTokenIdExist exist accesstokenid.
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(AccessTokenInfoManagerTest, IsTokenIdExist001, TestSize.Level1)
+{
+    AccessTokenID testId = 1;
+    ASSERT_EQ(AccessTokenInfoManager::GetInstance().IsTokenIdExist(testId), false);
+}
+
+/**
+ * @tc.name: GetHapTokenInfo001
+ * @tc.desc: Verify the GetHapTokenInfo abnormal and normal branch.
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfo001, TestSize.Level1)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    int result;
+    HapTokenInfo hapInfo;
+    result = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapInfo);
+    ASSERT_EQ(result, RET_FAILED);
+
+    int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
+        g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "add a hap token";
+    result = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapInfo);
+    ASSERT_EQ(result, RET_SUCCESS);
+    ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "remove the token info";
+}
+
+/**
+ * @tc.name: GetHapTokenInfo001
+ * @tc.desc: Verify the GetHapTokenInfo abnormal and normal branch.
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(AccessTokenInfoManagerTest, GetHapPermissionPolicySet001, TestSize.Level1)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    std::shared_ptr<PermissionPolicySet> permPolicySet =
+        AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(permPolicySet, nullptr);
+
+    int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
+        g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "add a hap token";
+    permPolicySet = AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(permPolicySet != nullptr, true);
+    ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "remove the token info";
+}
+
+/**
+ * @tc.name: GetNativePermissionPolicySet001
+ * @tc.desc: Verify the GetNativePermissionPolicySet abnormal branch tokenID is invalid.
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(AccessTokenInfoManagerTest, GetNativePermissionPolicySet001, TestSize.Level1)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    std::shared_ptr<PermissionPolicySet> permPolicySet =
+        AccessTokenInfoManager::GetInstance().GetNativePermissionPolicySet(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(permPolicySet, nullptr);
+}
+
+/**
+ * @tc.name: RemoveHapTokenInfo001
+ * @tc.desc: Verify the RemoveHapTokenInfo abnormal branch tokenID type is not true.
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level1)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    ASSERT_EQ(AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID), RET_FAILED);
+}
+
 /**
  * @tc.name: CreateHapTokenInfo002
  * @tc.desc: Verify the CreateHapTokenInfo add one hap token twice function.
@@ -325,6 +412,78 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1)
     GTEST_LOG_(INFO) << "remove the token info";
 }
 
+/**
+ * @tc.name: UpdateHapToken002
+ * @tc.desc: Verify the UpdateHapToken token function abnormal branch.
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level1)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    HapPolicyParams policy = g_infoManagerTestPolicyPrams;
+    policy.apl = APL_SYSTEM_BASIC;
+    int ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(
+        tokenIdEx.tokenIdExStruct.tokenID, std::string(""), DEFAULT_API_VERSION, policy);
+    ASSERT_EQ(RET_FAILED, ret);
+
+    ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(
+        tokenIdEx.tokenIdExStruct.tokenID, std::string("updateAppId"), DEFAULT_API_VERSION, policy);
+    ASSERT_EQ(RET_FAILED, ret);
+
+}
+
+/**
+ * @tc.name: GetHapTokenSync001
+ * @tc.desc: Verify the GetHapTokenSync token function and abnormal branch.
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync001, TestSize.Level1)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    int result;
+    int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
+        g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "add a hap token";
+
+    HapTokenInfoForSync hapSync;
+    result = AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
+    ASSERT_EQ(result, RET_SUCCESS);
+
+    ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "remove the token info";
+
+    result = AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
+    ASSERT_EQ(result, RET_FAILED);
+}
+
+/**
+ * @tc.name: GetHapTokenInfoFromRemote001
+ * @tc.desc: Verify the GetHapTokenInfoFromRemote token function .
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    int result;
+    int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
+        g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "add a hap token";
+
+    HapTokenInfoForSync hapSync;
+    result =
+        AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
+    ASSERT_EQ(result, RET_SUCCESS);
+
+    ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "remove the token info";
+}
 #ifdef SUPPORT_SANDBOX_APP
 static void PrepareJsonData1()
 {
diff --git a/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
index 3ff81802e..ae5777a58 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
@@ -311,6 +311,52 @@ HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos001, TestSize.Level1)
     ASSERT_EQ(ret, RET_SUCCESS);
 }
 
+/**
+ * @tc.name: CheckNativeDCap001
+ * @tc.desc: Verify CheckNativeDCap normal and abnormal branch
+ * @tc.type: FUNC
+ * @tc.require: Issue Number
+ */
+HWTEST_F(NativeTokenReceptorTest, CheckNativeDCap001, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "test CheckNativeDCap001!");
+    
+    // test tokenInfo = nullptr
+    std::vector<std::shared_ptr<NativeTokenInfoInner>> tokenInfos;
+    AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos);
+
+    // test process one
+    NativeTokenInfo info = {.apl = APL_NORMAL,
+        .ver = 1,
+        .processName = "native_token_test0",
+        .tokenID = 0x28100000,
+        .tokenAttr = 0,
+        .dcap = {"AT_CAP", "ST_CAP"}};
+
+    std::vector<PermissionStateFull> permStateList = {};
+    std::shared_ptr<NativeTokenInfoInner> nativeToken = std::make_shared<NativeTokenInfoInner>(info, permStateList);
+    tokenInfos.emplace_back(nativeToken);
+    AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos);
+    NativeTokenInfo findInfo;
+    int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(info.tokenID, findInfo);
+    ASSERT_EQ(ret, RET_SUCCESS);
+    ASSERT_EQ(findInfo.apl, info.apl);
+    ASSERT_EQ(findInfo.ver, info.ver);
+    ASSERT_EQ(findInfo.processName, info.processName);
+    ASSERT_EQ(findInfo.tokenID, info.tokenID);
+    ASSERT_EQ(findInfo.tokenAttr, info.tokenAttr);
+    ASSERT_EQ(findInfo.dcap, info.dcap);
+
+    std::string dcap = "AT_CAP";
+    ASSERT_EQ(AccessTokenInfoManager::GetInstance().CheckNativeDCap(findInfo.tokenID, dcap), RET_SUCCESS);
+    std::string ndcap = "AT";
+    ASSERT_EQ(AccessTokenInfoManager::GetInstance().CheckNativeDCap(findInfo.tokenID, ndcap), RET_FAILED);
+    AccessTokenID testId = 1;
+    ASSERT_EQ(AccessTokenInfoManager::GetInstance().CheckNativeDCap(testId, dcap), RET_FAILED);
+    ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(info.tokenID);
+    ASSERT_EQ(ret, RET_SUCCESS);
+}
+
 /**
  * @tc.name: ProcessNativeTokenInfos002
  * @tc.desc: test add two native tokens.
-- 
Gitee


From 4798e37d944f6dfc603f7ddca3c8784185212bae Mon Sep 17 00:00:00 2001
From: liushuling <liushuling1@huawei.com>
Date: Thu, 15 Sep 2022 21:05:54 +0800
Subject: [PATCH 24/51] add UT test

Signed-off-by: liushuling <liushuling1@huawei.com>
Change-Id: Id046dcc3991236a536136adcd96e5e729450b9ac
---
 .../cpp/src/accesstoken_info_manager_test.cpp | 27 +++++++++----------
 .../cpp/src/native_token_receptor_test.cpp    |  1 +
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
index 89f6c28ac..680c1fed5 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
@@ -253,14 +253,14 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfo001, TestSize.Level1)
     result = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapInfo);
     ASSERT_EQ(result, RET_FAILED);
 
-    int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
+    result = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
         g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
-    ASSERT_EQ(RET_SUCCESS, ret);
+    ASSERT_EQ(RET_SUCCESS, result);
     GTEST_LOG_(INFO) << "add a hap token";
     result = AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, hapInfo);
     ASSERT_EQ(result, RET_SUCCESS);
-    ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
-    ASSERT_EQ(RET_SUCCESS, ret);
+    result = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(RET_SUCCESS, result);
     GTEST_LOG_(INFO) << "remove the token info";
 }
 
@@ -430,9 +430,8 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level1)
     ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(
         tokenIdEx.tokenIdExStruct.tokenID, std::string("updateAppId"), DEFAULT_API_VERSION, policy);
     ASSERT_EQ(RET_FAILED, ret);
-
 }
-
+#ifdef TOKEN_SYNC_ENABLE
 /**
  * @tc.name: GetHapTokenSync001
  * @tc.desc: Verify the GetHapTokenSync token function and abnormal branch.
@@ -443,17 +442,17 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync001, TestSize.Level1)
 {
     AccessTokenIDEx tokenIdEx = {0};
     int result;
-    int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
+    result = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
         g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
-    ASSERT_EQ(RET_SUCCESS, ret);
+    ASSERT_EQ(RET_SUCCESS, result);
     GTEST_LOG_(INFO) << "add a hap token";
 
     HapTokenInfoForSync hapSync;
     result = AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
     ASSERT_EQ(result, RET_SUCCESS);
 
-    ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
-    ASSERT_EQ(RET_SUCCESS, ret);
+    result = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(RET_SUCCESS, result);
     GTEST_LOG_(INFO) << "remove the token info";
 
     result = AccessTokenInfoManager::GetInstance().GetHapTokenSync(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
@@ -469,21 +468,21 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenSync001, TestSize.Level1)
 HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
 {
     AccessTokenIDEx tokenIdEx = {0};
-    int result;
     int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
         g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
     ASSERT_EQ(RET_SUCCESS, ret);
     GTEST_LOG_(INFO) << "add a hap token";
 
     HapTokenInfoForSync hapSync;
-    result =
-        AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
-    ASSERT_EQ(result, RET_SUCCESS);
+    ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
+    ASSERT_EQ(ret, RET_SUCCESS);
 
     ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
     ASSERT_EQ(RET_SUCCESS, ret);
     GTEST_LOG_(INFO) << "remove the token info";
 }
+#endif
+
 #ifdef SUPPORT_SANDBOX_APP
 static void PrepareJsonData1()
 {
diff --git a/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
index ae5777a58..041d821bf 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
@@ -323,6 +323,7 @@ HWTEST_F(NativeTokenReceptorTest, CheckNativeDCap001, TestSize.Level1)
     
     // test tokenInfo = nullptr
     std::vector<std::shared_ptr<NativeTokenInfoInner>> tokenInfos;
+    tokenInfos.emplace_back(nullptr);
     AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos);
 
     // test process one
-- 
Gitee


From a136c61db9beaa03193b136c924a92edf1a0e80d Mon Sep 17 00:00:00 2001
From: lsq <linshuqing2@huawei.com>
Date: Fri, 16 Sep 2022 09:22:05 +0800
Subject: [PATCH 25/51] Signed-off-by: lsq <linshuqing2@huawei.com> Change-Id:
 Ida90b484078cebfe6937c7b9f3106f246d83a728

---
 .../accesstoken/test/unittest/src/remote_token_kit_test.cpp     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
index 30df69b07..c556aa68c 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
@@ -134,7 +134,7 @@ void NativeTokenGet()
 
     infoInstance.processName = "SetUpTestCase";
     tokenId = GetAccessTokenId(&infoInstance);
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetUpTestCase tokenId is %{public}llu", tokenId);
+    ACCESSTOKEN_LOG_INFO(LABEL, "SetUpTestCase tokenId is %{public}d", static_cast<AccessTokenID>(tokenId));
     SetSelfTokenID(tokenId);
     AccessTokenKit::ReloadNativeTokenInfo();
     delete[] perms;
-- 
Gitee


From b788b9061ab41ce7c62bda9120c4ced8efd8aab9 Mon Sep 17 00:00:00 2001
From: lsq <linshuqing2@huawei.com>
Date: Sun, 18 Sep 2022 16:38:59 +0800
Subject: [PATCH 26/51] =?UTF-8?q?=E5=91=8A=E8=AD=A6=E4=BF=AE=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: lsq <linshuqing2@huawei.com>
Change-Id: I4bf6c17013c6d1d4e28452a635beb7fcf24d9c5d
Signed-off-by: lsq <linshuqing2@huawei.com>
---
 .../accesstoken/include/accesstoken_kit.h     |  2 +-
 .../accesstoken/src/accesstoken_kit.cpp       |  2 +-
 .../src/accesstoken_manager_client.cpp        |  2 +-
 .../src/accesstoken_manager_client.h          |  6 +--
 .../src/accesstoken_manager_proxy.h           |  4 +-
 .../src/permission_state_change_callback.h    |  2 +-
 .../innerkits/nativetoken/src/nativetoken.c   | 11 ++---
 .../cpp/src/callback/callback_manager.cpp     | 16 ++------
 .../permission_definition_cache.cpp           |  1 -
 .../cpp/src/permission/permission_manager.cpp | 19 ++++-----
 .../src/permission/permission_policy_set.cpp  | 40 ++++++++++---------
 .../service/accesstoken_manager_service.cpp   |  8 ++--
 .../accesstoken_remote_token_manager.cpp      |  8 ++--
 .../cpp/src/token/native_token_info_inner.cpp |  4 +-
 .../active/active_status_callback_manager.cpp |  8 +---
 .../src/record/permission_record_manager.cpp  | 15 +++----
 .../record/permission_used_record_cache.cpp   |  3 +-
 .../sensitive/sensitive_resource_manager.cpp  |  9 ++---
 .../src/device/device_info_repository.cpp     |  2 +-
 .../src/remote/remote_command_executor.cpp    |  5 +--
 .../src/remote/remote_command_manager.cpp     |  1 -
 .../src/service/token_sync_manager_stub.cpp   |  2 +-
 tools/accesstoken/src/atm_command.cpp         |  6 +--
 23 files changed, 79 insertions(+), 97 deletions(-)

diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
index 1d6bbd8e3..e623226e9 100644
--- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
+++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
@@ -71,7 +71,7 @@ public:
     static int GetAllNativeTokenInfo(std::vector<NativeTokenInfoForSync>& nativeTokenInfosRes);
     static int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync);
     static int SetRemoteNativeTokenInfo(const std::string& deviceID,
-        std::vector<NativeTokenInfoForSync>& nativeTokenInfoList);
+        const std::vector<NativeTokenInfoForSync>& nativeTokenInfoList);
     static int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID);
     static AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID);
     static int DeleteRemoteDeviceTokens(const std::string& deviceID);
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
index dc4f02bf3..04c0e9c8f 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
@@ -354,7 +354,7 @@ int AccessTokenKit::SetRemoteHapTokenInfo(const std::string& deviceID,
 }
 
 int AccessTokenKit::SetRemoteNativeTokenInfo(const std::string& deviceID,
-    std::vector<NativeTokenInfoForSync>& nativeTokenInfoList)
+    const std::vector<NativeTokenInfoForSync>& nativeTokenInfoList)
 {
     ACCESSTOKEN_LOG_DEBUG(LABEL, "called, deviceID=%{public}s", ConstantCommon::EncryptDevId(deviceID).c_str());
     return AccessTokenManagerClient::GetInstance().SetRemoteNativeTokenInfo(deviceID, nativeTokenInfoList);
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
index 4b2bbb3e4..9f0e9ce3a 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
@@ -429,7 +429,7 @@ int AccessTokenManagerClient::SetRemoteHapTokenInfo(const std::string& deviceID,
 }
 
 int AccessTokenManagerClient::SetRemoteNativeTokenInfo(const std::string& deviceID,
-    std::vector<NativeTokenInfoForSync>& nativeTokenInfoList)
+    const std::vector<NativeTokenInfoForSync>& nativeTokenInfoList)
 {
     auto proxy = GetProxy();
     if (proxy == nullptr) {
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
index 7d5a2d44f..514194be6 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
@@ -66,7 +66,7 @@ public:
     int32_t ReloadNativeTokenInfo();
     AccessTokenID GetNativeTokenId(const std::string& processName);
     int32_t RegisterPermStateChangeCallback(
-        const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCallback);
+        const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb);
     int32_t UnRegisterPermStateChangeCallback(
         const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb);
 
@@ -75,7 +75,7 @@ public:
     int GetAllNativeTokenInfo(std::vector<NativeTokenInfoForSync>& nativeTokenInfosRes);
     int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync);
     int SetRemoteNativeTokenInfo(const std::string& deviceID,
-        std::vector<NativeTokenInfoForSync>& nativeTokenInfoList);
+        const std::vector<NativeTokenInfoForSync>& nativeTokenInfoList);
     int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID);
     AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID);
     int DeleteRemoteDeviceTokens(const std::string& deviceID);
@@ -87,7 +87,7 @@ public:
 private:
     AccessTokenManagerClient();
     int32_t CreatePermStateChangeCallback(
-        const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCallback,
+        const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb,
         sptr<PermissionStateChangeCallback>& callback);
 
     DISALLOW_COPY_AND_MOVE(AccessTokenManagerClient);
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h
index a5b53e08c..3aa6de5e9 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h
@@ -48,7 +48,7 @@ public:
     int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) override;
     int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) override;
     int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) override;
-    PermissionOper GetSelfPermissionsState(std::vector<PermissionListStateParcel>& permList) override;
+    PermissionOper GetSelfPermissionsState(std::vector<PermissionListStateParcel>& permListParcel) override;
     int ClearUserGrantedPermissionState(AccessTokenID tokenID) override;
     int GetTokenType(AccessTokenID tokenID) override;
     int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) override;
@@ -57,7 +57,7 @@ public:
     AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) override;
     int DeleteToken(AccessTokenID tokenID) override;
     int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion,
-        const HapPolicyParcel& policyPar) override;
+        const HapPolicyParcel& policyParcel) override;
     int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) override;
     int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) override;
     int32_t ReloadNativeTokenInfo() override;
diff --git a/interfaces/innerkits/accesstoken/src/permission_state_change_callback.h b/interfaces/innerkits/accesstoken/src/permission_state_change_callback.h
index 8ee416fad..ce623cf32 100644
--- a/interfaces/innerkits/accesstoken/src/permission_state_change_callback.h
+++ b/interfaces/innerkits/accesstoken/src/permission_state_change_callback.h
@@ -26,7 +26,7 @@ namespace Security {
 namespace AccessToken {
 class PermissionStateChangeCallback : public PermissionStateChangeCallbackStub {
 public:
-    explicit PermissionStateChangeCallback(const std::shared_ptr<PermStateChangeCallbackCustomize>& scope);
+    explicit PermissionStateChangeCallback(const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCallback);
     ~PermissionStateChangeCallback() override;
 
     void PermStateChangeCallback(PermStateChangeInfo& result) override;
diff --git a/interfaces/innerkits/nativetoken/src/nativetoken.c b/interfaces/innerkits/nativetoken/src/nativetoken.c
index 3136a16e2..ae9cc4186 100644
--- a/interfaces/innerkits/nativetoken/src/nativetoken.c
+++ b/interfaces/innerkits/nativetoken/src/nativetoken.c
@@ -281,13 +281,11 @@ static NativeAtId CreateNativeTokenId(const char *processName)
 {
     uint32_t rand;
     NativeAtId tokenId;
-    int32_t ret;
     AtInnerInfo *innerId = (AtInnerInfo *)(&tokenId);
     int32_t retry = MAX_RETRY_TIMES;
 
     while (retry > 0) {
-        ret = GetRandomTokenId(&rand);
-        if (ret != ATRET_SUCCESS) {
+        if (GetRandomTokenId(&rand) != ATRET_SUCCESS) {
             return INVALID_TOKEN_ID;
         }
         if (IsTokenUniqueIdExist(rand & (TOKEN_RANDOM_MASK)) == 0) {
@@ -333,9 +331,6 @@ static int32_t GetAplLevel(const char *aplStr)
 
 static void WriteToFile(const cJSON *root)
 {
-    size_t strLen;
-    ssize_t writtenLen;
-
     char *jsonStr = NULL;
     jsonStr = cJSON_PrintUnformatted(root);
     if (jsonStr == NULL) {
@@ -350,8 +345,8 @@ static void WriteToFile(const cJSON *root)
             AT_LOG_ERROR("[ATLIB-%s]:open failed.", __func__);
             break;
         }
-        strLen = strlen(jsonStr);
-        writtenLen = write(fd, (void *)jsonStr, (size_t)strLen);
+        size_t strLen = strlen(jsonStr);
+        ssize_t writtenLen = write(fd, (void *)jsonStr, (size_t)strLen);
         close(fd);
         if (writtenLen < 0 || (size_t)writtenLen != strLen) {
             AT_LOG_ERROR("[ATLIB-%s]:write failed, writtenLen is %zu.", __func__, writtenLen);
diff --git a/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp b/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
index 208e9b73b..c77bc8caa 100644
--- a/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
+++ b/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
@@ -102,12 +102,8 @@ bool CallbackManager::CalledAccordingToTokenIdLlist(
     if (tokenIDList.empty()) {
         return true;
     }
-    for (const auto& id : tokenIDList) {
-        if (id == tokenID) {
-            return true;
-        }
-    }
-    return false;
+    return std::any_of(tokenIDList.begin(), tokenIDList.end(),
+        [tokenID](AccessTokenID id) { return id == tokenID; });
 }
 
 bool CallbackManager::CalledAccordingToPermLlist(const std::vector<std::string>& permList, const std::string& permName)
@@ -115,12 +111,8 @@ bool CallbackManager::CalledAccordingToPermLlist(const std::vector<std::string>&
     if (permList.empty()) {
         return true;
     }
-    for (const auto& perm : permList) {
-        if (perm == permName) {
-            return true;
-        }
-    }
-    return false;
+    return std::any_of(permList.begin(), permList.end(),
+        [permName](const std::string& perm) { return perm == permName; });
 }
 
 void CallbackManager::ExecuteCallbackAsync(AccessTokenID tokenID, const std::string& permName, int32_t changeType)
diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp
index 932c6515b..42a3ad1e2 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp
@@ -149,7 +149,6 @@ void PermissionDefinitionCache::GetDefPermissionsByTokenId(std::vector<Permissio
 
 int32_t PermissionDefinitionCache::RestorePermDefInfo(std::vector<GenericValues>& permDefRes)
 {
-    std::vector<PermissionDefData> permDataList;
     for (const GenericValues& defValue : permDefRes) {
         PermissionDef def;
         AccessTokenID tokenId = (AccessTokenID)defValue.GetInt(FIELD_TOKEN_ID);
diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
index 545e9dc8c..536d95bcc 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
@@ -234,16 +234,17 @@ void PermissionManager::GetSelfPermissionState(std::vector<PermissionStateFull>
         return;
     }
 
-    for (const auto& perm : permsList) {
-        if (perm.permissionName == permState.permissionName) {
-            ACCESSTOKEN_LOG_INFO(LABEL, "find goal permission: %{public}s, status: %{public}d, flag: %{public}d",
-                permState.permissionName.c_str(), perm.grantStatus[0], perm.grantFlags[0]);
-            foundGoal = true;
-            goalGrantStatus = perm.grantStatus[0];
-            goalGrantFlags = static_cast<uint32_t>(perm.grantFlags[0]);
-            break;
-        }
+    auto iter = std::find_if(permsList.begin(), permsList.end(), [permState](const PermissionStateFull& perm) {
+        return permState.permissionName == perm.permissionName;
+    });
+    if (iter != permsList.end()) {
+        ACCESSTOKEN_LOG_INFO(LABEL, "find goal permission: %{public}s, status: %{public}d, flag: %{public}d",
+            permState.permissionName.c_str(), iter->grantStatus[0], iter->grantFlags[0]);
+        foundGoal = true;
+        goalGrantStatus = iter->grantStatus[0];
+        goalGrantFlags = static_cast<uint32_t>(iter->grantFlags[0]);
     }
+
     if (foundGoal == false) {
         ACCESSTOKEN_LOG_WARN(LABEL,
             "can not find permission: %{public}s define!", permState.permissionName.c_str());
diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp
index c0b766dde..383f5de97 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp
@@ -61,12 +61,15 @@ void PermissionPolicySet::Update(const std::vector<PermissionStateFull>& permSta
     PermissionValidator::FilterInvalidPermissionState(permStateList, permStateFilterList);
 
     Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->permPolicySetLock_);
+
     for (PermissionStateFull& permStateNew : permStateFilterList) {
-        for (const PermissionStateFull& permStateOld : permStateList_) {
-            if (permStateNew.permissionName == permStateOld.permissionName) {
-                UpdatePermStateFull(permStateOld, permStateNew);
-                break;
-            }
+        auto iter = std::find_if(permStateList_.begin(), permStateList_.end(),
+            [permStateNew](const PermissionStateFull& permStateOld) {
+                return permStateNew.permissionName == permStateOld.permissionName;
+            });
+        if (iter != permStateList_.end()) {
+            UpdatePermStateFull(*iter, permStateNew);
+            break;
         }
     }
     permStateList_ = permStateFilterList;
@@ -186,19 +189,20 @@ bool PermissionPolicySet::UpdatePermissionStatus(const std::string& permissionNa
 
     bool ret = false;
     Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->permPolicySetLock_);
-    for (auto& perm : permStateList_) {
-        if (perm.permissionName == permissionName) {
-            if (perm.isGeneral) {
-                int32_t oldStatus = perm.grantStatus[0];
-                perm.grantStatus[0] = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED;
-                uint32_t currFlag = static_cast<uint32_t>(perm.grantFlags[0]);
-                uint32_t newFlag = flag | (currFlag & PERMISSION_GRANTED_BY_POLICY);
-                perm.grantFlags[0] = static_cast<int32_t>(newFlag);
-                ret = (oldStatus == perm.grantStatus[0]) ? false : true;
-            } else {
-                ACCESSTOKEN_LOG_WARN(LABEL, "perm isGeneral is false.");
-            }
-            break;
+    auto iter = std::find_if(permStateList_.begin(), permStateList_.end(),
+        [permissionName](const PermissionStateFull& permState) {
+            return permissionName == permState.permissionName;
+        });
+    if (iter != permStateList_.end()) {
+        if (iter->isGeneral) {
+            int32_t oldStatus = iter->grantStatus[0];
+            iter->grantStatus[0] = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED;
+            uint32_t currFlag = static_cast<uint32_t>(iter->grantFlags[0]);
+            uint32_t newFlag = flag | (currFlag & PERMISSION_GRANTED_BY_POLICY);
+            iter->grantFlags[0] = static_cast<int32_t>(newFlag);
+            ret = (oldStatus == iter->grantStatus[0]) ? false : true;
+        } else {
+            ACCESSTOKEN_LOG_WARN(LABEL, "perm isGeneral is false.");
         }
     }
 
diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
index f51a99ec3..597370070 100644
--- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
+++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
@@ -15,6 +15,7 @@
 
 #include "accesstoken_manager_service.h"
 
+#include <algorithm>
 #include <sys/types.h>
 #include <thread>
 #include <unistd.h>
@@ -372,10 +373,9 @@ int AccessTokenManagerService::SetRemoteNativeTokenInfo(const std::string& devic
     ACCESSTOKEN_LOG_INFO(LABEL, "called, deviceID: %{public}s", ConstantCommon::EncryptDevId(deviceID).c_str());
 
     std::vector<NativeTokenInfoForSync> nativeList;
-
-    for (const auto& nativeParcel : nativeTokenInfoForSyncParcel) {
-        nativeList.emplace_back(nativeParcel.nativeTokenInfoForSyncParams);
-    }
+    std::transform(nativeTokenInfoForSyncParcel.begin(),
+        nativeTokenInfoForSyncParcel.end(), std::back_inserter(nativeList),
+        [](const auto& nativeParcel) { return nativeParcel.nativeTokenInfoForSyncParams; });
 
     return AccessTokenInfoManager::GetInstance().SetRemoteNativeTokenInfo(deviceID, nativeList);
 }
diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_remote_token_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_remote_token_manager.cpp
index 1dc737bcd..828590b30 100644
--- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_remote_token_manager.cpp
+++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_remote_token_manager.cpp
@@ -100,9 +100,11 @@ int AccessTokenRemoteTokenManager::GetDeviceAllRemoteTokenID(const std::string&
         return RET_FAILED;
     }
 
-    for (const auto& mapEntry : remoteDeviceMap_[deviceID].MappingTokenIDPairMap_) {
-        remoteIDs.emplace_back(mapEntry.first);
-    }
+    std::transform(remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.begin(),
+        remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.end(),
+        std::back_inserter(remoteIDs), [](const auto& mapEntry) {
+            return mapEntry.first;
+        });
     return RET_SUCCESS;
 }
 
diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp
index 2ec3bc325..c41e277cf 100644
--- a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp
+++ b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp
@@ -155,9 +155,7 @@ int NativeTokenInfoInner::RestoreNativeTokenInfo(AccessTokenID tokenId, const Ge
     SetNativeAcls(inGenericValues.GetString(FIELD_NATIVE_ACLS));
     tokenInfoBasic_.tokenAttr = (uint32_t)inGenericValues.GetInt(FIELD_TOKEN_ATTR);
 
-    std::vector<GenericValues> permDefRes = {};
-    permPolicySet_ = PermissionPolicySet::RestorePermissionPolicy(tokenId,
-        permStateRes);
+    permPolicySet_ = PermissionPolicySet::RestorePermissionPolicy(tokenId, permStateRes);
     return RET_SUCCESS;
 }
 
diff --git a/services/privacymanager/src/active/active_status_callback_manager.cpp b/services/privacymanager/src/active/active_status_callback_manager.cpp
index 39bea09f6..6dc2f0daf 100644
--- a/services/privacymanager/src/active/active_status_callback_manager.cpp
+++ b/services/privacymanager/src/active/active_status_callback_manager.cpp
@@ -104,12 +104,8 @@ bool ActiveStatusCallbackManager::NeedCalled(const std::vector<std::string>& per
     if (permList.empty()) {
         return true;
     }
-    for (const auto& perm : permList) {
-        if (perm == permName) {
-            return true;
-        }
-    }
-    return false;
+    return std::any_of(permList.begin(), permList.end(),
+        [permName](const std::string& perm) { return perm == permName; });
 }
 
 void ActiveStatusCallbackManager::ExecuteCallbackAsync(
diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp
index b032f301a..e37cfff6e 100644
--- a/services/privacymanager/src/record/permission_record_manager.cpp
+++ b/services/privacymanager/src/record/permission_record_manager.cpp
@@ -15,6 +15,7 @@
 
 #include "permission_record_manager.h"
 
+#include <algorithm>
 #include <cinttypes>
 #include <numeric>
 
@@ -326,14 +327,14 @@ int32_t PermissionRecordManager::DeletePermissionRecord(int32_t days)
 bool PermissionRecordManager::HasStarted(const PermissionRecord& record)
 {
     Utils::UniqueWriteGuard<Utils::RWLock> lk(this->startRecordListRWLock_);
-    for (const auto& rec : startRecordList_) {
-        if ((rec.opCode == record.opCode) && (rec.tokenId == record.tokenId)) {
-            ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId(%{public}d), opCode(%{public}d) has been started.",
-                record.tokenId, record.opCode);
-            return true;
-        }
+    bool hasStarted = std::any_of(startRecordList_.begin(), startRecordList_.end(),
+        [record](const auto& rec) { return (rec.opCode == record.opCode) && (rec.tokenId == record.tokenId); });
+    if (hasStarted) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId(%{public}d), opCode(%{public}d) has been started.",
+            record.tokenId, record.opCode);
     }
-    return false;
+
+    return hasStarted;
 }
 
 void PermissionRecordManager::FindRecordsToUpdateAndExecuted(
diff --git a/services/privacymanager/src/record/permission_used_record_cache.cpp b/services/privacymanager/src/record/permission_used_record_cache.cpp
index 0908327e9..c3cd74e29 100644
--- a/services/privacymanager/src/record/permission_used_record_cache.cpp
+++ b/services/privacymanager/src/record/permission_used_record_cache.cpp
@@ -175,8 +175,9 @@ int32_t PermissionUsedRecordCache::RemoveRecords(const AccessTokenID tokenId)
     std::shared_ptr<PermissionUsedRecordNode> curFindDeletePos;
     std::shared_ptr<PermissionUsedRecordNode> persistPendingBufferHead;
     std::shared_ptr<PermissionUsedRecordNode> persistPendingBufferEnd = nullptr;
-    int32_t countPersistPendingNode = 0;
+
     {
+        int32_t countPersistPendingNode = 0;
         Utils::UniqueWriteGuard<Utils::RWLock> lock1(this->cacheLock1_);
         curFindDeletePos = recordBufferHead_->next;
         persistPendingBufferHead = recordBufferHead_;
diff --git a/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp b/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp
index b53b061ab..02dbcca4d 100644
--- a/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp
+++ b/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp
@@ -93,14 +93,11 @@ bool SensitiveResourceManager::GetAppStatus(const std::string& pkgName, int32_t&
     std::vector<AppExecFwk::AppStateData> foreGroundAppList;
     appMgrProxy->GetForegroundApplications(foreGroundAppList);
 
-    for (const auto& foreGroundApp : foreGroundAppList) {
-        if (foreGroundApp.bundleName == pkgName) {
+    status = PERM_ACTIVE_IN_BACKGROUND;
+    if (std::any_of(foreGroundAppList.begin(), foreGroundAppList.end(),
+        [pkgName](const auto& foreGroundApp) { return foreGroundApp.bundleName == pkgName; })) {
             status = PERM_ACTIVE_IN_FOREGROUND;
-            return true;
-        }
     }
-
-    status = PERM_ACTIVE_IN_BACKGROUND;
     return true;
 }
 
diff --git a/services/tokensyncmanager/src/device/device_info_repository.cpp b/services/tokensyncmanager/src/device/device_info_repository.cpp
index e3c652cf4..678d92d91 100644
--- a/services/tokensyncmanager/src/device/device_info_repository.cpp
+++ b/services/tokensyncmanager/src/device/device_info_repository.cpp
@@ -35,7 +35,7 @@ std::vector<DeviceInfo> DeviceInfoRepository::ListDeviceInfo()
     itEnd = deviceInfoMap_.end();
     while (it != itEnd) {
         deviceInfo.push_back(it->second);
-        it++;
+        ++it;
     }
     return deviceInfo;
 }
diff --git a/services/tokensyncmanager/src/remote/remote_command_executor.cpp b/services/tokensyncmanager/src/remote/remote_command_executor.cpp
index 7aa665804..f0d090a73 100644
--- a/services/tokensyncmanager/src/remote/remote_command_executor.cpp
+++ b/services/tokensyncmanager/src/remote/remote_command_executor.cpp
@@ -117,14 +117,13 @@ int RemoteCommandExecutor::AddCommand(const std::shared_ptr<BaseRemoteCommand>&
     std::unique_lock<std::recursive_mutex> lock(mutex_);
 
     // make sure do not have the same command in the command buffer
-    for (const auto& bufferedCommand : commands_) {
-        if (bufferedCommand->remoteProtocol_.uniqueId == uniqueId) {
+    if (std::any_of(commands_.begin(), commands_.end(),
+        [uniqueId](const auto& buffCommand) {return buffCommand->remoteProtocol_.uniqueId == uniqueId; })) {
             ACCESSTOKEN_LOG_WARN(LABEL,
                 "targetNodeId %{public}s, add uniqueId %{public}s, already exist in the buffer, skip",
                 targetNodeId_.c_str(),
                 uniqueId.c_str());
             return Constant::SUCCESS;
-        }
     }
 
     commands_.push_back(ptrCommand);
diff --git a/services/tokensyncmanager/src/remote/remote_command_manager.cpp b/services/tokensyncmanager/src/remote/remote_command_manager.cpp
index c9d41f27f..447448bde 100644
--- a/services/tokensyncmanager/src/remote/remote_command_manager.cpp
+++ b/services/tokensyncmanager/src/remote/remote_command_manager.cpp
@@ -56,7 +56,6 @@ int RemoteCommandManager::AddCommand(const std::string &udid, const std::shared_
         ACCESSTOKEN_LOG_WARN(LABEL, "invalid udid, or null command");
         return Constant::FAILURE;
     }
-    std::string uniqueId = command->remoteProtocol_.uniqueId;
     ACCESSTOKEN_LOG_INFO(LABEL, "add uniqueId");
 
     std::shared_ptr<RemoteCommandExecutor> executor = GetOrCreateRemoteCommandExecutor(udid);
diff --git a/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
index 85ca0d399..82aee9538 100644
--- a/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
+++ b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
@@ -79,7 +79,7 @@ void TokenSyncManagerStub::DeleteRemoteHapTokenInfoInner(MessageParcel& data, Me
         reply.WriteInt32(RET_FAILED);
         return;
     }
-    std::string deviceID = data.ReadString();
+
     AccessTokenID tokenID = data.ReadUint32();
     int result = this->DeleteRemoteHapTokenInfo(tokenID);
     reply.WriteInt32(result);
diff --git a/tools/accesstoken/src/atm_command.cpp b/tools/accesstoken/src/atm_command.cpp
index eedb40e98..3d80142ed 100644
--- a/tools/accesstoken/src/atm_command.cpp
+++ b/tools/accesstoken/src/atm_command.cpp
@@ -92,11 +92,10 @@ ErrCode AtmCommand::RunAsDumpCommand()
     OptType type = DEFAULT;
     uint32_t tokenId = 0;
     std::string permissionName = "";
-    int option = -1;
     int counter = 0;
     while (true) {
         counter++;
-        option = getopt_long(argc_, argv_, SHORT_OPTIONS_DUMP.c_str(), LONG_OPTIONS_DUMP, nullptr);
+        int32_t option = getopt_long(argc_, argv_, SHORT_OPTIONS_DUMP.c_str(), LONG_OPTIONS_DUMP, nullptr);
         if (optind < 0 || optind > argc_) {
             return ERR_INVALID_VALUE;
         }
@@ -130,11 +129,10 @@ ErrCode AtmCommand::RunAsPermCommand()
     OptType type = DEFAULT;
     uint32_t tokenId = 0;
     std::string permissionName = "";
-    int option = -1;
     int counter = 0;
     while (true) {
         counter++;
-        option = getopt_long(argc_, argv_, SHORT_OPTIONS_PERM.c_str(), LONG_OPTIONS_PERM, nullptr);
+        int32_t option = getopt_long(argc_, argv_, SHORT_OPTIONS_PERM.c_str(), LONG_OPTIONS_PERM, nullptr);
         if (optind < 0 || optind > argc_) {
             return ERR_INVALID_VALUE;
         }
-- 
Gitee


From 5123662754d37cb9322595a82d0fc4273364c609 Mon Sep 17 00:00:00 2001
From: zhouyan <zhouyan128@huawei.com>
Date: Mon, 19 Sep 2022 11:32:53 +0800
Subject: [PATCH 27/51] =?UTF-8?q?=E6=B7=BB=E5=8A=A0HapPolicyParcel?=
 =?UTF-8?q?=E4=B8=ADpermList=E7=9A=84=E5=88=86=E6=94=AF=E8=A6=86=E7=9B=96?=
 =?UTF-8?q?=E7=8E=87?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: zhouyan <zhouyan128@huawei.com>
Change-Id: I935957801d7b3fbcc6a12a06b2b681fadd5330d1
---
 .../unittest/src/hap_policy_parcel_test.cpp   | 102 +++++++++++++-----
 1 file changed, 77 insertions(+), 25 deletions(-)

diff --git a/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp b/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
index 6e8bc44c9..f232e6700 100644
--- a/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
+++ b/frameworks/accesstoken/test/unittest/src/hap_policy_parcel_test.cpp
@@ -30,6 +30,42 @@ namespace AccessToken {
 namespace {
 static const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA";
 static const std::string TEST_PERMISSION_NAME_BETA = "ohos.permission.BETA";
+
+PermissionDef g_permDefAlpha = {
+    .permissionName = TEST_PERMISSION_NAME_ALPHA,
+    .bundleName = "accesstoken_test",
+    .grantMode = 1,
+    .availableLevel = APL_NORMAL,
+    .label = "label",
+    .labelId = 1,
+    .description = "annoying",
+    .descriptionId = 1
+};
+PermissionDef g_permDefBeta = {
+    .permissionName = TEST_PERMISSION_NAME_BETA,
+    .bundleName = "accesstoken_test",
+    .grantMode = 1,
+    .availableLevel = APL_NORMAL,
+    .label = "label",
+    .labelId = 1,
+    .description = "so trouble",
+    .descriptionId = 1
+};
+
+PermissionStateFull g_permStatAlpha = {
+    .permissionName = TEST_PERMISSION_NAME_ALPHA,
+    .isGeneral = true,
+    .resDeviceID = {"device"},
+    .grantStatus = {PermissionState::PERMISSION_DENIED},
+    .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
+};
+PermissionStateFull g_permStatBeta = {
+    .permissionName = TEST_PERMISSION_NAME_BETA,
+    .isGeneral = true,
+    .resDeviceID = {"device"},
+    .grantStatus = {PermissionState::PERMISSION_GRANTED},
+    .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
+};
 }
 class HapPolicyParcelTest : public testing::Test  {
 public:
@@ -52,25 +88,15 @@ void HapPolicyParcelTest::TearDown(void) {}
  */
 HWTEST_F(HapPolicyParcelTest, HapPolicyParcel001, TestSize.Level1)
 {
-    PermissionStateFull permStatAlpha = {
-        .permissionName = TEST_PERMISSION_NAME_ALPHA,
-        .isGeneral = true,
-        .resDeviceID = {"device"},
-        .grantStatus = {PermissionState::PERMISSION_DENIED},
-        .grantFlags = {PermissionFlag::PERMISSION_USER_SET}
-    };
-    PermissionStateFull permStatBeta = {
-        .permissionName = TEST_PERMISSION_NAME_BETA,
-        .isGeneral = true,
-        .resDeviceID = {"device"},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}
-    };
     HapPolicyParcel hapPolicyParcel;
-    hapPolicyParcel.hapPolicyParameter.apl = ATokenAplEnum::APL_NORMAL; 
-    hapPolicyParcel.hapPolicyParameter.domain = "test.domain";   
-    hapPolicyParcel.hapPolicyParameter.permStateList.emplace_back(permStatAlpha);
-    hapPolicyParcel.hapPolicyParameter.permStateList.emplace_back(permStatBeta);
+
+    hapPolicyParcel.hapPolicyParameter.apl = ATokenAplEnum::APL_NORMAL;
+    hapPolicyParcel.hapPolicyParameter.domain = "test.domain";
+    hapPolicyParcel.hapPolicyParameter.permList.emplace_back(g_permDefAlpha);
+    hapPolicyParcel.hapPolicyParameter.permList.emplace_back(g_permDefBeta);
+    hapPolicyParcel.hapPolicyParameter.permStateList.emplace_back(g_permStatAlpha);
+    hapPolicyParcel.hapPolicyParameter.permStateList.emplace_back(g_permStatBeta);
+
     Parcel parcel;
     EXPECT_EQ(true, hapPolicyParcel.Marshalling(parcel));
 
@@ -78,15 +104,41 @@ HWTEST_F(HapPolicyParcelTest, HapPolicyParcel001, TestSize.Level1)
     EXPECT_EQ(true, readedData != nullptr);
 
     EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.apl, readedData->hapPolicyParameter.apl);
-    EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.domain == readedData->hapPolicyParameter.domain);
-    EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList.size() == readedData->hapPolicyParameter.permStateList.size());
+    EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.domain, readedData->hapPolicyParameter.domain);
+    EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList.size(), readedData->hapPolicyParameter.permList.size());
+    EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList.size(),
+        readedData->hapPolicyParameter.permStateList.size());
+
+    for(int32_t i = 0; i < hapPolicyParcel.hapPolicyParameter.permList.size(); i++) {
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].permissionName,
+            readedData->hapPolicyParameter.permList[i].permissionName);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].bundleName,
+            readedData->hapPolicyParameter.permList[i].bundleName);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].grantMode,
+            readedData->hapPolicyParameter.permList[i].grantMode);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].availableLevel,
+            readedData->hapPolicyParameter.permList[i].availableLevel);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].label,
+            readedData->hapPolicyParameter.permList[i].label);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].labelId,
+            readedData->hapPolicyParameter.permList[i].labelId);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].description,
+            readedData->hapPolicyParameter.permList[i].description);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].descriptionId,
+            readedData->hapPolicyParameter.permList[i].descriptionId);
+    }
 
     for(int32_t i = 0; i < hapPolicyParcel.hapPolicyParameter.permStateList.size(); i++) {
-        EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList[i].permissionName == readedData->hapPolicyParameter.permStateList[i].permissionName);
-        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].isGeneral, readedData->hapPolicyParameter.permStateList[i].isGeneral);
-        EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList[i].resDeviceID == readedData->hapPolicyParameter.permStateList[i].resDeviceID);
-        EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList[i].grantStatus == readedData->hapPolicyParameter.permStateList[i].grantStatus);
-        EXPECT_EQ(true, hapPolicyParcel.hapPolicyParameter.permStateList[i].grantFlags == readedData->hapPolicyParameter.permStateList[i].grantFlags);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].permissionName,
+            readedData->hapPolicyParameter.permStateList[i].permissionName);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].isGeneral,
+            readedData->hapPolicyParameter.permStateList[i].isGeneral);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].resDeviceID,
+            readedData->hapPolicyParameter.permStateList[i].resDeviceID);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].grantStatus,
+            readedData->hapPolicyParameter.permStateList[i].grantStatus);
+        EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].grantFlags,
+            readedData->hapPolicyParameter.permStateList[i].grantFlags);
     }
 }
 }
-- 
Gitee


From 065c5ff1790404e3f2b892f431582596bfd5b35e Mon Sep 17 00:00:00 2001
From: liushuling <liushuling1@huawei.com>
Date: Mon, 19 Sep 2022 12:51:20 +0800
Subject: [PATCH 28/51] add UT test

Signed-off-by: liushuling <liushuling1@huawei.com>
Change-Id: I38d940763536c7d5081f722bfa752b3445585db7
---
 .../unittest/src/accesstoken_kit_test.cpp     |  57 +++++++++
 .../cpp/src/accesstoken_info_manager_test.cpp | 110 ++++++++++++++++++
 .../cpp/src/native_token_receptor_test.cpp    |  39 +++++++
 3 files changed, 206 insertions(+)

diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
index 418d300f5..12ca8d9e2 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
@@ -14,6 +14,7 @@
  */
 
 #include "accesstoken_kit_test.h"
+#include <stdint.h>
 #include <thread>
 
 #include "accesstoken_kit.h"
@@ -948,6 +949,21 @@ HWTEST_F(AccessTokenKitTest, GrantPermission003, TestSize.Level0)
     }
 }
 
+/**
+ * @tc.name: GrantPermission004
+ * @tc.desc: GrantPermission function abnormal branch
+ * @tc.type: FUNC
+ * @tc.require:Issue I5RJBB
+ */
+HWTEST_F(AccessTokenKitTest, GrantPermission004, TestSize.Level0)
+{
+    AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    ASSERT_NE(0, tokenID);
+    int32_t invalidFlag = -1;
+    int32_t ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, invalidFlag);
+    ASSERT_EQ(RET_FAILED, ret);
+}
+
 /**
  * @tc.name: RevokePermission001
  * @tc.desc: Revoke permission that has ohos.permission.GRANT_SENSITIVE_PERMISSIONS
@@ -1024,6 +1040,21 @@ HWTEST_F(AccessTokenKitTest, RevokePermission003, TestSize.Level0)
     }
 }
 
+/**
+ * @tc.name: RevokePermission004
+ * @tc.desc: Revoke permission abnormal branch.
+ * @tc.type: FUNC
+ * @tc.require:Issue I5RJBB
+ */
+HWTEST_F(AccessTokenKitTest, RevokePermission004, TestSize.Level0)
+{
+    AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
+    ASSERT_NE(0, tokenID);
+    int invalidFlag = -1;
+    int32_t ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, invalidFlag);
+    ASSERT_EQ(RET_FAILED, ret);
+}
+
 /**
  * @tc.name: ClearUserGrantedPermissionState001
  * @tc.desc: Clear user/system granted permission after ClearUserGrantedPermissionState has been invoked.
@@ -1156,6 +1187,32 @@ HWTEST_F(AccessTokenKitTest, GetTokenType001, TestSize.Level0)
     DeleteTestToken();
 }
 
+/**
+ * @tc.name: GetTokenType002
+ * @tc.desc: get the token type abnormal branch.
+ * @tc.type: FUNC
+ * @tc.require Issue I5RJBB
+ */
+HWTEST_F(AccessTokenKitTest, GetTokenType002, TestSize.Level0)
+{
+    AccessTokenID tokenID = 0;
+    int32_t ret = AccessTokenKit::GetTokenType(tokenID);
+    ASSERT_EQ(TOKEN_INVALID, ret);
+}
+
+/**
+ * @tc.name: GetHapDlpFlag001
+ * @tc.desc: GetHapDlpFlag function abnormal branch.
+ * @tc.type: FUNC
+ * @tc.require Issue Number:I5RJBB
+ */
+HWTEST_F(AccessTokenKitTest, GetHapDlpFlag001, TestSize.Level0)
+{
+    AccessTokenID tokenID = 0;
+    int32_t ret = AccessTokenKit::GetHapDlpFlag(tokenID);
+    ASSERT_EQ(INVALID_DLP_TOKEN_FLAG, ret);
+}
+
 /**
  * @tc.name: GetHapTokenInfo001
  * @tc.desc: get the token info and verify.
diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
index 680c1fed5..8c64d0e29 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
@@ -16,6 +16,7 @@
 #include "accesstoken_info_manager_test.h"
 
 #include <memory>
+#include <stdint.h>
 #include <string>
 #include "accesstoken_info_manager.h"
 #include "accesstoken_log.h"
@@ -481,8 +482,117 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Leve
     ASSERT_EQ(RET_SUCCESS, ret);
     GTEST_LOG_(INFO) << "remove the token info";
 }
+
+/**
+ * @tc.name: RemoteHapTest001001
+ * @tc.desc: Verify the RemoteHap token function .
+ * @tc.type: FUNC
+ * @tc.require: Issue I5RJBB
+ */
+HWTEST_F(AccessTokenInfoManagerTest, RemoteHapTest001, TestSize.Level1)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
+        g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "add a hap token";
+
+    std::string deviceId = "device_1";
+    std::string deviceId2 = "device_2";
+    AccessTokenID mapID =
+        AccessTokenInfoManager::GetInstance().AllocLocalTokenID(deviceId, tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(mapID == 0, true);
+    HapTokenInfoForSync hapSync;
+    ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    ret = AccessTokenInfoManager::GetInstance().SetRemoteHapTokenInfo(deviceId, hapSync);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    ret = AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceId);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    ret = AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceId2);
+    ASSERT_EQ(RET_FAILED, ret);
+
+    ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "remove the token info";
+}
+
+/**
+ * @tc.name: DeleteRemoteToken001
+ * @tc.desc: Verify the DeleteRemoteToken normal and abnormal branch .
+ * @tc.type: FUNC
+ * @tc.require: Issue I5RJBB
+ */
+HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken001, TestSize.Level1)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
+        g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "add a hap token";
+
+    std::string deviceId = "device_1";
+    std::string deviceId2 = "device_2";
+    AccessTokenID mapId =
+        AccessTokenInfoManager::GetInstance().AllocLocalTokenID(deviceId, tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(mapId == 0, true);
+    HapTokenInfoForSync hapSync;
+    ret = AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenIdEx.tokenIdExStruct.tokenID, hapSync);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    ret = AccessTokenInfoManager::GetInstance().SetRemoteHapTokenInfo(deviceId, hapSync);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    ret = AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceId, tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    ret = AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceId2, tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(RET_FAILED, ret);
+
+    ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "remove the token info";
+}
+
+/**
+ * @tc.name: GetUdidByNodeId001
+ * @tc.desc: Verify the GetUdidByNodeId abnormal branch.
+ * @tc.type: FUNC
+ * @tc.require: Issue I5RJBB
+ */
+HWTEST_F(AccessTokenInfoManagerTest, GetUdidByNodeId001, TestSize.Level1)
+{
+    std::string nodeId = "test";
+    std::string result = AccessTokenInfoManager::GetInstance().GetUdidByNodeId(nodeId);
+    ASSERT_EQ(result.empty(), true);
+}
 #endif
 
+/**
+ * @tc.name: DumpTokenInfo001
+ * @tc.desc: Verify the DumpTokenInfo hap token function .
+ * @tc.type: FUNC
+ * @tc.require: Issue Number:I5RJBB
+ */
+HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level1)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
+        g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "add a hap token";
+
+    std::string dumpInfo;
+    AccessTokenInfoManager::GetInstance().DumpTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, dumpInfo);
+    ASSERT_EQ(dumpInfo.length() > 0, true);
+    GTEST_LOG_(INFO) << dumpInfo;
+
+    ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
+    ASSERT_EQ(RET_SUCCESS, ret);
+    GTEST_LOG_(INFO) << "remove the token info";
+
+    AccessTokenInfoManager::GetInstance().DumpTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, dumpInfo);
+    ASSERT_EQ(dumpInfo.length() > 0, true);
+    GTEST_LOG_(INFO) << dumpInfo;
+}
+
 #ifdef SUPPORT_SANDBOX_APP
 static void PrepareJsonData1()
 {
diff --git a/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
index 041d821bf..9b7c7ee99 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
@@ -17,6 +17,7 @@
 
 #include <fcntl.h>
 #include <memory>
+#include <stdint.h>
 #include <string>
 #include <sys/socket.h>
 #include <sys/stat.h>
@@ -358,6 +359,44 @@ HWTEST_F(NativeTokenReceptorTest, CheckNativeDCap001, TestSize.Level1)
     ASSERT_EQ(ret, RET_SUCCESS);
 }
 
+#ifdef TOKEN_SYNC_ENABLE
+/**
+ * @tc.name: GetAllNativeTokenInfo001
+ * @tc.desc: Verify GetAllNativeTokenInfo normal and abnormal branch
+ * @tc.type: FUNC
+ * @tc.require: Issue I5RJBB
+ */
+HWTEST_F(NativeTokenReceptorTest, GetAllNativeTokenInfo001, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "GetAllNativeTokenInfo001!");
+
+    // test nativetokenInfo = nullptr
+    std::vector<NativeTokenInfoForSync> nativeVec;
+    std::vector<std::shared_ptr<NativeTokenInfoInner>> tokenInfos;
+    AccessTokenInfoManager::GetInstance().GetAllNativeTokenInfo(nativeVec);
+    ASSERT_EQ(nativeVec.empty(), false);
+
+    // test process one
+    NativeTokenInfo info = {.apl = APL_NORMAL,
+        .ver = 1,
+        .processName = "native_token_test0",
+        .tokenID = 0x28100000,
+        .tokenAttr = 0,
+        .dcap = {"AT_CAP", "ST_CAP"}};
+
+    std::vector<PermissionStateFull> permStateList = {};
+    std::shared_ptr<NativeTokenInfoInner> nativeToken = std::make_shared<NativeTokenInfoInner>(info, permStateList);
+    tokenInfos.emplace_back(nativeToken);
+    AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos);
+    AccessTokenInfoManager::GetInstance().GetAllNativeTokenInfo(nativeVec);
+    ASSERT_EQ(!nativeVec.empty(), true);
+    AccessTokenID resultTokenId = AccessTokenInfoManager::GetInstance().GetNativeTokenId("native_token_test0");
+    ASSERT_EQ(resultTokenId, info.tokenID);
+
+    int32_t ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(info.tokenID);
+    ASSERT_EQ(ret, RET_SUCCESS);
+}
+#endif
 /**
  * @tc.name: ProcessNativeTokenInfos002
  * @tc.desc: test add two native tokens.
-- 
Gitee


From 047bc06a194793aa5b3c43b56fc5f00354c9506d Mon Sep 17 00:00:00 2001
From: liushuling <liushuling1@huawei.com>
Date: Mon, 19 Sep 2022 12:54:31 +0800
Subject: [PATCH 29/51] add UT test

Signed-off-by: liushuling <liushuling1@huawei.com>
Change-Id: I45a8d6e5135ea7d8d0e12c99b2434e5732b5195b
---
 .../accesstoken/test/unittest/src/accesstoken_kit_test.cpp       | 1 -
 .../test/unittest/cpp/src/accesstoken_info_manager_test.cpp      | 1 -
 .../test/unittest/cpp/src/native_token_receptor_test.cpp         | 1 -
 3 files changed, 3 deletions(-)

diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
index 12ca8d9e2..35373394a 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
@@ -14,7 +14,6 @@
  */
 
 #include "accesstoken_kit_test.h"
-#include <stdint.h>
 #include <thread>
 
 #include "accesstoken_kit.h"
diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
index 8c64d0e29..fb33d9c02 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
@@ -16,7 +16,6 @@
 #include "accesstoken_info_manager_test.h"
 
 #include <memory>
-#include <stdint.h>
 #include <string>
 #include "accesstoken_info_manager.h"
 #include "accesstoken_log.h"
diff --git a/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
index 9b7c7ee99..17a680a82 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp
@@ -17,7 +17,6 @@
 
 #include <fcntl.h>
 #include <memory>
-#include <stdint.h>
 #include <string>
 #include <sys/socket.h>
 #include <sys/stat.h>
-- 
Gitee


From 0a2bc82c809b5fee15153843435dd8b294eadcbc Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Mon, 19 Sep 2022 14:13:00 +0800
Subject: [PATCH 30/51] Signed-off-by: y1585740638 <yulei99@huawei.com>
 Change-Id: I6f03f85d4f625f99bd616fa825af9f10c02f6f25

---
 BUILD.gn                                      |   1 +
 services/privacymanager/BUILD.gn              |  14 +-
 .../sensitive/sensitive_resource_manager.h    |  11 ++
 .../sensitive/sensitive_resource_manager.cpp  |  30 +++++
 services/privacymanager/test/BUILD.gn         |  84 ++++++++++++
 .../add_permission_used_record_test.cpp       |   0
 .../add_permission_used_record_test.h         |   0
 .../sensitive_resource_manager_test.cpp       | 125 ++++++++++++++++++
 8 files changed, 259 insertions(+), 6 deletions(-)
 create mode 100644 services/privacymanager/test/BUILD.gn
 rename services/privacymanager/test/{add_permission_used_record_test => unittest}/add_permission_used_record_test.cpp (100%)
 rename services/privacymanager/test/{add_permission_used_record_test => unittest}/add_permission_used_record_test.h (100%)
 create mode 100644 services/privacymanager/test/unittest/sensitive_resource_manager_test.cpp

diff --git a/BUILD.gn b/BUILD.gn
index 9bb4e5844..0a028dcc7 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -27,6 +27,7 @@ group("accesstoken_build_module_test") {
       "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest",
       "//base/security/access_token/services/accesstokenmanager/test:unittest",
       "//base/security/access_token/services/common/database/test:unittest",
+      "//base/security/access_token/services/privacymanager/test:unittest",
     ]
   }
   if (token_sync_enable == true) {
diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn
index 86ffd4d0a..d7a75f13c 100644
--- a/services/privacymanager/BUILD.gn
+++ b/services/privacymanager/BUILD.gn
@@ -1,9 +1,3 @@
-# Copyright (c) 2022 Huawei Device Co., Ltd.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
@@ -47,6 +41,8 @@ if (is_standard_system && ability_base_enable == true) {
       "//base/security/access_token/interfaces/innerkits/accesstoken/include",
       "//base/security/access_token/interfaces/innerkits/privacy/include",
       "//base/security/access_token/services/common/database/include",
+      "//foundation/multimedia/audio_framework/interfaces/inner_api/native/audiomanager/include",
+      "//foundation/ability/ability_runtime/interfaces/kits/native/ability/ability_runtime",
       "//third_party/json/include",
       "//third_party/sqlite/include/",
     ]
@@ -79,16 +75,22 @@ if (is_standard_system && ability_base_enable == true) {
       "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
       "//base/security/access_token/services/common/database:accesstoken_database_cxx",
       "//base/security/access_token/services/privacymanager:privacy.rc",
+      "//foundation/ability/ability_runtime/interfaces/inner_api/ability_manager:ability_manager",
+      "//third_party/libuv:uv",
     ]
 
     external_deps = [
+      "ability_base:want",
+      "ability_runtime:ability_manager",
       "ability_runtime:app_manager",
       "c_utils:utils",
       "hisysevent_native:libhisysevent",
       "hiviewdfx_hilog_native:libhilog",
       "ipc:ipc_core",
+      "multimedia_audio_framework:audio_client",
       "safwk:system_ability_fwk",
       "samgr:samgr_proxy",
+      "window_manager:libwm",
     ]
   }
 }
diff --git a/services/privacymanager/include/sensitive/sensitive_resource_manager.h b/services/privacymanager/include/sensitive/sensitive_resource_manager.h
index 80f91eb57..6a50e3f22 100644
--- a/services/privacymanager/include/sensitive/sensitive_resource_manager.h
+++ b/services/privacymanager/include/sensitive/sensitive_resource_manager.h
@@ -21,6 +21,7 @@
 #include <string>
 #include "app_mgr_proxy.h"
 #include "application_status_change_callback.h"
+#include "safe_map.h"
 
 namespace OHOS {
 namespace Security {
@@ -31,6 +32,11 @@ enum AppStatus {
     APP_FOREGROUND,
     APP_BACKGROUND,
 };
+enum ResourceType {
+    INVALID = -1,
+    CAMERA = 0,
+    MICROPHONE = 1,
+};
 
 using DialogCallback = std::function<void(int32_t id, const std::string& event, const std::string& param)>;
 class SensitiveResourceManager final {
@@ -38,8 +44,11 @@ public:
     static SensitiveResourceManager& GetInstance();
     SensitiveResourceManager();
     virtual ~SensitiveResourceManager();
+    void Init();
 
     bool GetAppStatus(const std::string& pkgName, int32_t& status);
+    bool GetGlobalSwitch(const ResourceType type);
+    void SetGlobalSwitch(const ResourceType type, bool switchStatus);
 
     // register and unregister app status change callback
     bool RegisterAppStatusChangeCallback(uint32_t tokenId, OnAppStatusChangeCallback callback);
@@ -52,6 +61,8 @@ private:
 private:
     std::mutex appStatusMutex_;
     std::vector<OHOS::sptr<ApplicationStatusChangeCallback>> appStateCallbacks_;
+    std::mutex switchStatusMutex_;
+    SafeMap<ResourceType, bool> switchStatusMap_;
     std::mutex mutex_;
     sptr<AppExecFwk::IAppMgr> appMgrProxy_;
 };
diff --git a/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp b/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp
index b53b061ab..bd783c8be 100644
--- a/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp
+++ b/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp
@@ -15,10 +15,13 @@
 
 #include "sensitive_resource_manager.h"
 #include <semaphore.h>
+#include "ability_manager_client.h"
 #include "accesstoken_log.h"
 #include "active_change_response_info.h"
 #include "iservice_registry.h"
 #include "system_ability_definition.h"
+#include "window_manager.h"
+#include "audio_system_manager.h"
 
 namespace OHOS {
 namespace Security {
@@ -44,6 +47,13 @@ SensitiveResourceManager::~SensitiveResourceManager()
 {
 }
 
+void SensitiveResourceManager::Init()
+{
+    // TODO：从服务获取camera和microphone的全局开关状态
+    switchStatusMap_[ResourceType::CAMERA] = true;  // 相机开发未完成
+    switchStatusMap_[ResourceType::MICROPHONE] = AudioStandard::AudioSystemManager::GetInstance()->IsMicrophoneMute();
+}
+
 bool SensitiveResourceManager::InitProxy()
 {
     std::lock_guard<std::mutex> lock(mutex_);
@@ -104,6 +114,26 @@ bool SensitiveResourceManager::GetAppStatus(const std::string& pkgName, int32_t&
     return true;
 }
 
+bool SensitiveResourceManager::GetGlobalSwitch(const ResourceType type)
+{
+    bool status = true;
+    if (!switchStatusMap_.Find(type, status)) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "Invalid ResourceType.");
+        return true;
+    }
+    return status;
+}
+
+void SensitiveResourceManager::SetGlobalSwitch(const ResourceType type, bool switchStatus)
+{
+    bool status = true;
+    if (!switchStatusMap_.Find(type, status)) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "Invalid ResourceType.");
+        return;
+    }
+    switchStatusMap_[type] = switchStatus;
+}
+
 bool SensitiveResourceManager::RegisterAppStatusChangeCallback(uint32_t tokenId, OnAppStatusChangeCallback callback)
 {
     if (callback == nullptr) {
diff --git a/services/privacymanager/test/BUILD.gn b/services/privacymanager/test/BUILD.gn
new file mode 100644
index 000000000..ebcf7e51e
--- /dev/null
+++ b/services/privacymanager/test/BUILD.gn
@@ -0,0 +1,84 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//base/security/access_token/access_token.gni")
+import("//build/test.gni")
+
+ohos_unittest("sensitive_resource_manager_test") {
+  subsystem_name = "security"
+  part_name = "access_token"
+  module_out_path = part_name + "/" + part_name
+
+  include_dirs = [
+    "//base/security/access_token/frameworks/privacy/include",
+    "//base/security/access_token/frameworks/common/include",
+    "//base/security/access_token/interfaces/innerkits/accesstoken/include",
+    "//base/security/access_token/interfaces/innerkits/privacy/include",
+    "//base/security/access_token/services/common/database/include",
+    "//base/global/resource_management/interfaces/inner_api/include",
+    "//base/security/access_token/services/privacymanager/include/sensitive",
+    "//base/security/access_token/frameworks/common/include",
+    "//base/security/access_token/interfaces/innerkits/token_setproc/include",
+    "//foundation/ability/ability_runtime/interfaces/kits/native/ability/ability_runtime",
+    "//foundation/arkui/napi",
+    "//foundation/multimedia/audio_framework/interfaces/inner_api/native/audiomanager/include",
+    "//foundation/window/window_manager/wm/include",
+    "//third_party/googletest/include",
+  ]
+
+  sources = [
+    "//base/security/access_token/services/privacymanager/src/sensitive/application_status_change_callback.cpp",
+    "//base/security/access_token/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp",
+    "unittest/sensitive_resource_manager_test.cpp",
+  ]
+
+  cflags_cc = [ "-DHILOG_ENABLE" ]
+
+  if (dlp_permission_enable == true) {
+    cflags_cc += [ "-DSUPPORT_SANDBOX_APP" ]
+  }
+
+  configs = [ "//base/security/access_token/config:coverage_flags" ]
+
+  deps = [
+    "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc",
+    "//base/security/access_token/services/privacymanager:privacymanager",
+    "//foundation/ability/ability_runtime/interfaces/inner_api/ability_manager:ability_manager",
+    "//foundation/ability/ability_runtime/services/abilitymgr:abilityms_target",
+    "//foundation/arkui/ace_engine/interfaces/inner_api/ui_service_manager:ui_service_mgr",
+    "//third_party/googletest:gtest_main",
+    "//third_party/libuv:uv",
+    "//utils/native/base:utils",
+  ]
+
+  external_deps = [
+    "ability_base:base",
+    "ability_base:want",
+    "ability_runtime:ability_context_native",
+    "ability_runtime:ability_manager",
+    "ability_runtime:app_manager",
+    "access_token:libaccesstoken_sdk",
+    "bundle_framework:appexecfwk_base",
+    "bundle_framework:appexecfwk_core",
+    "hiviewdfx_hilog_native:libhilog",
+    "ipc:ipc_core",
+    "multimedia_audio_framework:audio_client",
+    "samgr:samgr_proxy",
+    "window_manager:libwm",
+  ]
+}
+
+group("unittest") {
+  testonly = true
+  deps = [ ":sensitive_resource_manager_test" ]
+}
diff --git a/services/privacymanager/test/add_permission_used_record_test/add_permission_used_record_test.cpp b/services/privacymanager/test/unittest/add_permission_used_record_test.cpp
similarity index 100%
rename from services/privacymanager/test/add_permission_used_record_test/add_permission_used_record_test.cpp
rename to services/privacymanager/test/unittest/add_permission_used_record_test.cpp
diff --git a/services/privacymanager/test/add_permission_used_record_test/add_permission_used_record_test.h b/services/privacymanager/test/unittest/add_permission_used_record_test.h
similarity index 100%
rename from services/privacymanager/test/add_permission_used_record_test/add_permission_used_record_test.h
rename to services/privacymanager/test/unittest/add_permission_used_record_test.h
diff --git a/services/privacymanager/test/unittest/sensitive_resource_manager_test.cpp b/services/privacymanager/test/unittest/sensitive_resource_manager_test.cpp
new file mode 100644
index 000000000..a30045d7a
--- /dev/null
+++ b/services/privacymanager/test/unittest/sensitive_resource_manager_test.cpp
@@ -0,0 +1,125 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+#include <gtest/gtest.h>
+#include "ability_context_impl.h"
+#include "accesstoken_kit.h"
+#include "audio_system_manager.h"
+#include "sensitive_resource_manager.h"
+#include "token_setproc.h"
+#include "window.h"
+#include "window_scene.h"
+#include "wm_common.h"
+
+using namespace testing;
+using namespace testing::ext;
+using namespace OHOS;
+using namespace OHOS::Security::AccessToken;
+
+class SensitiveResourceManagerTest : public testing::Test {
+public:
+    static void SetUpTestCase();
+    static void TearDownTestCase();
+    void SetUp();
+    void TearDown();
+};
+
+void SensitiveResourceManagerTest::SetUpTestCase()
+{ 
+}
+
+void SensitiveResourceManagerTest::TearDownTestCase()
+{
+}
+
+void SensitiveResourceManagerTest::SetUp()
+{
+    SensitiveResourceManager::GetInstance().Init();
+}
+
+void SensitiveResourceManagerTest::TearDown()
+{
+}
+
+/**
+ * @tc.name: GetGlobalSwitchTest_001
+ * @tc.desc: Verify the GetGlobalSwitch with vaild ResourceType.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(SensitiveResourceManagerTest, GetGlobalSwitchTest_001, TestSize.Level1)
+{
+    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::MICROPHONE, true);
+    usleep(500000); // 500000us = 0.5s
+    ASSERT_EQ(true, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::MICROPHONE));
+
+    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::MICROPHONE, false);
+    usleep(500000); // 500000us = 0.5s
+    ASSERT_EQ(false, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::MICROPHONE));
+}
+
+/**
+ * @tc.name: GetGlobalSwitchTest_002
+ * @tc.desc: Verify the GetGlobalSwitch abnormal branch ResourceType is invalid.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(SensitiveResourceManagerTest, GetGlobalSwitchTest_002, TestSize.Level1)
+{
+    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::CAMERA, true);
+    usleep(500000); // 500000us = 0.5s
+    ASSERT_EQ(true, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::INVALID));
+
+    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::CAMERA, false);
+    usleep(500000); // 500000us = 0.5s
+    ASSERT_EQ(true, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::INVALID));
+}
+
+/**
+ * @tc.name: SetGlobalSwitchTest_001
+ * @tc.desc: Verify the SetGlobalSwitch with vaild ResourceType.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(SensitiveResourceManagerTest, SetGlobalSwitchTest_001, TestSize.Level1)
+{
+    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::CAMERA, true);
+    usleep(500000); // 500000us = 0.5s
+    ASSERT_EQ(true, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::CAMERA));
+
+    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::CAMERA, false);
+    usleep(500000); // 500000us = 0.5s
+    ASSERT_EQ(false, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::CAMERA));
+}
+
+/**
+ * @tc.name: SetGlobalSwitchTest_002
+ * @tc.desc: Verify the SetGlobalSwitch abnormal branch ResourceType is invalid.
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(SensitiveResourceManagerTest, SetGlobalSwitchTest_002, TestSize.Level1)
+{
+    bool isMicrophoneMute = AudioStandard::AudioSystemManager::GetInstance()->IsMicrophoneMute();
+
+    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::INVALID, true);
+    usleep(500000); // 500000us = 0.5s
+    ASSERT_EQ(isMicrophoneMute, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::MICROPHONE));
+
+    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::INVALID, false);
+    usleep(500000); // 500000us = 0.5s
+    ASSERT_EQ(isMicrophoneMute, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::MICROPHONE));
+}
+
-- 
Gitee


From 494cd04c38394959aa1be2f523fb9f8b01c88776 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Mon, 19 Sep 2022 14:34:08 +0800
Subject: [PATCH 31/51] Signed-off-by: y1585740638 <yulei99@huawei.com>
 Change-Id: I995425e7f7d86efdf48e96df4c1f32ad8ee9edc9

Signed-off-by: y1585740638 <yulei99@huawei.com>
Change-Id: If79320d1e63e150f8d8d9c5208bf4b4e98f028ae
Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 services/privacymanager/BUILD.gn              |   8 +-
 .../sensitive/sensitive_resource_manager.h    |   1 -
 .../sensitive/sensitive_resource_manager.cpp  |   3 +-
 .../sensitive_resource_manager_test.cpp       | 125 ------------------
 4 files changed, 8 insertions(+), 129 deletions(-)
 delete mode 100644 services/privacymanager/test/unittest/sensitive_resource_manager_test.cpp

diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn
index d7a75f13c..98186e631 100644
--- a/services/privacymanager/BUILD.gn
+++ b/services/privacymanager/BUILD.gn
@@ -1,3 +1,9 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
@@ -93,4 +99,4 @@ if (is_standard_system && ability_base_enable == true) {
       "window_manager:libwm",
     ]
   }
-}
+}
\ No newline at end of file
diff --git a/services/privacymanager/include/sensitive/sensitive_resource_manager.h b/services/privacymanager/include/sensitive/sensitive_resource_manager.h
index 6a50e3f22..6dc2c8d5a 100644
--- a/services/privacymanager/include/sensitive/sensitive_resource_manager.h
+++ b/services/privacymanager/include/sensitive/sensitive_resource_manager.h
@@ -61,7 +61,6 @@ private:
 private:
     std::mutex appStatusMutex_;
     std::vector<OHOS::sptr<ApplicationStatusChangeCallback>> appStateCallbacks_;
-    std::mutex switchStatusMutex_;
     SafeMap<ResourceType, bool> switchStatusMap_;
     std::mutex mutex_;
     sptr<AppExecFwk::IAppMgr> appMgrProxy_;
diff --git a/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp b/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp
index bd783c8be..86a769f4d 100644
--- a/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp
+++ b/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp
@@ -49,8 +49,7 @@ SensitiveResourceManager::~SensitiveResourceManager()
 
 void SensitiveResourceManager::Init()
 {
-    // TODO：从服务获取camera和microphone的全局开关状态
-    switchStatusMap_[ResourceType::CAMERA] = true;  // 相机开发未完成
+    switchStatusMap_[ResourceType::CAMERA] = true;
     switchStatusMap_[ResourceType::MICROPHONE] = AudioStandard::AudioSystemManager::GetInstance()->IsMicrophoneMute();
 }
 
diff --git a/services/privacymanager/test/unittest/sensitive_resource_manager_test.cpp b/services/privacymanager/test/unittest/sensitive_resource_manager_test.cpp
deleted file mode 100644
index a30045d7a..000000000
--- a/services/privacymanager/test/unittest/sensitive_resource_manager_test.cpp
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * Copyright (c) 2022 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- 
-#include <gtest/gtest.h>
-#include "ability_context_impl.h"
-#include "accesstoken_kit.h"
-#include "audio_system_manager.h"
-#include "sensitive_resource_manager.h"
-#include "token_setproc.h"
-#include "window.h"
-#include "window_scene.h"
-#include "wm_common.h"
-
-using namespace testing;
-using namespace testing::ext;
-using namespace OHOS;
-using namespace OHOS::Security::AccessToken;
-
-class SensitiveResourceManagerTest : public testing::Test {
-public:
-    static void SetUpTestCase();
-    static void TearDownTestCase();
-    void SetUp();
-    void TearDown();
-};
-
-void SensitiveResourceManagerTest::SetUpTestCase()
-{ 
-}
-
-void SensitiveResourceManagerTest::TearDownTestCase()
-{
-}
-
-void SensitiveResourceManagerTest::SetUp()
-{
-    SensitiveResourceManager::GetInstance().Init();
-}
-
-void SensitiveResourceManagerTest::TearDown()
-{
-}
-
-/**
- * @tc.name: GetGlobalSwitchTest_001
- * @tc.desc: Verify the GetGlobalSwitch with vaild ResourceType.
- * @tc.type: FUNC
- * @tc.require:
- */
-HWTEST_F(SensitiveResourceManagerTest, GetGlobalSwitchTest_001, TestSize.Level1)
-{
-    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::MICROPHONE, true);
-    usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(true, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::MICROPHONE));
-
-    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::MICROPHONE, false);
-    usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::MICROPHONE));
-}
-
-/**
- * @tc.name: GetGlobalSwitchTest_002
- * @tc.desc: Verify the GetGlobalSwitch abnormal branch ResourceType is invalid.
- * @tc.type: FUNC
- * @tc.require:
- */
-HWTEST_F(SensitiveResourceManagerTest, GetGlobalSwitchTest_002, TestSize.Level1)
-{
-    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::CAMERA, true);
-    usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(true, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::INVALID));
-
-    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::CAMERA, false);
-    usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(true, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::INVALID));
-}
-
-/**
- * @tc.name: SetGlobalSwitchTest_001
- * @tc.desc: Verify the SetGlobalSwitch with vaild ResourceType.
- * @tc.type: FUNC
- * @tc.require:
- */
-HWTEST_F(SensitiveResourceManagerTest, SetGlobalSwitchTest_001, TestSize.Level1)
-{
-    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::CAMERA, true);
-    usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(true, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::CAMERA));
-
-    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::CAMERA, false);
-    usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(false, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::CAMERA));
-}
-
-/**
- * @tc.name: SetGlobalSwitchTest_002
- * @tc.desc: Verify the SetGlobalSwitch abnormal branch ResourceType is invalid.
- * @tc.type: FUNC
- * @tc.require:
- */
-HWTEST_F(SensitiveResourceManagerTest, SetGlobalSwitchTest_002, TestSize.Level1)
-{
-    bool isMicrophoneMute = AudioStandard::AudioSystemManager::GetInstance()->IsMicrophoneMute();
-
-    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::INVALID, true);
-    usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(isMicrophoneMute, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::MICROPHONE));
-
-    SensitiveResourceManager::GetInstance().SetGlobalSwitch(ResourceType::INVALID, false);
-    usleep(500000); // 500000us = 0.5s
-    ASSERT_EQ(isMicrophoneMute, SensitiveResourceManager::GetInstance().GetGlobalSwitch(ResourceType::MICROPHONE));
-}
-
-- 
Gitee


From 00e59712685b2ee31622779077ee439175e9d420 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Mon, 19 Sep 2022 15:48:11 +0800
Subject: [PATCH 32/51] Signed-off-by: y1585740638 <yulei99@huawei.com>
 Change-Id: I454c9e651b878b6048c02462122e5a6f5fa3812f

---
 services/privacymanager/test/BUILD.gn | 84 ---------------------------
 1 file changed, 84 deletions(-)
 delete mode 100644 services/privacymanager/test/BUILD.gn

diff --git a/services/privacymanager/test/BUILD.gn b/services/privacymanager/test/BUILD.gn
deleted file mode 100644
index ebcf7e51e..000000000
--- a/services/privacymanager/test/BUILD.gn
+++ /dev/null
@@ -1,84 +0,0 @@
-# Copyright (c) 2022 Huawei Device Co., Ltd.
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import("//base/security/access_token/access_token.gni")
-import("//build/test.gni")
-
-ohos_unittest("sensitive_resource_manager_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
-
-  include_dirs = [
-    "//base/security/access_token/frameworks/privacy/include",
-    "//base/security/access_token/frameworks/common/include",
-    "//base/security/access_token/interfaces/innerkits/accesstoken/include",
-    "//base/security/access_token/interfaces/innerkits/privacy/include",
-    "//base/security/access_token/services/common/database/include",
-    "//base/global/resource_management/interfaces/inner_api/include",
-    "//base/security/access_token/services/privacymanager/include/sensitive",
-    "//base/security/access_token/frameworks/common/include",
-    "//base/security/access_token/interfaces/innerkits/token_setproc/include",
-    "//foundation/ability/ability_runtime/interfaces/kits/native/ability/ability_runtime",
-    "//foundation/arkui/napi",
-    "//foundation/multimedia/audio_framework/interfaces/inner_api/native/audiomanager/include",
-    "//foundation/window/window_manager/wm/include",
-    "//third_party/googletest/include",
-  ]
-
-  sources = [
-    "//base/security/access_token/services/privacymanager/src/sensitive/application_status_change_callback.cpp",
-    "//base/security/access_token/services/privacymanager/src/sensitive/sensitive_resource_manager.cpp",
-    "unittest/sensitive_resource_manager_test.cpp",
-  ]
-
-  cflags_cc = [ "-DHILOG_ENABLE" ]
-
-  if (dlp_permission_enable == true) {
-    cflags_cc += [ "-DSUPPORT_SANDBOX_APP" ]
-  }
-
-  configs = [ "//base/security/access_token/config:coverage_flags" ]
-
-  deps = [
-    "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc",
-    "//base/security/access_token/services/privacymanager:privacymanager",
-    "//foundation/ability/ability_runtime/interfaces/inner_api/ability_manager:ability_manager",
-    "//foundation/ability/ability_runtime/services/abilitymgr:abilityms_target",
-    "//foundation/arkui/ace_engine/interfaces/inner_api/ui_service_manager:ui_service_mgr",
-    "//third_party/googletest:gtest_main",
-    "//third_party/libuv:uv",
-    "//utils/native/base:utils",
-  ]
-
-  external_deps = [
-    "ability_base:base",
-    "ability_base:want",
-    "ability_runtime:ability_context_native",
-    "ability_runtime:ability_manager",
-    "ability_runtime:app_manager",
-    "access_token:libaccesstoken_sdk",
-    "bundle_framework:appexecfwk_base",
-    "bundle_framework:appexecfwk_core",
-    "hiviewdfx_hilog_native:libhilog",
-    "ipc:ipc_core",
-    "multimedia_audio_framework:audio_client",
-    "samgr:samgr_proxy",
-    "window_manager:libwm",
-  ]
-}
-
-group("unittest") {
-  testonly = true
-  deps = [ ":sensitive_resource_manager_test" ]
-}
-- 
Gitee


From 0afa81b435e3ca6b66691ac5052a9a51320bde91 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Mon, 19 Sep 2022 07:53:44 +0000
Subject: [PATCH 33/51] update services/privacymanager/BUILD.gn.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 services/privacymanager/BUILD.gn | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn
index 98186e631..4f5321129 100644
--- a/services/privacymanager/BUILD.gn
+++ b/services/privacymanager/BUILD.gn
@@ -99,4 +99,4 @@ if (is_standard_system && ability_base_enable == true) {
       "window_manager:libwm",
     ]
   }
-}
\ No newline at end of file
+}
-- 
Gitee


From 3c454b560889b8a7c26e67404a416cd443a3011c Mon Sep 17 00:00:00 2001
From: zhouyan <zhouyan128@huawei.com>
Date: Mon, 19 Sep 2022 12:01:38 +0800
Subject: [PATCH 34/51] =?UTF-8?q?=E6=B7=BB=E5=8A=A0libperm=5Factive=5Fresp?=
 =?UTF-8?q?onse=5Fparcel=5Ftest=E6=B5=8B=E8=AF=95=E5=A5=97?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: zhouyan <zhouyan128@huawei.com>
Change-Id: I1407df636ec33656cf55212ebb07df52bf3ecdbd
---
 BUILD.gn                                      |  1 +
 frameworks/privacy/test/BUILD.gn              | 49 +++++++++++++
 .../src/perm_active_response_parcel_test.cpp  | 73 +++++++++++++++++++
 3 files changed, 123 insertions(+)
 create mode 100644 frameworks/privacy/test/BUILD.gn
 create mode 100644 frameworks/privacy/test/unittest/src/perm_active_response_parcel_test.cpp

diff --git a/BUILD.gn b/BUILD.gn
index 9bb4e5844..9e318da81 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -20,6 +20,7 @@ group("accesstoken_build_module_test") {
   if (is_standard_system) {
     deps += [
       "//base/security/access_token/frameworks/accesstoken/test:unittest",
+      "//base/security/access_token/frameworks/privacy/test:unittest",
       "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest",
       "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest",
       "//base/security/access_token/interfaces/innerkits/privacy/test:unittest",
diff --git a/frameworks/privacy/test/BUILD.gn b/frameworks/privacy/test/BUILD.gn
new file mode 100644
index 000000000..ad953fe35
--- /dev/null
+++ b/frameworks/privacy/test/BUILD.gn
@@ -0,0 +1,49 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//base/security/access_token/access_token.gni")
+import("//build/test.gni")
+
+config("accesstoken_test_config") {
+  include_dirs = [
+    "//third_party/googletest/include",
+    "//base/security/access_token/frameworks/privacy/include",
+    "//base/security/access_token/interfaces/innerkits/accesstoken/include",
+    "//base/security/access_token/interfaces/innerkits/privacy/include",
+  ]
+}
+
+ohos_unittest("libperm_active_response_parcel_test") {
+  subsystem_name = "security"
+  part_name = "access_token"
+  module_out_path = part_name + "/" + part_name
+
+  sources = [ "unittest/src/perm_active_response_parcel_test.cpp" ]
+
+  configs = [
+    ":accesstoken_test_config",
+    "//base/security/access_token/config:coverage_flags",
+  ]
+
+  deps = [ "//base/security/access_token/frameworks/privacy:privacy_communication_adapter_cxx" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "ipc:ipc_single",
+  ]
+}
+
+group("unittest") {
+  testonly = true
+  deps = [ ":libperm_active_response_parcel_test" ]
+}
diff --git a/frameworks/privacy/test/unittest/src/perm_active_response_parcel_test.cpp b/frameworks/privacy/test/unittest/src/perm_active_response_parcel_test.cpp
new file mode 100644
index 000000000..5638e8c37
--- /dev/null
+++ b/frameworks/privacy/test/unittest/src/perm_active_response_parcel_test.cpp
@@ -0,0 +1,73 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+#include <gtest/gtest.h>
+#include <memory>
+#include <string>
+#include "perm_active_response_parcel.h"
+#include "parcel.h"
+
+using namespace testing::ext;
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+
+}
+class ActiveChangeResponseParcelTest : public testing::Test  {
+public:
+    static void SetUpTestCase(void);
+    static void TearDownTestCase(void);
+    void SetUp();
+    void TearDown();
+};
+
+void ActiveChangeResponseParcelTest::SetUpTestCase(void) {}
+void ActiveChangeResponseParcelTest::TearDownTestCase(void) {}
+void ActiveChangeResponseParcelTest::SetUp(void) {}
+void ActiveChangeResponseParcelTest::TearDown(void) {}
+
+/**
+ * @tc.name: ActiveChangeResponseParcel001
+ * @tc.desc: Verify ActiveChangeResponseParcel Marshalling and Unmarshalling function.
+ * @tc.type: FUNC
+ * @tc.require: issueI5RRLJ
+ */
+HWTEST_F(ActiveChangeResponseParcelTest, ActiveChangeResponseParcel001, TestSize.Level1)
+{
+    ActiveChangeResponseParcel activeChangeResponseParcel;
+
+    activeChangeResponseParcel.changeResponse = {
+        .tokenID = 100,
+        .permissionName = "ohos.permission.CAMERA",
+        .deviceId = "you guess",
+        .type = PERM_INACTIVE,
+    };
+
+    Parcel parcel;
+    EXPECT_EQ(true, activeChangeResponseParcel.Marshalling(parcel));
+
+    std::shared_ptr<ActiveChangeResponseParcel> readedData(ActiveChangeResponseParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+
+    EXPECT_EQ(activeChangeResponseParcel.changeResponse.tokenID, readedData->changeResponse.tokenID);
+    EXPECT_EQ(activeChangeResponseParcel.changeResponse.permissionName, readedData->changeResponse.permissionName);
+    EXPECT_EQ(activeChangeResponseParcel.changeResponse.deviceId, readedData->changeResponse.deviceId);
+    EXPECT_EQ(activeChangeResponseParcel.changeResponse.type, readedData->changeResponse.type);
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
-- 
Gitee


From 370b6f29c834caa66bed7be5d0a771123f68b337 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Mon, 19 Sep 2022 07:59:54 +0000
Subject: [PATCH 35/51] update BUILD.gn.

Signed-off-by: y1585740638 <yulei99@huawei.com>
---
 BUILD.gn | 1 -
 1 file changed, 1 deletion(-)

diff --git a/BUILD.gn b/BUILD.gn
index 0a028dcc7..9bb4e5844 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -27,7 +27,6 @@ group("accesstoken_build_module_test") {
       "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest",
       "//base/security/access_token/services/accesstokenmanager/test:unittest",
       "//base/security/access_token/services/common/database/test:unittest",
-      "//base/security/access_token/services/privacymanager/test:unittest",
     ]
   }
   if (token_sync_enable == true) {
-- 
Gitee


From d2374574983decf9bf013ab6569b2edb81df6596 Mon Sep 17 00:00:00 2001
From: zhouyan <zhouyan128@huawei.com>
Date: Mon, 19 Sep 2022 17:03:10 +0800
Subject: [PATCH 36/51] =?UTF-8?q?=E6=B7=BB=E5=8A=A0libpermission=5Fused=5F?=
 =?UTF-8?q?record=5Fparcel=5Ftest=E6=B5=8B=E8=AF=95=E5=A5=97?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: zhouyan <zhouyan128@huawei.com>
Change-Id: Ieccb512f4b6c6ef1f0b7f49a054fcf3929428442
---
 frameworks/privacy/test/BUILD.gn              |  25 +++-
 .../permission_used_record_parcel_test.cpp    | 122 ++++++++++++++++++
 2 files changed, 146 insertions(+), 1 deletion(-)
 create mode 100644 frameworks/privacy/test/unittest/src/permission_used_record_parcel_test.cpp

diff --git a/frameworks/privacy/test/BUILD.gn b/frameworks/privacy/test/BUILD.gn
index ad953fe35..5d5686c2a 100644
--- a/frameworks/privacy/test/BUILD.gn
+++ b/frameworks/privacy/test/BUILD.gn
@@ -43,7 +43,30 @@ ohos_unittest("libperm_active_response_parcel_test") {
   ]
 }
 
+ohos_unittest("libpermission_used_record_parcel_test") {
+  subsystem_name = "security"
+  part_name = "access_token"
+  module_out_path = part_name + "/" + part_name
+
+  sources = [ "unittest/src/permission_used_record_parcel_test.cpp" ]
+
+  configs = [
+    ":accesstoken_test_config",
+    "//base/security/access_token/config:coverage_flags",
+  ]
+
+  deps = [ "//base/security/access_token/frameworks/privacy:privacy_communication_adapter_cxx" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "ipc:ipc_single",
+  ]
+}
+
 group("unittest") {
   testonly = true
-  deps = [ ":libperm_active_response_parcel_test" ]
+  deps = [
+    ":libperm_active_response_parcel_test",
+    ":libpermission_used_record_parcel_test",
+  ]
 }
diff --git a/frameworks/privacy/test/unittest/src/permission_used_record_parcel_test.cpp b/frameworks/privacy/test/unittest/src/permission_used_record_parcel_test.cpp
new file mode 100644
index 000000000..8da5f03b7
--- /dev/null
+++ b/frameworks/privacy/test/unittest/src/permission_used_record_parcel_test.cpp
@@ -0,0 +1,122 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+#include <gtest/gtest.h>
+#include <memory>
+#include <string>
+#include "permission_used_record_parcel.h"
+#include "parcel.h"
+
+using namespace testing::ext;
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+UsedRecordDetail g_accessRecord1 = {
+    .status = 0,
+    .timestamp = 0L,
+    .accessDuration = 0L,
+};
+
+UsedRecordDetail g_accessRecord2 = {
+    .status = 1,
+    .timestamp = 1L,
+    .accessDuration = 1L,
+};
+
+UsedRecordDetail g_rejectRecord1 = {
+    .status = 2,
+    .timestamp = 2L,
+    .accessDuration = 2L,
+};
+
+UsedRecordDetail g_rejectRecord2 = {
+    .status = 3,
+    .timestamp = 3L,
+    .accessDuration = 3L,
+};
+}
+class PermissionUsedRecordParcelTest : public testing::Test  {
+public:
+    static void SetUpTestCase(void);
+    static void TearDownTestCase(void);
+    void SetUp();
+    void TearDown();
+};
+
+void PermissionUsedRecordParcelTest::SetUpTestCase(void) {}
+void PermissionUsedRecordParcelTest::TearDownTestCase(void) {}
+void PermissionUsedRecordParcelTest::SetUp(void) {}
+void PermissionUsedRecordParcelTest::TearDown(void) {}
+
+/**
+ * @tc.name: PermissionUsedRecordParcel001
+ * @tc.desc: Verify the PermissionUsedRecordParcel Marshalling and Unmarshalling function.
+ * @tc.type: FUNC
+ * @tc.require: issueI5RUCC
+ */
+HWTEST_F(PermissionUsedRecordParcelTest, PermissionUsedRecordParcel001, TestSize.Level1)
+{
+    PermissionUsedRecordParcel permissionUsedRecordParcel;
+
+    permissionUsedRecordParcel.permissionRecord = {
+        .permissionName = "ohos.permission.CAMERA",
+        .accessCount = 2,
+        .rejectCount = 2,
+        .lastAccessTime = 0L,
+        .lastRejectTime = 0L,
+        .lastAccessDuration = 0L,
+    };
+    permissionUsedRecordParcel.permissionRecord.accessRecords.emplace_back(g_accessRecord1);
+    permissionUsedRecordParcel.permissionRecord.accessRecords.emplace_back(g_accessRecord2);
+    permissionUsedRecordParcel.permissionRecord.rejectRecords.emplace_back(g_rejectRecord1);
+    permissionUsedRecordParcel.permissionRecord.rejectRecords.emplace_back(g_rejectRecord2);
+
+    Parcel parcel;
+    EXPECT_EQ(true, permissionUsedRecordParcel.Marshalling(parcel));
+
+    std::shared_ptr<PermissionUsedRecordParcel> readedData(PermissionUsedRecordParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+
+    EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.permissionName, readedData->permissionRecord.permissionName);
+    EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.accessCount, readedData->permissionRecord.accessCount);
+    EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.rejectCount, readedData->permissionRecord.rejectCount);
+    EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.lastAccessTime, readedData->permissionRecord.lastAccessTime);
+    EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.lastRejectTime, readedData->permissionRecord.lastRejectTime);
+    EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.lastAccessDuration,
+        readedData->permissionRecord.lastAccessDuration);
+
+    for(int32_t i = 0; i < permissionUsedRecordParcel.permissionRecord.accessRecords.size(); i++) {
+        EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.accessRecords[i].status,
+            readedData->permissionRecord.accessRecords[i].status);
+        EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.accessRecords[i].timestamp,
+            readedData->permissionRecord.accessRecords[i].timestamp);
+        EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.accessRecords[i].accessDuration,
+            readedData->permissionRecord.accessRecords[i].accessDuration);
+    }
+
+    for(int32_t i = 0; i < permissionUsedRecordParcel.permissionRecord.rejectRecords.size(); i++) {
+        EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.rejectRecords[i].status,
+            readedData->permissionRecord.rejectRecords[i].status);
+        EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.rejectRecords[i].timestamp,
+            readedData->permissionRecord.rejectRecords[i].timestamp);
+        EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.rejectRecords[i].accessDuration,
+            readedData->permissionRecord.rejectRecords[i].accessDuration);
+    }
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
-- 
Gitee


From b75616b7afc45b5fb4eb6b2ba4144559cd2f1555 Mon Sep 17 00:00:00 2001
From: zhouyan <zhouyan128@huawei.com>
Date: Mon, 19 Sep 2022 18:03:10 +0800
Subject: [PATCH 37/51] =?UTF-8?q?=E6=B7=BB=E5=8A=A0libpermission=5Fused=5F?=
 =?UTF-8?q?request=5Fparcel=5Ftest=E6=B5=8B=E8=AF=95=E5=A5=97?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: zhouyan <zhouyan128@huawei.com>
Change-Id: I939cd070947d586e485526be8b323228b482a868
---
 frameworks/privacy/test/BUILD.gn              | 21 +++++
 .../permission_used_record_parcel_test.cpp    |  4 +-
 .../permission_used_request_parcel_test.cpp   | 82 +++++++++++++++++++
 3 files changed, 105 insertions(+), 2 deletions(-)
 create mode 100644 frameworks/privacy/test/unittest/src/permission_used_request_parcel_test.cpp

diff --git a/frameworks/privacy/test/BUILD.gn b/frameworks/privacy/test/BUILD.gn
index 5d5686c2a..f85625c5b 100644
--- a/frameworks/privacy/test/BUILD.gn
+++ b/frameworks/privacy/test/BUILD.gn
@@ -63,10 +63,31 @@ ohos_unittest("libpermission_used_record_parcel_test") {
   ]
 }
 
+ohos_unittest("libpermission_used_request_parcel_test") {
+  subsystem_name = "security"
+  part_name = "access_token"
+  module_out_path = part_name + "/" + part_name
+
+  sources = [ "unittest/src/permission_used_request_parcel_test.cpp" ]
+
+  configs = [
+    ":accesstoken_test_config",
+    "//base/security/access_token/config:coverage_flags",
+  ]
+
+  deps = [ "//base/security/access_token/frameworks/privacy:privacy_communication_adapter_cxx" ]
+
+  external_deps = [
+    "c_utils:utils",
+    "ipc:ipc_single",
+  ]
+}
+
 group("unittest") {
   testonly = true
   deps = [
     ":libperm_active_response_parcel_test",
     ":libpermission_used_record_parcel_test",
+    ":libpermission_used_request_parcel_test",
   ]
 }
diff --git a/frameworks/privacy/test/unittest/src/permission_used_record_parcel_test.cpp b/frameworks/privacy/test/unittest/src/permission_used_record_parcel_test.cpp
index 8da5f03b7..1bdfae5b6 100644
--- a/frameworks/privacy/test/unittest/src/permission_used_record_parcel_test.cpp
+++ b/frameworks/privacy/test/unittest/src/permission_used_record_parcel_test.cpp
@@ -99,7 +99,7 @@ HWTEST_F(PermissionUsedRecordParcelTest, PermissionUsedRecordParcel001, TestSize
     EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.lastAccessDuration,
         readedData->permissionRecord.lastAccessDuration);
 
-    for(int32_t i = 0; i < permissionUsedRecordParcel.permissionRecord.accessRecords.size(); i++) {
+    for(uint32_t i = 0; i < permissionUsedRecordParcel.permissionRecord.accessRecords.size(); i++) {
         EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.accessRecords[i].status,
             readedData->permissionRecord.accessRecords[i].status);
         EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.accessRecords[i].timestamp,
@@ -108,7 +108,7 @@ HWTEST_F(PermissionUsedRecordParcelTest, PermissionUsedRecordParcel001, TestSize
             readedData->permissionRecord.accessRecords[i].accessDuration);
     }
 
-    for(int32_t i = 0; i < permissionUsedRecordParcel.permissionRecord.rejectRecords.size(); i++) {
+    for(uint32_t i = 0; i < permissionUsedRecordParcel.permissionRecord.rejectRecords.size(); i++) {
         EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.rejectRecords[i].status,
             readedData->permissionRecord.rejectRecords[i].status);
         EXPECT_EQ(permissionUsedRecordParcel.permissionRecord.rejectRecords[i].timestamp,
diff --git a/frameworks/privacy/test/unittest/src/permission_used_request_parcel_test.cpp b/frameworks/privacy/test/unittest/src/permission_used_request_parcel_test.cpp
new file mode 100644
index 000000000..61c9ed8b9
--- /dev/null
+++ b/frameworks/privacy/test/unittest/src/permission_used_request_parcel_test.cpp
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+#include <gtest/gtest.h>
+#include <memory>
+#include <string>
+#include "permission_used_request_parcel.h"
+#include "parcel.h"
+
+using namespace testing::ext;
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+class PermissionUsedRequestParcelTest : public testing::Test  {
+public:
+    static void SetUpTestCase(void);
+    static void TearDownTestCase(void);
+    void SetUp();
+    void TearDown();
+};
+
+void PermissionUsedRequestParcelTest::SetUpTestCase(void) {}
+void PermissionUsedRequestParcelTest::TearDownTestCase(void) {}
+void PermissionUsedRequestParcelTest::SetUp(void) {}
+void PermissionUsedRequestParcelTest::TearDown(void) {}
+
+/**
+ * @tc.name: PermissionUsedRequestParcel001
+ * @tc.desc: Verify the PermissionUsedRequestParcel Marshalling and Unmarshalling function.
+ * @tc.type: FUNC
+ * @tc.require: issueI5RUP1
+ */
+HWTEST_F(PermissionUsedRequestParcelTest, PermissionUsedRequestParcel001, TestSize.Level1)
+{
+    PermissionUsedRequestParcel permissionUsedRequestParcel;
+
+    permissionUsedRequestParcel.request = {
+        .tokenId = 100,
+        .isRemote = false,
+        .deviceId = "you guess",
+        .bundleName = "com.ohos.permissionmanager",
+        .beginTimeMillis = 0L,
+        .endTimeMillis = 0L,
+        .flag = FLAG_PERMISSION_USAGE_SUMMARY,
+    };
+    permissionUsedRequestParcel.request.permissionList.emplace_back("ohos.permission.CAMERA");
+    permissionUsedRequestParcel.request.permissionList.emplace_back("ohos.permission.LOCATION");
+
+    Parcel parcel;
+    EXPECT_EQ(true, permissionUsedRequestParcel.Marshalling(parcel));
+
+    std::shared_ptr<PermissionUsedRequestParcel> readedData(PermissionUsedRequestParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+
+    EXPECT_EQ(permissionUsedRequestParcel.request.tokenId, readedData->request.tokenId);
+    EXPECT_EQ(permissionUsedRequestParcel.request.isRemote, readedData->request.isRemote);
+    EXPECT_EQ(permissionUsedRequestParcel.request.deviceId, readedData->request.deviceId);
+    EXPECT_EQ(permissionUsedRequestParcel.request.bundleName, readedData->request.bundleName);
+    EXPECT_EQ(permissionUsedRequestParcel.request.beginTimeMillis, readedData->request.beginTimeMillis);
+    EXPECT_EQ(permissionUsedRequestParcel.request.endTimeMillis, readedData->request.endTimeMillis);
+    EXPECT_EQ(permissionUsedRequestParcel.request.flag, readedData->request.flag);
+
+    for(uint32_t i = 0; i < permissionUsedRequestParcel.request.permissionList.size(); i++) {
+        EXPECT_EQ(permissionUsedRequestParcel.request.permissionList[i], readedData->request.permissionList[i]);
+    }
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
-- 
Gitee


From 9c819979bde5c4c144b9602c2d7ad44932ce7b10 Mon Sep 17 00:00:00 2001
From: zhouyan <zhouyan128@huawei.com>
Date: Mon, 19 Sep 2022 20:37:53 +0800
Subject: [PATCH 38/51] =?UTF-8?q?=E5=B0=86=E9=9A=90=E7=A7=81=E7=9A=84parce?=
 =?UTF-8?q?l=20test=E5=90=88=E5=B9=B6=E4=B8=BAlibprivacy=5Fparcel=5Ftest?=
 =?UTF-8?q?=E6=B5=8B=E8=AF=95=E5=A5=97?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: zhouyan <zhouyan128@huawei.com>
Change-Id: I7660ba3b7303e5d304f170c93b467a3dcfa11211
---
 frameworks/privacy/test/BUILD.gn              |  50 +-----
 .../permission_used_request_parcel_test.cpp   |  82 ---------
 ...arcel_test.cpp => privacy_parcel_test.cpp} | 162 ++++++++++++++++--
 ..._parcel_test.cpp => privacy_parcel_test.h} |  50 +-----
 4 files changed, 155 insertions(+), 189 deletions(-)
 delete mode 100644 frameworks/privacy/test/unittest/src/permission_used_request_parcel_test.cpp
 rename frameworks/privacy/test/unittest/src/{permission_used_record_parcel_test.cpp => privacy_parcel_test.cpp} (43%)
 rename frameworks/privacy/test/unittest/src/{perm_active_response_parcel_test.cpp => privacy_parcel_test.h} (32%)

diff --git a/frameworks/privacy/test/BUILD.gn b/frameworks/privacy/test/BUILD.gn
index f85625c5b..b749dbe5c 100644
--- a/frameworks/privacy/test/BUILD.gn
+++ b/frameworks/privacy/test/BUILD.gn
@@ -23,52 +23,12 @@ config("accesstoken_test_config") {
   ]
 }
 
-ohos_unittest("libperm_active_response_parcel_test") {
+ohos_unittest("libprivacy_parcel_test") {
   subsystem_name = "security"
   part_name = "access_token"
   module_out_path = part_name + "/" + part_name
 
-  sources = [ "unittest/src/perm_active_response_parcel_test.cpp" ]
-
-  configs = [
-    ":accesstoken_test_config",
-    "//base/security/access_token/config:coverage_flags",
-  ]
-
-  deps = [ "//base/security/access_token/frameworks/privacy:privacy_communication_adapter_cxx" ]
-
-  external_deps = [
-    "c_utils:utils",
-    "ipc:ipc_single",
-  ]
-}
-
-ohos_unittest("libpermission_used_record_parcel_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
-
-  sources = [ "unittest/src/permission_used_record_parcel_test.cpp" ]
-
-  configs = [
-    ":accesstoken_test_config",
-    "//base/security/access_token/config:coverage_flags",
-  ]
-
-  deps = [ "//base/security/access_token/frameworks/privacy:privacy_communication_adapter_cxx" ]
-
-  external_deps = [
-    "c_utils:utils",
-    "ipc:ipc_single",
-  ]
-}
-
-ohos_unittest("libpermission_used_request_parcel_test") {
-  subsystem_name = "security"
-  part_name = "access_token"
-  module_out_path = part_name + "/" + part_name
-
-  sources = [ "unittest/src/permission_used_request_parcel_test.cpp" ]
+  sources = [ "unittest/src/privacy_parcel_test.cpp" ]
 
   configs = [
     ":accesstoken_test_config",
@@ -85,9 +45,5 @@ ohos_unittest("libpermission_used_request_parcel_test") {
 
 group("unittest") {
   testonly = true
-  deps = [
-    ":libperm_active_response_parcel_test",
-    ":libpermission_used_record_parcel_test",
-    ":libpermission_used_request_parcel_test",
-  ]
+  deps = [ ":libprivacy_parcel_test" ]
 }
diff --git a/frameworks/privacy/test/unittest/src/permission_used_request_parcel_test.cpp b/frameworks/privacy/test/unittest/src/permission_used_request_parcel_test.cpp
deleted file mode 100644
index 61c9ed8b9..000000000
--- a/frameworks/privacy/test/unittest/src/permission_used_request_parcel_test.cpp
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Copyright (c) 2022 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- 
-#include <gtest/gtest.h>
-#include <memory>
-#include <string>
-#include "permission_used_request_parcel.h"
-#include "parcel.h"
-
-using namespace testing::ext;
-
-namespace OHOS {
-namespace Security {
-namespace AccessToken {
-class PermissionUsedRequestParcelTest : public testing::Test  {
-public:
-    static void SetUpTestCase(void);
-    static void TearDownTestCase(void);
-    void SetUp();
-    void TearDown();
-};
-
-void PermissionUsedRequestParcelTest::SetUpTestCase(void) {}
-void PermissionUsedRequestParcelTest::TearDownTestCase(void) {}
-void PermissionUsedRequestParcelTest::SetUp(void) {}
-void PermissionUsedRequestParcelTest::TearDown(void) {}
-
-/**
- * @tc.name: PermissionUsedRequestParcel001
- * @tc.desc: Verify the PermissionUsedRequestParcel Marshalling and Unmarshalling function.
- * @tc.type: FUNC
- * @tc.require: issueI5RUP1
- */
-HWTEST_F(PermissionUsedRequestParcelTest, PermissionUsedRequestParcel001, TestSize.Level1)
-{
-    PermissionUsedRequestParcel permissionUsedRequestParcel;
-
-    permissionUsedRequestParcel.request = {
-        .tokenId = 100,
-        .isRemote = false,
-        .deviceId = "you guess",
-        .bundleName = "com.ohos.permissionmanager",
-        .beginTimeMillis = 0L,
-        .endTimeMillis = 0L,
-        .flag = FLAG_PERMISSION_USAGE_SUMMARY,
-    };
-    permissionUsedRequestParcel.request.permissionList.emplace_back("ohos.permission.CAMERA");
-    permissionUsedRequestParcel.request.permissionList.emplace_back("ohos.permission.LOCATION");
-
-    Parcel parcel;
-    EXPECT_EQ(true, permissionUsedRequestParcel.Marshalling(parcel));
-
-    std::shared_ptr<PermissionUsedRequestParcel> readedData(PermissionUsedRequestParcel::Unmarshalling(parcel));
-    EXPECT_EQ(true, readedData != nullptr);
-
-    EXPECT_EQ(permissionUsedRequestParcel.request.tokenId, readedData->request.tokenId);
-    EXPECT_EQ(permissionUsedRequestParcel.request.isRemote, readedData->request.isRemote);
-    EXPECT_EQ(permissionUsedRequestParcel.request.deviceId, readedData->request.deviceId);
-    EXPECT_EQ(permissionUsedRequestParcel.request.bundleName, readedData->request.bundleName);
-    EXPECT_EQ(permissionUsedRequestParcel.request.beginTimeMillis, readedData->request.beginTimeMillis);
-    EXPECT_EQ(permissionUsedRequestParcel.request.endTimeMillis, readedData->request.endTimeMillis);
-    EXPECT_EQ(permissionUsedRequestParcel.request.flag, readedData->request.flag);
-
-    for(uint32_t i = 0; i < permissionUsedRequestParcel.request.permissionList.size(); i++) {
-        EXPECT_EQ(permissionUsedRequestParcel.request.permissionList[i], readedData->request.permissionList[i]);
-    }
-}
-} // namespace AccessToken
-} // namespace Security
-} // namespace OHOS
diff --git a/frameworks/privacy/test/unittest/src/permission_used_record_parcel_test.cpp b/frameworks/privacy/test/unittest/src/privacy_parcel_test.cpp
similarity index 43%
rename from frameworks/privacy/test/unittest/src/permission_used_record_parcel_test.cpp
rename to frameworks/privacy/test/unittest/src/privacy_parcel_test.cpp
index 1bdfae5b6..007bf45a1 100644
--- a/frameworks/privacy/test/unittest/src/permission_used_record_parcel_test.cpp
+++ b/frameworks/privacy/test/unittest/src/privacy_parcel_test.cpp
@@ -13,11 +13,16 @@
  * limitations under the License.
  */
  
-#include <gtest/gtest.h>
+#include "privacy_parcel_test.h"
+
 #include <memory>
 #include <string>
-#include "permission_used_record_parcel.h"
+
+#include "bundle_used_record_parcel.h"
 #include "parcel.h"
+#include "perm_active_response_parcel.h"
+#include "permission_used_record_parcel.h"
+#include "permission_used_request_parcel.h"
 
 using namespace testing::ext;
 
@@ -48,19 +53,107 @@ UsedRecordDetail g_rejectRecord2 = {
     .timestamp = 3L,
     .accessDuration = 3L,
 };
-}
-class PermissionUsedRecordParcelTest : public testing::Test  {
-public:
-    static void SetUpTestCase(void);
-    static void TearDownTestCase(void);
-    void SetUp();
-    void TearDown();
+
+PermissionUsedRecord g_permissionRecord1 = {
+    .permissionName = "ohos.permission.CAMERA",
+    .accessCount = 2,
+    .rejectCount = 2,
+    .lastAccessTime = 0L,
+    .lastRejectTime = 0L,
+    .lastAccessDuration = 0L,
+};
+
+PermissionUsedRecord g_permissionRecord2 = {
+    .permissionName = "ohos.permission.LOCATION",
+    .accessCount = 2,
+    .rejectCount = 2,
+    .lastAccessTime = 1L,
+    .lastRejectTime = 1L,
+    .lastAccessDuration = 1L,
 };
+}
 
-void PermissionUsedRecordParcelTest::SetUpTestCase(void) {}
-void PermissionUsedRecordParcelTest::TearDownTestCase(void) {}
-void PermissionUsedRecordParcelTest::SetUp(void) {}
-void PermissionUsedRecordParcelTest::TearDown(void) {}
+void PrivacyParcelTest::SetUpTestCase()
+{
+}
+
+void PrivacyParcelTest::TearDownTestCase()
+{
+}
+
+void PrivacyParcelTest::SetUp()
+{
+}
+
+void PrivacyParcelTest::TearDown()
+{
+}
+
+/**
+ * @tc.name: BundleUsedRecordParcel001
+ * @tc.desc: Verify the CreateHapTokenInfo add one hap token function.
+ * @tc.type: FUNC
+ * @tc.require: issueI5RUCC
+ */
+HWTEST_F(PrivacyParcelTest, BundleUsedRecordParcel001, TestSize.Level1)
+{
+    BundleUsedRecordParcel bundleUsedRecordParcel;
+
+    bundleUsedRecordParcel.bundleRecord = {
+        .tokenId = 100,
+        .isRemote = false,
+        .deviceId = "you guess",
+        .bundleName = "com.ohos.permissionmanager",
+    };
+
+    g_permissionRecord1.accessRecords.emplace_back(g_accessRecord1);
+    g_permissionRecord1.accessRecords.emplace_back(g_accessRecord2);
+    g_permissionRecord2.rejectRecords.emplace_back(g_rejectRecord1);
+    g_permissionRecord2.rejectRecords.emplace_back(g_rejectRecord2);
+
+    bundleUsedRecordParcel.bundleRecord.permissionRecords.emplace_back(g_permissionRecord1);
+    bundleUsedRecordParcel.bundleRecord.permissionRecords.emplace_back(g_permissionRecord2);
+
+    Parcel parcel;
+    EXPECT_EQ(true, bundleUsedRecordParcel.Marshalling(parcel));
+
+    std::shared_ptr<BundleUsedRecordParcel> readedData(BundleUsedRecordParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+
+    EXPECT_EQ(bundleUsedRecordParcel.bundleRecord.tokenId, readedData->bundleRecord.tokenId);
+    EXPECT_EQ(bundleUsedRecordParcel.bundleRecord.isRemote, readedData->bundleRecord.isRemote);
+    EXPECT_EQ(bundleUsedRecordParcel.bundleRecord.deviceId, readedData->bundleRecord.deviceId);
+    EXPECT_EQ(bundleUsedRecordParcel.bundleRecord.bundleName, readedData->bundleRecord.bundleName);
+}
+
+/**
+ * @tc.name: ActiveChangeResponseParcel001
+ * @tc.desc: Verify ActiveChangeResponseParcel Marshalling and Unmarshalling function.
+ * @tc.type: FUNC
+ * @tc.require: issueI5RRLJ
+ */
+HWTEST_F(PrivacyParcelTest, ActiveChangeResponseParcel001, TestSize.Level1)
+{
+    ActiveChangeResponseParcel activeChangeResponseParcel;
+
+    activeChangeResponseParcel.changeResponse = {
+        .tokenID = 100,
+        .permissionName = "ohos.permission.CAMERA",
+        .deviceId = "you guess",
+        .type = PERM_INACTIVE,
+    };
+
+    Parcel parcel;
+    EXPECT_EQ(true, activeChangeResponseParcel.Marshalling(parcel));
+
+    std::shared_ptr<ActiveChangeResponseParcel> readedData(ActiveChangeResponseParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+
+    EXPECT_EQ(activeChangeResponseParcel.changeResponse.tokenID, readedData->changeResponse.tokenID);
+    EXPECT_EQ(activeChangeResponseParcel.changeResponse.permissionName, readedData->changeResponse.permissionName);
+    EXPECT_EQ(activeChangeResponseParcel.changeResponse.deviceId, readedData->changeResponse.deviceId);
+    EXPECT_EQ(activeChangeResponseParcel.changeResponse.type, readedData->changeResponse.type);
+}
 
 /**
  * @tc.name: PermissionUsedRecordParcel001
@@ -68,7 +161,7 @@ void PermissionUsedRecordParcelTest::TearDown(void) {}
  * @tc.type: FUNC
  * @tc.require: issueI5RUCC
  */
-HWTEST_F(PermissionUsedRecordParcelTest, PermissionUsedRecordParcel001, TestSize.Level1)
+HWTEST_F(PrivacyParcelTest, PermissionUsedRecordParcel001, TestSize.Level1)
 {
     PermissionUsedRecordParcel permissionUsedRecordParcel;
 
@@ -117,6 +210,47 @@ HWTEST_F(PermissionUsedRecordParcelTest, PermissionUsedRecordParcel001, TestSize
             readedData->permissionRecord.rejectRecords[i].accessDuration);
     }
 }
+
+/**
+ * @tc.name: PermissionUsedRequestParcel001
+ * @tc.desc: Verify the PermissionUsedRequestParcel Marshalling and Unmarshalling function.
+ * @tc.type: FUNC
+ * @tc.require: issueI5RUP1
+ */
+HWTEST_F(PrivacyParcelTest, PermissionUsedRequestParcel001, TestSize.Level1)
+{
+    PermissionUsedRequestParcel permissionUsedRequestParcel;
+
+    permissionUsedRequestParcel.request = {
+        .tokenId = 100,
+        .isRemote = false,
+        .deviceId = "you guess",
+        .bundleName = "com.ohos.permissionmanager",
+        .beginTimeMillis = 0L,
+        .endTimeMillis = 0L,
+        .flag = FLAG_PERMISSION_USAGE_SUMMARY,
+    };
+    permissionUsedRequestParcel.request.permissionList.emplace_back("ohos.permission.CAMERA");
+    permissionUsedRequestParcel.request.permissionList.emplace_back("ohos.permission.LOCATION");
+
+    Parcel parcel;
+    EXPECT_EQ(true, permissionUsedRequestParcel.Marshalling(parcel));
+
+    std::shared_ptr<PermissionUsedRequestParcel> readedData(PermissionUsedRequestParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+
+    EXPECT_EQ(permissionUsedRequestParcel.request.tokenId, readedData->request.tokenId);
+    EXPECT_EQ(permissionUsedRequestParcel.request.isRemote, readedData->request.isRemote);
+    EXPECT_EQ(permissionUsedRequestParcel.request.deviceId, readedData->request.deviceId);
+    EXPECT_EQ(permissionUsedRequestParcel.request.bundleName, readedData->request.bundleName);
+    EXPECT_EQ(permissionUsedRequestParcel.request.beginTimeMillis, readedData->request.beginTimeMillis);
+    EXPECT_EQ(permissionUsedRequestParcel.request.endTimeMillis, readedData->request.endTimeMillis);
+    EXPECT_EQ(permissionUsedRequestParcel.request.flag, readedData->request.flag);
+
+    for(uint32_t i = 0; i < permissionUsedRequestParcel.request.permissionList.size(); i++) {
+        EXPECT_EQ(permissionUsedRequestParcel.request.permissionList[i], readedData->request.permissionList[i]);
+    }
+}
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
diff --git a/frameworks/privacy/test/unittest/src/perm_active_response_parcel_test.cpp b/frameworks/privacy/test/unittest/src/privacy_parcel_test.h
similarity index 32%
rename from frameworks/privacy/test/unittest/src/perm_active_response_parcel_test.cpp
rename to frameworks/privacy/test/unittest/src/privacy_parcel_test.h
index 5638e8c37..f18f664a9 100644
--- a/frameworks/privacy/test/unittest/src/perm_active_response_parcel_test.cpp
+++ b/frameworks/privacy/test/unittest/src/privacy_parcel_test.h
@@ -14,60 +14,18 @@
  */
  
 #include <gtest/gtest.h>
-#include <memory>
-#include <string>
-#include "perm_active_response_parcel.h"
-#include "parcel.h"
-
-using namespace testing::ext;
 
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-namespace {
-
-}
-class ActiveChangeResponseParcelTest : public testing::Test  {
+class PrivacyParcelTest : public testing::Test  {
 public:
-    static void SetUpTestCase(void);
-    static void TearDownTestCase(void);
+    static void SetUpTestCase();
+    static void TearDownTestCase();
+
     void SetUp();
     void TearDown();
 };
-
-void ActiveChangeResponseParcelTest::SetUpTestCase(void) {}
-void ActiveChangeResponseParcelTest::TearDownTestCase(void) {}
-void ActiveChangeResponseParcelTest::SetUp(void) {}
-void ActiveChangeResponseParcelTest::TearDown(void) {}
-
-/**
- * @tc.name: ActiveChangeResponseParcel001
- * @tc.desc: Verify ActiveChangeResponseParcel Marshalling and Unmarshalling function.
- * @tc.type: FUNC
- * @tc.require: issueI5RRLJ
- */
-HWTEST_F(ActiveChangeResponseParcelTest, ActiveChangeResponseParcel001, TestSize.Level1)
-{
-    ActiveChangeResponseParcel activeChangeResponseParcel;
-
-    activeChangeResponseParcel.changeResponse = {
-        .tokenID = 100,
-        .permissionName = "ohos.permission.CAMERA",
-        .deviceId = "you guess",
-        .type = PERM_INACTIVE,
-    };
-
-    Parcel parcel;
-    EXPECT_EQ(true, activeChangeResponseParcel.Marshalling(parcel));
-
-    std::shared_ptr<ActiveChangeResponseParcel> readedData(ActiveChangeResponseParcel::Unmarshalling(parcel));
-    EXPECT_EQ(true, readedData != nullptr);
-
-    EXPECT_EQ(activeChangeResponseParcel.changeResponse.tokenID, readedData->changeResponse.tokenID);
-    EXPECT_EQ(activeChangeResponseParcel.changeResponse.permissionName, readedData->changeResponse.permissionName);
-    EXPECT_EQ(activeChangeResponseParcel.changeResponse.deviceId, readedData->changeResponse.deviceId);
-    EXPECT_EQ(activeChangeResponseParcel.changeResponse.type, readedData->changeResponse.type);
-}
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
-- 
Gitee


From 66c6dc201de9bb36275194c92bdf46fc44ca47b2 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Tue, 20 Sep 2022 09:13:36 +0800
Subject: [PATCH 39/51] Signed-off-by: y1585740638 <yulei99@huawei.com>
 Change-Id: Ic00e3bfe595a9dc9bb0f3114c392b9fa4e8f6b3f

---
 .../innerkits/privacy/test/unittest/src/privacy_kit_test.cpp   | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
index 905ea5ed1..876b77b3e 100644
--- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
+++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
@@ -935,9 +935,8 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback007, TestSize.Level1)
  * @tc.name: IsAllowedUsingPermission001
  * @tc.desc: IsAllowedUsingPermission with invalid tokenId or permission.
  * @tc.type: FUNC
- * @tc.require: issueI5NT1X
+ * @tc.require: issueI5RWX3 issueI5RWX8
  */
-
 HWTEST_F(PrivacyKitTest, IsAllowedUsingPermission001, TestSize.Level1)
 {
     std::string permissionName = "ohos.permission.CAMERA";
-- 
Gitee


From ce796d12a89de9b90c8377a8a5eb74648209a41c Mon Sep 17 00:00:00 2001
From: lsq <linshuqing2@huawei.com>
Date: Mon, 19 Sep 2022 13:03:14 +0800
Subject: [PATCH 40/51] =?UTF-8?q?=E6=9D=83=E9=99=90=E6=95=B4=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: lsq <linshuqing2@huawei.com>
Change-Id: If88aeaeca044ba7cb6df2be03ef90119bcd05e30
Signed-off-by: lsq <linshuqing2@huawei.com>
---
 .../unittest/src/accesstoken_kit_test.cpp     | 28 ++++++
 .../unittest/src/remote_token_kit_test.cpp    | 19 +---
 .../service/accesstoken_manager_stub.h        |  7 +-
 .../src/service/accesstoken_manager_stub.cpp  | 91 +++++++++++--------
 .../include/service/token_sync_manager_stub.h |  3 +
 .../src/service/token_sync_manager_stub.cpp   | 28 ++++--
 .../test/unittest/token_sync_service/BUILD.gn |  2 +
 .../token_sync_service_test.cpp               | 64 ++++++++++++-
 8 files changed, 178 insertions(+), 64 deletions(-)

diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
index 418d300f5..810738268 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
@@ -223,6 +223,32 @@ PermissionStateFull g_locationTestStateAccurate12 = {
 };
 }
 
+void NativeTokenGet()
+{
+    uint64_t tokenId;
+    const char **perms = new const char *[4];
+    perms[0] = "ohos.permission.DISTRIBUTED_DATASYNC";
+    perms[1] = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS";
+    perms[2] = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS";
+    perms[3] = "ohos.permission.GET_SENSITIVE_PERMISSIONS";
+
+    NativeTokenInfoParams infoInstance = {
+        .dcapsNum = 0,
+        .permsNum = 4,
+        .aclsNum = 0,
+        .dcaps = nullptr,
+        .perms = perms,
+        .acls = nullptr,
+        .aplStr = "system_core",
+    };
+
+    infoInstance.processName = "TestCase";
+    tokenId = GetAccessTokenId(&infoInstance);
+    SetSelfTokenID(tokenId);
+    AccessTokenKit::ReloadNativeTokenInfo();
+    delete[] perms;
+}
+
 void AccessTokenKitTest::SetUpTestCase()
 {
     // make test case clean
@@ -233,6 +259,8 @@ void AccessTokenKitTest::SetUpTestCase()
 
     tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenKit::DeleteToken(tokenID);
+
+    NativeTokenGet();
 }
 
 void AccessTokenKitTest::TearDownTestCase()
diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
index c556aa68c..53ceb84d9 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp
@@ -120,24 +120,9 @@ HapPolicyParams g_infoManagerTestPolicyPramsBak = {
 void NativeTokenGet()
 {
     uint64_t tokenId;
-    const char **perms = new const char *[1];
-    perms[0] = "ohos.permission.DISTRIBUTED_DATASYNC"; // system_core
-    NativeTokenInfoParams infoInstance = {
-        .dcapsNum = 0,
-        .permsNum = 1,
-        .aclsNum = 0,
-        .dcaps = nullptr,
-        .perms = perms,
-        .acls = nullptr,
-        .aplStr = "system_basic",
-    };
-
-    infoInstance.processName = "SetUpTestCase";
-    tokenId = GetAccessTokenId(&infoInstance);
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetUpTestCase tokenId is %{public}d", static_cast<AccessTokenID>(tokenId));
+    tokenId = AccessTokenKit::GetNativeTokenId("token_sync_service");
+    ASSERT_NE(tokenId, 0);
     SetSelfTokenID(tokenId);
-    AccessTokenKit::ReloadNativeTokenInfo();
-    delete[] perms;
 }
 
 void RemoteTokenKitTest::SetUpTestCase()
diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h
index 6fb115250..2c80e16c6 100644
--- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h
+++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h
@@ -71,13 +71,16 @@ private:
 
     void DumpTokenInfoInner(MessageParcel& data, MessageParcel& reply);
 
-    bool IsAuthorizedCalling() const;
-    bool IsAccessTokenCalling() const;
+    bool IsPrivilegedCalling() const;
+    bool IsAccessTokenCalling();
     bool IsNativeProcessCalling();
+    bool IsFoundationCalling() const;
     static const int32_t SYSTEM_UID = 1000;
     static const int32_t ROOT_UID = 0;
     static const int32_t ACCESSTOKEN_UID = 3020;
 
+    AccessTokenID tokenSyncId_ = 0;
+
     using RequestFuncType = void (AccessTokenManagerStub::*)(MessageParcel &data, MessageParcel &reply);
     std::map<uint32_t, RequestFuncType> requestFuncMap_;
 };
diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
index a678b5782..a9d6572b1 100644
--- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
+++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
@@ -59,7 +59,7 @@ int32_t AccessTokenManagerStub::OnRemoteRequest(
 
 void AccessTokenManagerStub::DeleteTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling()) {
+    if (!IsFoundationCalling() && !IsPrivilegedCalling()) {
         ACCESSTOKEN_LOG_INFO(LABEL, "permission denied");
         reply.WriteInt32(RET_FAILED);
         return;
@@ -148,7 +148,7 @@ void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, Message
     ACCESSTOKEN_LOG_INFO(LABEL, "callingTokenID: %{public}u", callingTokenID);
     AccessTokenID tokenID = data.ReadUint32();
     std::string permissionName = data.ReadString();
-    if (!IsAuthorizedCalling() &&
+    if (!IsPrivilegedCalling() &&
         VerifyAccessToken(callingTokenID, GRANT_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED &&
         VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED &&
         VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
@@ -167,7 +167,7 @@ void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessagePa
     AccessTokenID tokenID = data.ReadUint32();
     std::string permissionName = data.ReadString();
     int flag = data.ReadInt32();
-    if (!IsAuthorizedCalling() &&
+    if (!IsPrivilegedCalling() && !IsFoundationCalling() &&
         VerifyAccessToken(callingTokenID, GRANT_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
         HiviewDFX::HiSysEvent::Write(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
             HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR,
@@ -187,7 +187,7 @@ void AccessTokenManagerStub::RevokePermissionInner(MessageParcel& data, MessageP
     AccessTokenID tokenID = data.ReadUint32();
     std::string permissionName = data.ReadString();
     int flag = data.ReadInt32();
-    if (!IsAuthorizedCalling() &&
+    if (!IsPrivilegedCalling() && !IsFoundationCalling() &&
         VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
         HiviewDFX::HiSysEvent::Write(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
             HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR,
@@ -202,6 +202,16 @@ void AccessTokenManagerStub::RevokePermissionInner(MessageParcel& data, MessageP
 
 void AccessTokenManagerStub::ClearUserGrantedPermissionStateInner(MessageParcel& data, MessageParcel& reply)
 {
+    uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if (!IsPrivilegedCalling() && !IsFoundationCalling() &&
+        VerifyAccessToken(callingTokenID, REVOKE_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+        HiviewDFX::HiSysEvent::Write(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_VERIFY_REPORT",
+            HiviewDFX::HiSysEvent::EventType::SECURITY, "CODE", VERIFY_PERMISSION_ERROR,
+            "CALLER_TOKENID", callingTokenID);
+        ACCESSTOKEN_LOG_ERROR(LABEL, "permission denied(tokenID=%{public}d)", callingTokenID);
+        reply.WriteInt32(RET_FAILED);
+        return;
+    }
     AccessTokenID tokenID = data.ReadUint32();
     int result = this->ClearUserGrantedPermissionState(tokenID);
     reply.WriteInt32(result);
@@ -210,7 +220,7 @@ void AccessTokenManagerStub::ClearUserGrantedPermissionStateInner(MessageParcel&
 void AccessTokenManagerStub::AllocHapTokenInner(MessageParcel& data, MessageParcel& reply)
 {
     AccessTokenIDEx res = {0};
-    if (!IsAuthorizedCalling()) {
+    if (!IsFoundationCalling() && !IsPrivilegedCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -236,7 +246,7 @@ void AccessTokenManagerStub::GetTokenTypeInner(MessageParcel& data, MessageParce
 
 void AccessTokenManagerStub::CheckNativeDCapInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsNativeProcessCalling()) {
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -249,7 +259,7 @@ void AccessTokenManagerStub::CheckNativeDCapInner(MessageParcel& data, MessagePa
 
 void AccessTokenManagerStub::GetHapTokenIDInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsNativeProcessCalling()) {
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(INVALID_TOKENID);
         return;
@@ -263,7 +273,7 @@ void AccessTokenManagerStub::GetHapTokenIDInner(MessageParcel& data, MessageParc
 
 void AccessTokenManagerStub::AllocLocalTokenIDInner(MessageParcel& data, MessageParcel& reply)
 {
-    if ((!IsAuthorizedCalling()) && (!IsNativeProcessCalling())) {
+    if ((!IsNativeProcessCalling()) && !IsPrivilegedCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(INVALID_TOKENID);
         return;
@@ -276,7 +286,7 @@ void AccessTokenManagerStub::AllocLocalTokenIDInner(MessageParcel& data, Message
 
 void AccessTokenManagerStub::UpdateHapTokenInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling()) {
+    if (!IsFoundationCalling() && !IsPrivilegedCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -296,7 +306,7 @@ void AccessTokenManagerStub::UpdateHapTokenInner(MessageParcel& data, MessagePar
 
 void AccessTokenManagerStub::GetHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsNativeProcessCalling()) {
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -310,7 +320,7 @@ void AccessTokenManagerStub::GetHapTokenInfoInner(MessageParcel& data, MessagePa
 
 void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsNativeProcessCalling()) {
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -325,8 +335,7 @@ void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, Messag
 void AccessTokenManagerStub::RegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply)
 {
     uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if (!IsAuthorizedCalling() &&
-        VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+    if (VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "permission denied(tokenID=%{public}d)", callingTokenID);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -349,8 +358,7 @@ void AccessTokenManagerStub::RegisterPermStateChangeCallbackInner(MessageParcel&
 void AccessTokenManagerStub::UnRegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply)
 {
     uint32_t callingTokenID = IPCSkeleton::GetCallingTokenID();
-    if (!IsAuthorizedCalling() &&
-        VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
+    if (VerifyAccessToken(callingTokenID, GET_SENSITIVE_PERMISSIONS) == PERMISSION_DENIED) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "permission denied(tokenID=%{public}d)", callingTokenID);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -367,13 +375,18 @@ void AccessTokenManagerStub::UnRegisterPermStateChangeCallbackInner(MessageParce
 
 void AccessTokenManagerStub::ReloadNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
+    if (!IsPrivilegedCalling()) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
+        reply.WriteUint32(RET_FAILED);
+        return;
+    }
     int32_t result = this->ReloadNativeTokenInfo();
     reply.WriteInt32(result);
 }
 
 void AccessTokenManagerStub::GetNativeTokenIdInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsNativeProcessCalling()) {
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteUint32(INVALID_TOKENID);
         return;
@@ -390,7 +403,7 @@ void AccessTokenManagerStub::GetNativeTokenIdInner(MessageParcel& data, MessageP
 #ifdef TOKEN_SYNC_ENABLE
 void AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) {
+    if (!IsAccessTokenCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -405,7 +418,7 @@ void AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner(MessageParcel& data,
 
 void AccessTokenManagerStub::GetAllNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) {
+    if (!IsAccessTokenCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -421,7 +434,7 @@ void AccessTokenManagerStub::GetAllNativeTokenInfoInner(MessageParcel& data, Mes
 
 void AccessTokenManagerStub::SetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) {
+    if (!IsAccessTokenCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -439,7 +452,7 @@ void AccessTokenManagerStub::SetRemoteHapTokenInfoInner(MessageParcel& data, Mes
 
 void AccessTokenManagerStub::SetRemoteNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) {
+    if (!IsAccessTokenCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -469,7 +482,7 @@ void AccessTokenManagerStub::SetRemoteNativeTokenInfoInner(MessageParcel& data,
 
 void AccessTokenManagerStub::DeleteRemoteTokenInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) {
+    if (!IsAccessTokenCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -483,7 +496,7 @@ void AccessTokenManagerStub::DeleteRemoteTokenInner(MessageParcel& data, Message
 
 void AccessTokenManagerStub::GetRemoteNativeTokenIDInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) {
+    if (!IsAccessTokenCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(INVALID_TOKENID);
         return;
@@ -497,7 +510,7 @@ void AccessTokenManagerStub::GetRemoteNativeTokenIDInner(MessageParcel& data, Me
 
 void AccessTokenManagerStub::DeleteRemoteDeviceTokensInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) {
+    if (!IsAccessTokenCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -511,7 +524,7 @@ void AccessTokenManagerStub::DeleteRemoteDeviceTokensInner(MessageParcel& data,
 
 void AccessTokenManagerStub::DumpTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsNativeProcessCalling()) {
+    if (!IsNativeProcessCalling() && !IsPrivilegedCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -522,28 +535,34 @@ void AccessTokenManagerStub::DumpTokenInfoInner(MessageParcel& data, MessageParc
     reply.WriteString(dumpInfo);
 }
 
-bool AccessTokenManagerStub::IsAuthorizedCalling() const
+bool AccessTokenManagerStub::IsPrivilegedCalling() const
 {
-    int callingUid = IPCSkeleton::GetCallingUid();
+    // shell process is root in debug mode.
+    int32_t callingUid = IPCSkeleton::GetCallingUid();
     ACCESSTOKEN_LOG_INFO(LABEL, "Calling uid: %{public}d", callingUid);
-    return callingUid == SYSTEM_UID || callingUid == ROOT_UID || callingUid == FOUNDATION_UID;
+    return callingUid == SYSTEM_UID || callingUid == ROOT_UID;
 }
 
-bool AccessTokenManagerStub::IsAccessTokenCalling() const
+bool AccessTokenManagerStub::IsFoundationCalling() const
 {
-    int callingUid = IPCSkeleton::GetCallingUid();
-    return callingUid == ACCESSTOKEN_UID;
+    int32_t callingUid = IPCSkeleton::GetCallingUid();
+    ACCESSTOKEN_LOG_INFO(LABEL, "Calling uid: %{public}d", callingUid);
+    return callingUid == FOUNDATION_UID;
+}
+
+bool AccessTokenManagerStub::IsAccessTokenCalling()
+{
+    int tokenCaller = IPCSkeleton::GetCallingTokenID();
+    if (tokenSyncId_ == 0) {
+        tokenSyncId_ = this->GetNativeTokenId("token_sync_service");
+    }
+    return tokenCaller == tokenSyncId_;
 }
 
 bool AccessTokenManagerStub::IsNativeProcessCalling()
 {
     AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
-    int32_t type = this->GetTokenType(tokenCaller);
-    ACCESSTOKEN_LOG_DEBUG(LABEL, "Calling tokenID: %{public}d, type: %{public}d", tokenCaller, type);
-    if ((type != TOKEN_NATIVE) && (type != TOKEN_SHELL)) {
-        return false;
-    }
-    return true;
+    return this->GetTokenType(tokenCaller) == TOKEN_NATIVE;
 }
 
 AccessTokenManagerStub::AccessTokenManagerStub()
diff --git a/services/tokensyncmanager/include/service/token_sync_manager_stub.h b/services/tokensyncmanager/include/service/token_sync_manager_stub.h
index f16fd8dd7..ed587de81 100644
--- a/services/tokensyncmanager/include/service/token_sync_manager_stub.h
+++ b/services/tokensyncmanager/include/service/token_sync_manager_stub.h
@@ -34,6 +34,9 @@ private:
     void GetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply);
     void DeleteRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply);
     void UpdateRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply);
+
+    bool IsNativeProcessCalling() const;
+    bool IsRootCalling() const;
 };
 } // namespace AccessToken
 } // namespace Security
diff --git a/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
index 82aee9538..c3335a2f4 100644
--- a/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
+++ b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
@@ -26,6 +26,7 @@ namespace Security {
 namespace AccessToken {
 namespace {
 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncManagerStub"};
+static const int32_t ROOT_UID = 0;
 }
 
 int32_t TokenSyncManagerStub::OnRemoteRequest(
@@ -53,15 +54,29 @@ int32_t TokenSyncManagerStub::OnRemoteRequest(
     return NO_ERROR;
 }
 
-void TokenSyncManagerStub::GetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
+bool TokenSyncManagerStub::IsNativeProcessCalling() const
 {
     AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
     int type = (reinterpret_cast<AccessTokenIDInner *>(&tokenCaller))->type;
-    if ((type != TOKEN_NATIVE) && (type != TOKEN_SHELL)) {
+    ACCESSTOKEN_LOG_DEBUG(LABEL, "Calling type: %{public}d", type);
+    return type == TOKEN_NATIVE;
+}
+
+bool TokenSyncManagerStub::IsRootCalling() const
+{
+    int callingUid = IPCSkeleton::GetCallingUid();
+    ACCESSTOKEN_LOG_DEBUG(LABEL, "Calling uid: %{public}d", callingUid);
+    return callingUid == ROOT_UID;
+}
+
+void TokenSyncManagerStub::GetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
+{
+    if (!IsRootCalling() && !IsNativeProcessCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
     }
+
     std::string deviceID = data.ReadString();
     AccessTokenID tokenID = data.ReadUint32();
 
@@ -72,9 +87,7 @@ void TokenSyncManagerStub::GetRemoteHapTokenInfoInner(MessageParcel& data, Messa
 
 void TokenSyncManagerStub::DeleteRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
-    AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
-    int type = (reinterpret_cast<AccessTokenIDInner *>(&tokenCaller))->type;
-    if ((type != TOKEN_NATIVE) && (type != TOKEN_SHELL)) {
+    if (!IsRootCalling() && !IsNativeProcessCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -87,13 +100,12 @@ void TokenSyncManagerStub::DeleteRemoteHapTokenInfoInner(MessageParcel& data, Me
 
 void TokenSyncManagerStub::UpdateRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
-    AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
-    int type = (reinterpret_cast<AccessTokenIDInner *>(&tokenCaller))->type;
-    if ((type != TOKEN_NATIVE) && (type != TOKEN_SHELL)) {
+    if (!IsRootCalling() && !IsNativeProcessCalling()) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
     }
+
     sptr<HapTokenInfoForSyncParcel> tokenInfoParcelPtr = data.ReadParcelable<HapTokenInfoForSyncParcel>();
     int result = RET_FAILED;
     if (tokenInfoParcelPtr != nullptr) {
diff --git a/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn b/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn
index 9252861a6..0fae85ace 100644
--- a/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn
+++ b/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn
@@ -67,12 +67,14 @@ ohos_unittest("libtoken_sync_service_sdk_test") {
     "//foundation/communication/dsoftbus/interfaces/kits/common",
     "//foundation/communication/dsoftbus/interfaces/kits/bus_center",
     "//foundation/distributedhardware/device_manager/interfaces/inner_kits/native_cpp/include",
+    "//base/security/access_token/interfaces/innerkits/token_setproc/include",
   ]
 
   deps = [
     "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx",
     "//base/security/access_token/frameworks/common:accesstoken_common_cxx",
     "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
+    "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc",
     "//foundation/distributedhardware/device_manager/interfaces/inner_kits/native_cpp:devicemanagersdk",
     "//third_party/zlib:libz",
   ]
diff --git a/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp b/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp
index 3cc859af7..a5adc86de 100644
--- a/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp
+++ b/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp
@@ -32,6 +32,7 @@
 #include "device_info.h"
 #include "soft_bus_device_connection_listener.h"
 #include "soft_bus_session_listener.h"
+#include "token_setproc.h"
 #include "device_info_manager.h"
 
 #define private public
@@ -63,8 +64,19 @@ TokenSyncServiceTest::TokenSyncServiceTest()
 }
 TokenSyncServiceTest::~TokenSyncServiceTest()
 {}
+
+void NativeTokenGet()
+{
+    uint64_t tokenId;
+    tokenId = AccessTokenKit::GetNativeTokenId("token_sync_service");
+    ASSERT_NE(tokenId, 0);
+    SetSelfTokenID(tokenId);
+}
+
 void TokenSyncServiceTest::SetUpTestCase()
-{}
+{
+    NativeTokenGet();
+}
 void TokenSyncServiceTest::TearDownTestCase()
 {}
 void TokenSyncServiceTest::SetUp()
@@ -406,6 +418,56 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo007, TestSize.Level1)
     ASSERT_EQ(mapID, (AccessTokenID)0);
 }
 
+/**
+ * @tc.name: GetRemoteHapTokenInfo008
+ * @tc.desc: test remote hap recv func, tokenID is not exist
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6T5 AR000GK6T9
+ */
+HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo008, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "GetRemoteHapTokenInfo008 start.");
+    // create local token
+    AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID,
+                                                          g_infoManagerTestInfoParms.bundleName,
+                                                          g_infoManagerTestInfoParms.instIndex);
+    AccessTokenKit::DeleteToken(tokenID);
+
+    // tokenID is not exist
+    std::string jsonBefore =
+        "{\"commandName\":\"SyncRemoteHapTokenCommand\",\"id\":\"0065e65f-\",\"jsonPayload\":"
+        "\"{\\\"HapTokenInfo\\\":{\\\"apl\\\":1,\\\"appID\\\":\\\"\\\",\\\"bundleName\\\":\\\"\\\","
+        "\\\"deviceID\\\":\\\"\\\",\\\"instIndex\\\":0,\\\"permState\\\":null,\\\"tokenAttr\\\":0,"
+        "\\\"tokenID\\\":0,\\\"userID\\\":0,\\\"version\\\":1},\\\"commandName\\\":\\\"SyncRemoteHapTokenCommand\\\","
+        "\\\"dstDeviceId\\\":\\\"local:udid-001\\\",\\\"dstDeviceLevel\\\":\\\"\\\",\\\"message\\\":\\\"success\\\","
+        "\\\"requestTokenId\\\":";
+    std::string tokenJsonStr = std::to_string(tokenID);
+    std::string jsonAfter = ",\\\"requestVersion\\\":2,\\\"responseDeviceId\\\":\\\"\\\",\\\"responseVersion\\\":2,"
+        "\\\"srcDeviceId\\\":\\\"deviceid-1:udid-001\\\",\\\"srcDeviceLevel\\\":\\\"\\\",\\\"statusCode\\\":100001,"
+        "\\\"uniqueId\\\":\\\"SyncRemoteHapTokenCommand\\\"}\",\"type\":\"request\"}";
+
+    // create recv message
+    std::string recvJson = jsonBefore + tokenJsonStr + jsonAfter;
+    unsigned char *recvBuffer = (unsigned char *)malloc(0x1000);
+    int recvLen = 0x1000;
+    CompressMock(recvJson, recvBuffer, recvLen);
+
+    ResetSendMessFlagMock();
+    g_ptrDeviceStateCallback->OnDeviceOnline(g_devInfo);
+    SoftBusSessionListener::OnBytesReceived(1, recvBuffer, recvLen);
+
+    int count = 0;
+    while (!GetSendMessFlagMock() && count < 10) {
+        sleep(1);
+        count ++;
+    }
+    free(recvBuffer);
+
+    ResetSendMessFlagMock();
+    std::string uuidMessage = GetUuidMock();
+    ASSERT_EQ(uuidMessage, "0065e65f-");
+}
+
 /**
  * @tc.name: SyncNativeTokens001
  * @tc.desc: when device is online, sync remote nativetokens which have dcap
-- 
Gitee


From 4341e0d82b0b582654840785c617e3988b465259 Mon Sep 17 00:00:00 2001
From: y1585740638 <yulei99@huawei.com>
Date: Tue, 20 Sep 2022 10:25:52 +0800
Subject: [PATCH 41/51] =?UTF-8?q?privacy=5Fkit=5Ftest=E6=B5=8B=E8=AF=95?=
 =?UTF-8?q?=E6=96=87=E4=BB=B6=E6=95=B4=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: y1585740638 <yulei99@huawei.com>
Change-Id: Ifd6a4c9ce9741c7449480cc6c92b6f5e7d47559b
---
 .../privacy/test/unittest/src/privacy_kit_test.cpp        | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
index 876b77b3e..e4e362bdd 100644
--- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
+++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
@@ -738,7 +738,6 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level1)
     ASSERT_EQ(PERM_INACTIVE, callbackPtr->type_);
 }
 
-
 class CbCustomizeTest3 : public PermActiveStatusCustomizedCbk {
 public:
     explicit CbCustomizeTest3(const std::vector<std::string> &permList)
@@ -759,7 +758,6 @@ public:
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X issueI5P4IU issueI5P530
  */
-
 HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback002, TestSize.Level1)
 {
     std::vector<std::string> permList1 = {"ohos.permission.CAMERA"};
@@ -820,7 +818,6 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback002, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-
 HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback003, TestSize.Level1)
 {
     std::vector<std::string> permList;
@@ -845,7 +842,6 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback003, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-
 HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback004, TestSize.Level1)
 {
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
@@ -877,7 +873,6 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback004, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-
 HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback005, TestSize.Level1)
 {
     std::vector<std::string> permList = {"ohos.permission.INVALD"};
@@ -900,7 +895,6 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback005, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-
 HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback006, TestSize.Level1)
 {
 
@@ -916,7 +910,6 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback006, TestSize.Level1)
  * @tc.type: FUNC
  * @tc.require: issueI5NT1X
  */
-
 HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback007, TestSize.Level1)
 {
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
@@ -981,7 +974,6 @@ HWTEST_F(PrivacyKitTest, StartUsingPermission002, TestSize.Level1)
     ASSERT_EQ(RET_NO_ERROR, ret);
 }
 
-
 /**
  * @tc.name: StopUsingPermission003
  * @tc.desc: Add record when StopUsingPermission is called.
-- 
Gitee


From 5ccb11a8e7f3ff7ec1673adcd37bb9c85a728f3d Mon Sep 17 00:00:00 2001
From: chen <geyangchen1@h-partners.com>
Date: Tue, 20 Sep 2022 10:56:43 +0800
Subject: [PATCH 42/51] =?UTF-8?q?reviewbot=E6=B8=85=E9=9B=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: chen <geyangchen1@h-partners.com>
---
 .../privacy/test/unittest/src/privacy_kit_test.cpp |  1 -
 .../src/record/permission_record_manager.cpp       |  6 +++---
 .../src/service/token_sync_manager_stub.cpp        |  1 -
 .../test/mock/src/soft_bus_center_mock.cpp         |  4 ++--
 .../test/mock/src/soft_bus_session_mock.cpp        |  2 +-
 .../token_sync_service/token_sync_service_test.cpp |  4 ++--
 tools/accesstoken/src/atm_command.cpp              | 14 +++++++-------
 7 files changed, 15 insertions(+), 17 deletions(-)

diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
index 905ea5ed1..f890dd8c6 100644
--- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
+++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
@@ -903,7 +903,6 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback005, TestSize.Level1)
 
 HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback006, TestSize.Level1)
 {
-
     std::vector<std::string> permList = {"ohos.permission.CAMERA"};
     auto callbackPtr = std::make_shared<CbCustomizeTest3>(permList);
     int32_t res = PrivacyKit::UnRegisterPermActiveStatusCallback(callbackPtr);
diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp
index e37cfff6e..67aa001f2 100644
--- a/services/privacymanager/src/record/permission_record_manager.cpp
+++ b/services/privacymanager/src/record/permission_record_manager.cpp
@@ -490,7 +490,6 @@ int32_t PermissionRecordManager::StopUsingPermission(AccessTokenID tokenId, cons
         CallbackExecute(tokenId, permissionName, PERM_INACTIVE);
     }
 
-    // when StopUsingPermission and there is no permission with tokenId in cache, need to UnRegisterAppStatusChangeCallback
     if (!IsTokenIdExist(tokenId) && !SensitiveResourceManager::GetInstance().UnRegisterAppStatusChangeCallback(
         tokenId, AppStatusListener)) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId %{public}d unregiste app status change callback failed.", tokenId);
@@ -505,10 +504,11 @@ void PermissionRecordManager::PermListToString(const std::vector<std::string>& p
     std::string permStr;
     permStr = accumulate(permList.begin(), permList.end(), std::string(" "));
 
-    ACCESSTOKEN_LOG_INFO(LABEL, "permStr =%{public}s",permStr.c_str());
+    ACCESSTOKEN_LOG_INFO(LABEL, "permStr =%{public}s", permStr.c_str());
 }
 
-int32_t PermissionRecordManager::PermissionListFilter(const std::vector<std::string>& listSrc, std::vector<std::string>& listRes)
+int32_t PermissionRecordManager::PermissionListFilter(
+    const std::vector<std::string>& listSrc, std::vector<std::string>& listRes)
 {
     PermissionDef permissionDef;
     std::set<std::string> permSet;
diff --git a/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
index 82aee9538..1699d7098 100644
--- a/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
+++ b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
@@ -79,7 +79,6 @@ void TokenSyncManagerStub::DeleteRemoteHapTokenInfoInner(MessageParcel& data, Me
         reply.WriteInt32(RET_FAILED);
         return;
     }
-
     AccessTokenID tokenID = data.ReadUint32();
     int result = this->DeleteRemoteHapTokenInfo(tokenID);
     reply.WriteInt32(result);
diff --git a/services/tokensyncmanager/test/mock/src/soft_bus_center_mock.cpp b/services/tokensyncmanager/test/mock/src/soft_bus_center_mock.cpp
index 946472495..6ac2e75a8 100644
--- a/services/tokensyncmanager/test/mock/src/soft_bus_center_mock.cpp
+++ b/services/tokensyncmanager/test/mock/src/soft_bus_center_mock.cpp
@@ -52,13 +52,13 @@ int32_t GetNodeKeyInfo(const char *pkgName, const char *networkId, NodeDeviceInf
     if (key == NodeDeviceInfoKey::NODE_KEY_UDID) {
         std::string temp = networkId;
         temp += ":udid-001";
-        strncpy_s((char *) info, infoLen, temp.c_str(), temp.length());
+        strncpy_s(reinterpret_cast<char *>(info), infoLen, temp.c_str(), temp.length());
         infoLen = temp.length();
     }
     if (key == NodeDeviceInfoKey::NODE_KEY_UUID) {
         std::string temp = networkId;
         temp += ":uuid-001";
-        strncpy_s((char *) info, infoLen, temp.c_str(), temp.length());
+        strncpy_s(reinterpret_cast<char *>(info), infoLen, temp.c_str(), temp.length());
     }
     ACCESSTOKEN_LOG_DEBUG(LABEL, "success, count: %{public}d, id: %{public}s", regCount_, info);
     return Constant::SUCCESS;
diff --git a/services/tokensyncmanager/test/mock/src/soft_bus_session_mock.cpp b/services/tokensyncmanager/test/mock/src/soft_bus_session_mock.cpp
index 6cb349e4d..5c2704a01 100644
--- a/services/tokensyncmanager/test/mock/src/soft_bus_session_mock.cpp
+++ b/services/tokensyncmanager/test/mock/src/soft_bus_session_mock.cpp
@@ -104,7 +104,7 @@ int SendBytes(int sessionId, const void *data, unsigned int len)
     if (sessionId == Constant::INVALID_SESSION) {
         return Constant::FAILURE;
     }
-    DecompressMock((unsigned char *) data, len);
+    DecompressMock(reinterpret_cast<unsigned char *>(data), len);
     g_sendMessFlag = true;
     return Constant::SUCCESS;
 }
diff --git a/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp b/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp
index 3cc859af7..fe36416b3 100644
--- a/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp
+++ b/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp
@@ -228,7 +228,7 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo002, TestSize.Level1)
     int count = 0;
     while (!GetSendMessFlagMock() && count < 10) {
         sleep(1);
-        count ++;
+        count++;
     }
     free(recvBuffer);
 
@@ -595,7 +595,7 @@ HWTEST_F(TokenSyncServiceTest, SyncNativeTokens005, TestSize.Level1)
     int count = 0;
     while (!GetSendMessFlagMock() && count < 10) {
         sleep(1);
-        count ++;
+        count++;
     }
     free(recvBuffer);
 
diff --git a/tools/accesstoken/src/atm_command.cpp b/tools/accesstoken/src/atm_command.cpp
index 3d80142ed..ac0690541 100644
--- a/tools/accesstoken/src/atm_command.cpp
+++ b/tools/accesstoken/src/atm_command.cpp
@@ -88,7 +88,7 @@ ErrCode AtmCommand::RunAsHelpCommand()
 
 ErrCode AtmCommand::RunAsDumpCommand()
 {
-    ErrCode result = ERR_OK;
+    ErrCode results = ERR_OK;
     OptType type = DEFAULT;
     uint32_t tokenId = 0;
     std::string permissionName = "";
@@ -102,25 +102,25 @@ ErrCode AtmCommand::RunAsDumpCommand()
 
         if (option == -1) {
             if (counter == 1) {
-                result = RunAsCommandError();
+                results = RunAsCommandError();
             }
             break;
         }
 
         if (option == '?') {
-            result = RunAsCommandMissingOptionArgument();
+            results = RunAsCommandMissingOptionArgument();
             break;
         }
 
-        result = RunAsCommandExistentOptionArgument(option, type, tokenId, permissionName);
+        results = RunAsCommandExistentOptionArgument(option, type, tokenId, permissionName);
     }
 
-    if (result != ERR_OK) {
+    if (results != ERR_OK) {
         resultReceiver_.append(HELP_MSG_DUMP + "\n");
     } else {
-        result = RunCommandByOperationType(type, tokenId, permissionName);
+        results = RunCommandByOperationType(type, tokenId, permissionName);
     }
-    return result;
+    return results;
 }
 
 ErrCode AtmCommand::RunAsPermCommand()
-- 
Gitee


From 18aed9b46dbd5fd963c246bf4a386503b27fbe17 Mon Sep 17 00:00:00 2001
From: zhouyan <zhouyan128@huawei.com>
Date: Tue, 20 Sep 2022 11:00:56 +0800
Subject: [PATCH 43/51] =?UTF-8?q?=E6=B7=BB=E5=8A=A0PermissionUsedResultPar?=
 =?UTF-8?q?cel=E6=B5=8B=E8=AF=95=E7=94=A8=E4=BE=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: zhouyan <zhouyan128@huawei.com>
Change-Id: I6a0418deeca9f3e47f6b9a19f0b07846660e85d5
---
 .../test/unittest/src/privacy_parcel_test.cpp | 49 +++++++++++++++++++
 1 file changed, 49 insertions(+)

diff --git a/frameworks/privacy/test/unittest/src/privacy_parcel_test.cpp b/frameworks/privacy/test/unittest/src/privacy_parcel_test.cpp
index 007bf45a1..46e0f9f79 100644
--- a/frameworks/privacy/test/unittest/src/privacy_parcel_test.cpp
+++ b/frameworks/privacy/test/unittest/src/privacy_parcel_test.cpp
@@ -23,6 +23,8 @@
 #include "perm_active_response_parcel.h"
 #include "permission_used_record_parcel.h"
 #include "permission_used_request_parcel.h"
+#include "permission_used_result_parcel.h"
+#include "used_record_detail_parcel.h"
 
 using namespace testing::ext;
 
@@ -71,6 +73,20 @@ PermissionUsedRecord g_permissionRecord2 = {
     .lastRejectTime = 1L,
     .lastAccessDuration = 1L,
 };
+
+BundleUsedRecord g_bundleUsedRecord1 = {
+    .tokenId = 100,
+    .isRemote = false,
+    .deviceId = "you guess",
+    .bundleName = "com.ohos.camera",
+};
+
+BundleUsedRecord g_bundleUsedRecord2 = {
+    .tokenId = 101,
+    .isRemote = false,
+    .deviceId = "i want to know too",
+    .bundleName = "com.ohos.permissionmanager",
+};
 }
 
 void PrivacyParcelTest::SetUpTestCase()
@@ -251,6 +267,39 @@ HWTEST_F(PrivacyParcelTest, PermissionUsedRequestParcel001, TestSize.Level1)
         EXPECT_EQ(permissionUsedRequestParcel.request.permissionList[i], readedData->request.permissionList[i]);
     }
 }
+
+/**
+ * @tc.name: PermissionUsedResultParcel001
+ * @tc.desc: Verify the PermissionUsedResultParcel Marshalling and Unmarshalling function.
+ * @tc.type: FUNC
+ * @tc.require: issueI5RWP4
+ */
+HWTEST_F(PrivacyParcelTest, PermissionUsedResultParcel001, TestSize.Level1)
+{
+    PermissionUsedResultParcel permissionUsedResultParcel;
+
+    permissionUsedResultParcel.result = {
+        .beginTimeMillis = 0L,
+        .endTimeMillis = 0L,
+    };
+
+    g_bundleUsedRecord1.permissionRecords.emplace_back(g_permissionRecord1);
+    g_bundleUsedRecord1.permissionRecords.emplace_back(g_permissionRecord2);
+    g_bundleUsedRecord2.permissionRecords.emplace_back(g_permissionRecord1);
+    g_bundleUsedRecord2.permissionRecords.emplace_back(g_permissionRecord2);
+
+    permissionUsedResultParcel.result.bundleRecords.emplace_back(g_bundleUsedRecord1);
+    permissionUsedResultParcel.result.bundleRecords.emplace_back(g_bundleUsedRecord2);
+
+    Parcel parcel;
+    EXPECT_EQ(true, permissionUsedResultParcel.Marshalling(parcel));
+
+    std::shared_ptr<PermissionUsedResultParcel> readedData(PermissionUsedResultParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+
+    EXPECT_EQ(permissionUsedResultParcel.result.beginTimeMillis, readedData->result.beginTimeMillis);
+    EXPECT_EQ(permissionUsedResultParcel.result.endTimeMillis, readedData->result.endTimeMillis);
+}
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
-- 
Gitee


From 99a51f2e85a898bca42bb008d8c298e95ab0296e Mon Sep 17 00:00:00 2001
From: chen <geyangchen1@h-partners.com>
Date: Tue, 20 Sep 2022 11:20:57 +0800
Subject: [PATCH 44/51] change

Signed-off-by: chen <geyangchen1@h-partners.com>
---
 .../tokensyncmanager/test/mock/src/soft_bus_session_mock.cpp    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/tokensyncmanager/test/mock/src/soft_bus_session_mock.cpp b/services/tokensyncmanager/test/mock/src/soft_bus_session_mock.cpp
index 5c2704a01..7826a7fc0 100644
--- a/services/tokensyncmanager/test/mock/src/soft_bus_session_mock.cpp
+++ b/services/tokensyncmanager/test/mock/src/soft_bus_session_mock.cpp
@@ -104,7 +104,7 @@ int SendBytes(int sessionId, const void *data, unsigned int len)
     if (sessionId == Constant::INVALID_SESSION) {
         return Constant::FAILURE;
     }
-    DecompressMock(reinterpret_cast<unsigned char *>(data), len);
+    DecompressMock(reinterpret_cast<const unsigned char *>(data), len);
     g_sendMessFlag = true;
     return Constant::SUCCESS;
 }
-- 
Gitee


From f4cec52a286ef216585589f2b1f59732d6a5a2c7 Mon Sep 17 00:00:00 2001
From: zhouyan <zhouyan128@huawei.com>
Date: Tue, 20 Sep 2022 11:58:48 +0800
Subject: [PATCH 45/51] =?UTF-8?q?=E6=B7=BB=E5=8A=A0UsedRecordDetailParcel?=
 =?UTF-8?q?=E6=B5=8B=E8=AF=95=E7=94=A8=E4=BE=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: zhouyan <zhouyan128@huawei.com>
Change-Id: Ie68f9c49a33996c4d4cdb7264196fb6ce0ab05bd
---
 .../test/unittest/src/privacy_parcel_test.cpp | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/frameworks/privacy/test/unittest/src/privacy_parcel_test.cpp b/frameworks/privacy/test/unittest/src/privacy_parcel_test.cpp
index 46e0f9f79..906e90238 100644
--- a/frameworks/privacy/test/unittest/src/privacy_parcel_test.cpp
+++ b/frameworks/privacy/test/unittest/src/privacy_parcel_test.cpp
@@ -300,6 +300,33 @@ HWTEST_F(PrivacyParcelTest, PermissionUsedResultParcel001, TestSize.Level1)
     EXPECT_EQ(permissionUsedResultParcel.result.beginTimeMillis, readedData->result.beginTimeMillis);
     EXPECT_EQ(permissionUsedResultParcel.result.endTimeMillis, readedData->result.endTimeMillis);
 }
+
+/**
+ * @tc.name: UsedRecordDetailParcel001
+ * @tc.desc: Verify the UsedRecordDetailParcel Marshalling and Unmarshalling function.
+ * @tc.type: FUNC
+ * @tc.require: issueI5RWP4
+ */
+HWTEST_F(PrivacyParcelTest, UsedRecordDetailParcel001, TestSize.Level1)
+{
+    UsedRecordDetailParcel usedRecordDetailParcel;
+
+    usedRecordDetailParcel.detail = {
+        .status = 0,
+        .timestamp = 0L,
+        .accessDuration = 0L,
+    };
+
+    Parcel parcel;
+    EXPECT_EQ(true, usedRecordDetailParcel.Marshalling(parcel));
+
+    std::shared_ptr<UsedRecordDetailParcel> readedData(UsedRecordDetailParcel::Unmarshalling(parcel));
+    EXPECT_EQ(true, readedData != nullptr);
+
+    EXPECT_EQ(usedRecordDetailParcel.detail.status, readedData->detail.status);
+    EXPECT_EQ(usedRecordDetailParcel.detail.timestamp, readedData->detail.timestamp);
+    EXPECT_EQ(usedRecordDetailParcel.detail.accessDuration, readedData->detail.accessDuration);
+}
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
-- 
Gitee


From fbad1cac84ce4f73411649d972fb323b295c6228 Mon Sep 17 00:00:00 2001
From: liushuling <liushuling1@huawei.com>
Date: Tue, 20 Sep 2022 13:43:24 +0800
Subject: [PATCH 46/51] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=B5=8B=E8=AF=95?=
 =?UTF-8?q?=E7=94=A8=E4=BE=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: liushuling <liushuling1@huawei.com>
Change-Id: I8ed142a568d10f80f65671062faccf7feee54d2e
---
 .../test/unittest/cpp/src/accesstoken_info_manager_test.cpp     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
index fb33d9c02..842bf8469 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
@@ -568,7 +568,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetUdidByNodeId001, TestSize.Level1)
  * @tc.name: DumpTokenInfo001
  * @tc.desc: Verify the DumpTokenInfo hap token function .
  * @tc.type: FUNC
- * @tc.require: Issue Number:I5RJBB
+ * @tc.require: Issue I5RJBB
  */
 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level1)
 {
-- 
Gitee


From 289b5e1ca6a566a845ec4f0ccb2cca9a18092607 Mon Sep 17 00:00:00 2001
From: liushuling <liushuling1@huawei.com>
Date: Tue, 20 Sep 2022 13:57:36 +0800
Subject: [PATCH 47/51] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=B5=8B=E8=AF=95?=
 =?UTF-8?q?=E7=94=A8=E4=BE=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: liushuling <liushuling1@huawei.com>
Change-Id: I2a9c732bd9f8355d1a810140b3803afb07e88b8e
---
 .../unittest/cpp/src/accesstoken_info_manager_test.cpp    | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
index 842bf8469..4b707cc37 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
@@ -486,7 +486,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenInfoFromRemote001, TestSize.Leve
  * @tc.name: RemoteHapTest001001
  * @tc.desc: Verify the RemoteHap token function .
  * @tc.type: FUNC
- * @tc.require: Issue I5RJBB
+ * @tc.require: issueI5RJBB
  */
 HWTEST_F(AccessTokenInfoManagerTest, RemoteHapTest001, TestSize.Level1)
 {
@@ -520,7 +520,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RemoteHapTest001, TestSize.Level1)
  * @tc.name: DeleteRemoteToken001
  * @tc.desc: Verify the DeleteRemoteToken normal and abnormal branch .
  * @tc.type: FUNC
- * @tc.require: Issue I5RJBB
+ * @tc.require: issueI5RJBB
  */
 HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken001, TestSize.Level1)
 {
@@ -554,7 +554,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken001, TestSize.Level1)
  * @tc.name: GetUdidByNodeId001
  * @tc.desc: Verify the GetUdidByNodeId abnormal branch.
  * @tc.type: FUNC
- * @tc.require: Issue I5RJBB
+ * @tc.require: issue5RJBB
  */
 HWTEST_F(AccessTokenInfoManagerTest, GetUdidByNodeId001, TestSize.Level1)
 {
@@ -568,7 +568,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetUdidByNodeId001, TestSize.Level1)
  * @tc.name: DumpTokenInfo001
  * @tc.desc: Verify the DumpTokenInfo hap token function .
  * @tc.type: FUNC
- * @tc.require: Issue I5RJBB
+ * @tc.require: issueI5RJBB
  */
 HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level1)
 {
-- 
Gitee


From bd2cf4274249a68f05b9785a6153d15a4d0fbf7e Mon Sep 17 00:00:00 2001
From: liushuling <liushuling1@huawei.com>
Date: Tue, 20 Sep 2022 14:10:30 +0800
Subject: [PATCH 48/51] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=B5=8B=E8=AF=95?=
 =?UTF-8?q?=E7=94=A8=E4=BE=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: liushuling <liushuling1@huawei.com>
Change-Id: I9c70ccb3b56e5c5a096b38b2e039d9ec30397654
---
 .../cpp/src/accesstoken_info_manager_test.cpp | 29 -------------------
 1 file changed, 29 deletions(-)

diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
index 4b707cc37..3131d57fd 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
@@ -563,35 +563,6 @@ HWTEST_F(AccessTokenInfoManagerTest, GetUdidByNodeId001, TestSize.Level1)
     ASSERT_EQ(result.empty(), true);
 }
 #endif
-
-/**
- * @tc.name: DumpTokenInfo001
- * @tc.desc: Verify the DumpTokenInfo hap token function .
- * @tc.type: FUNC
- * @tc.require: issueI5RJBB
- */
-HWTEST_F(AccessTokenInfoManagerTest, DumpTokenInfo001, TestSize.Level1)
-{
-    AccessTokenIDEx tokenIdEx = {0};
-    int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(
-        g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams, tokenIdEx);
-    ASSERT_EQ(RET_SUCCESS, ret);
-    GTEST_LOG_(INFO) << "add a hap token";
-
-    std::string dumpInfo;
-    AccessTokenInfoManager::GetInstance().DumpTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, dumpInfo);
-    ASSERT_EQ(dumpInfo.length() > 0, true);
-    GTEST_LOG_(INFO) << dumpInfo;
-
-    ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID);
-    ASSERT_EQ(RET_SUCCESS, ret);
-    GTEST_LOG_(INFO) << "remove the token info";
-
-    AccessTokenInfoManager::GetInstance().DumpTokenInfo(tokenIdEx.tokenIdExStruct.tokenID, dumpInfo);
-    ASSERT_EQ(dumpInfo.length() > 0, true);
-    GTEST_LOG_(INFO) << dumpInfo;
-}
-
 #ifdef SUPPORT_SANDBOX_APP
 static void PrepareJsonData1()
 {
-- 
Gitee


From 952ee317e25f9d6c5c57c4eb8a671be26eececbd Mon Sep 17 00:00:00 2001
From: liushuling <liushuling1@huawei.com>
Date: Tue, 20 Sep 2022 14:59:31 +0800
Subject: [PATCH 49/51] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8E=A5=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: liushuling <liushuling1@huawei.com>
Change-Id: Idd9fa2d4151609354e05295333b8b9f2f66cf20d
---
 .../src/service/privacy_manager_service.cpp               | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp
index fedbf036e..a48cae07e 100644
--- a/services/privacymanager/src/service/privacy_manager_service.cpp
+++ b/services/privacymanager/src/service/privacy_manager_service.cpp
@@ -141,13 +141,7 @@ int32_t PrivacyManagerService::ResponseDumpCommand(int fd, const std::vector<std
         infos.append(R"(  "permissionRecord": [)");
         infos.append("\n");
         infos.append(R"(    "bundleName": )" + result.bundleRecords[0].bundleName + ",\n");
-        if (result.bundleRecords[0].isRemote) {
-            std::string status = "true";
-            infos.append(R"(    "isRemote": )" + status + ",\n");
-        } else {
-            std::string status = "false";
-            infos.append(R"(    "isRemote": )" + status + ",\n");
-        }
+        infos.append(R"(    "isRemote": )" + std::to_string(result.bundleRecords[0].isRemote) + ",\n");
         infos.append(R"(    "permissionName": ")" + result.bundleRecords[0].permissionRecords[index].permissionName +
                      R"(")" + ",\n");
         time_t lastAccessTime = static_cast<time_t>(result.bundleRecords[0].permissionRecords[index].lastAccessTime);
-- 
Gitee


From 16130bb2a3addbcebe90fb98e0302977ae59a5d4 Mon Sep 17 00:00:00 2001
From: libing23 <libing23@huawei.com>
Date: Tue, 20 Sep 2022 16:35:42 +0800
Subject: [PATCH 50/51] add permission grant unittest Signed-off-by: libing23
 <libing23@huawei.com>

---
 services/accesstokenmanager/test/BUILD.gn     |   1 +
 .../cpp/src/permission_grant_event_test.cpp   | 105 ++++++++++++++++++
 .../cpp/src/permission_grant_event_test.h     |  38 +++++++
 3 files changed, 144 insertions(+)
 create mode 100644 services/accesstokenmanager/test/unittest/cpp/src/permission_grant_event_test.cpp
 create mode 100644 services/accesstokenmanager/test/unittest/cpp/src/permission_grant_event_test.h

diff --git a/services/accesstokenmanager/test/BUILD.gn b/services/accesstokenmanager/test/BUILD.gn
index acbb43f0d..aac1ba7cb 100644
--- a/services/accesstokenmanager/test/BUILD.gn
+++ b/services/accesstokenmanager/test/BUILD.gn
@@ -39,6 +39,7 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") {
   sources = [
     "unittest/cpp/src/accesstoken_info_manager_test.cpp",
     "unittest/cpp/src/native_token_receptor_test.cpp",
+    "unittest/cpp/src/permission_grant_event_test.cpp",
   ]
 
   cflags_cc = [ "-DHILOG_ENABLE" ]
diff --git a/services/accesstokenmanager/test/unittest/cpp/src/permission_grant_event_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/permission_grant_event_test.cpp
new file mode 100644
index 000000000..bd8fa4482
--- /dev/null
+++ b/services/accesstokenmanager/test/unittest/cpp/src/permission_grant_event_test.cpp
@@ -0,0 +1,105 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "permission_grant_event_test.h"
+
+#define private public
+#include "permission_grant_event.h"
+#undef private
+
+using namespace testing::ext;
+using namespace OHOS::Security::AccessToken;
+
+namespace {
+static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PermissionGrantEventTest"};
+}
+
+void PermissionGrantEventTest::SetUpTestCase()
+{}
+
+void PermissionGrantEventTest::TearDownTestCase()
+{}
+
+void PermissionGrantEventTest::SetUp()
+{}
+
+void PermissionGrantEventTest::TearDown()
+{}
+
+/**
+ * @tc.name: NotifyPermGrantStoreResult001
+ * @tc.desc: test notify permssion grant event success
+ * @tc.type: FUNC
+ * @tc.require:issueI5OOPG
+ */
+HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult001, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "NotifyPermGrantStoreResult001!");
+    AccessTokenID tokenID = 0x100000;
+    std::string permissionName = "testpremission";
+    uint64_t time;
+
+    PermissionGrantEvent eventHandler;
+    eventHandler.AddEvent(tokenID, permissionName, time);
+
+    // larger than grant timestamp
+    eventHandler.NotifyPermGrantStoreResult(true, time + 1);
+
+    ASSERT_EQ(eventHandler.permGrantEventList_.size(), 0);
+}
+
+/**
+ * @tc.name: NotifyPermGrantStoreResult002
+ * @tc.desc: test notify permssion grant event failed
+ * @tc.type: FUNC
+ * @tc.require:issueI5OOPG
+ */
+HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult002, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "NotifyPermGrantStoreResult002!");
+    AccessTokenID tokenID = 0x100000;
+    std::string permissionName = "testpremission";
+    uint64_t time;
+
+    PermissionGrantEvent eventHandler;
+    eventHandler.AddEvent(tokenID, permissionName, time);
+
+    // larger than grant timestamp
+    eventHandler.NotifyPermGrantStoreResult(false, time + 1);
+
+    ASSERT_EQ(eventHandler.permGrantEventList_.size(), 0);
+}
+
+/**
+ * @tc.name: NotifyPermGrantStoreResult003
+ * @tc.desc: test notify permssion grant event success, but timestamp is less than add timestamp
+ * @tc.type: FUNC
+ * @tc.require:issueI5OOPG
+ */
+HWTEST_F(PermissionGrantEventTest, NotifyPermGrantStoreResult003, TestSize.Level1)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "NotifyPermGrantStoreResult003!");
+    AccessTokenID tokenID = 0x100000;
+    std::string permissionName = "testpremission";
+    uint64_t time;
+
+    PermissionGrantEvent eventHandler;
+    eventHandler.AddEvent(tokenID, permissionName, time);
+
+    // less than grant timestamp
+    eventHandler.NotifyPermGrantStoreResult(true, time - 1);
+
+    ASSERT_EQ(eventHandler.permGrantEventList_.size(), 1);
+}
diff --git a/services/accesstokenmanager/test/unittest/cpp/src/permission_grant_event_test.h b/services/accesstokenmanager/test/unittest/cpp/src/permission_grant_event_test.h
new file mode 100644
index 000000000..8b5b199e8
--- /dev/null
+++ b/services/accesstokenmanager/test/unittest/cpp/src/permission_grant_event_test.h
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PERMISSION_GRANT_EVENT_TEST_H
+#define PERMISSION_GRANT_EVENT_TEST_H
+
+#include <gtest/gtest.h>
+#include "accesstoken_log.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+class PermissionGrantEventTest : public testing::Test {
+public:
+    static void SetUpTestCase();
+
+    static void TearDownTestCase();
+
+    void SetUp();
+
+    void TearDown();
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+#endif // PERMISSION_GRANT_EVENT_TEST_H
\ No newline at end of file
-- 
Gitee


From 84f4a155b4d036f55bda3493998d4cc78ed57344 Mon Sep 17 00:00:00 2001
From: chennian <chennian1@huawei.com>
Date: Wed, 21 Sep 2022 08:56:57 +0800
Subject: [PATCH 51/51] =?UTF-8?q?=E8=A1=A5=E5=85=85dump=E7=9A=84tdd?=
 =?UTF-8?q?=E7=94=A8=E4=BE=8B=EF=BC=8C=E6=8C=91=E5=8D=95beta3=20Signed-off?=
 =?UTF-8?q?-by:chennian<chennian1@huawei.com>?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: chennian <chennian1@huawei.com>
---
 BUILD.gn                                      |   3 +
 services/accesstokenmanager/test/BUILD.gn     |   1 +
 .../cpp/src/accesstoken_info_manager_test.cpp |  59 +++++++-
 .../cpp/src/accesstoken_info_manager_test.h   |   3 +
 .../include/service/privacy_manager_service.h |   4 +-
 .../src/service/privacy_manager_service.cpp   |  35 +++--
 .../privacymanager/test/unittest/BUILD.gn     |  52 +++++++
 .../add_permission_used_record_test.cpp       |  55 -------
 .../unittest/privacy_manager_service_test.cpp | 142 ++++++++++++++++++
 ..._test.h => privacy_manager_service_test.h} |  10 +-
 10 files changed, 286 insertions(+), 78 deletions(-)
 create mode 100644 services/privacymanager/test/unittest/BUILD.gn
 delete mode 100644 services/privacymanager/test/unittest/add_permission_used_record_test.cpp
 create mode 100644 services/privacymanager/test/unittest/privacy_manager_service_test.cpp
 rename services/privacymanager/test/unittest/{add_permission_used_record_test.h => privacy_manager_service_test.h} (76%)

diff --git a/BUILD.gn b/BUILD.gn
index 9e318da81..32147476a 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -29,6 +29,9 @@ group("accesstoken_build_module_test") {
       "//base/security/access_token/services/accesstokenmanager/test:unittest",
       "//base/security/access_token/services/common/database/test:unittest",
     ]
+    if (ability_base_enable == true) {
+      deps += [ "//base/security/access_token/services/privacymanager/test/unittest:unittest" ]
+    }
   }
   if (token_sync_enable == true) {
     deps += [
diff --git a/services/accesstokenmanager/test/BUILD.gn b/services/accesstokenmanager/test/BUILD.gn
index aac1ba7cb..0db7414dc 100644
--- a/services/accesstokenmanager/test/BUILD.gn
+++ b/services/accesstokenmanager/test/BUILD.gn
@@ -64,6 +64,7 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") {
   external_deps = [
     "c_utils:utils",
     "hiviewdfx_hilog_native:libhilog",
+    "safwk:system_ability_fwk",
   ]
 }
 
diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
index 3131d57fd..61753f751 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
+++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp
@@ -26,8 +26,10 @@
 #undef private
 #endif
 #include "permission_manager.h"
+#include "string_ex.h"
 
 using namespace testing::ext;
+using namespace OHOS;
 using namespace OHOS::Security::AccessToken;
 
 namespace {
@@ -174,10 +176,15 @@ void AccessTokenInfoManagerTest::TearDownTestCase()
 {}
 
 void AccessTokenInfoManagerTest::SetUp()
-{}
+{
+    atManagerService_ = DelayedSingleton<AccessTokenManagerService>::GetInstance();
+    EXPECT_NE(nullptr, atManagerService_);
+}
 
 void AccessTokenInfoManagerTest::TearDown()
-{}
+{
+    atManagerService_ = nullptr;
+}
 
 HWTEST_F(AccessTokenInfoManagerTest, Init001, TestSize.Level1)
 {
@@ -941,4 +948,50 @@ HWTEST_F(AccessTokenInfoManagerTest, DlpPermissionConfig006, TestSize.Level1)
     ASSERT_EQ(RET_SUCCESS, ret);
     GTEST_LOG_(INFO) << "remove the token info";
 }
-#endif
\ No newline at end of file
+#endif
+
+/**
+ * @tc.name: Dump001
+ * @tc.desc: Dump tokeninfo.
+ * @tc.type: FUNC
+ * @tc.require: issueI4V02P
+ */
+HWTEST_F(AccessTokenInfoManagerTest, Dump001, TestSize.Level1)
+{
+    int fd = -1;
+    std::vector<std::u16string> args;
+
+    // fd is 0
+    ASSERT_NE(RET_SUCCESS, atManagerService_->Dump(fd, args));
+
+    fd = 1; // 1: std output
+
+    // hidumper
+    ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args));
+
+    // hidumper -h
+    args.emplace_back(Str8ToStr16("-h"));
+    ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args));
+
+    args.clear();
+    // hidumper -a 
+    args.emplace_back(Str8ToStr16("-a"));
+    ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args));
+
+    args.clear();
+    // hidumper -t
+    args.emplace_back(Str8ToStr16("-t"));
+    ASSERT_NE(RET_SUCCESS, atManagerService_->Dump(fd, args));
+
+    args.clear();
+    // hidumper -t
+    args.emplace_back(Str8ToStr16("-t"));
+    args.emplace_back(Str8ToStr16("-1")); // illegal tokenId
+    ASSERT_NE(RET_SUCCESS, atManagerService_->Dump(fd, args));
+
+    args.clear();
+    // hidumper -t
+    args.emplace_back(Str8ToStr16("-t"));
+    args.emplace_back(Str8ToStr16("123")); // invalid tokenId
+    ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args));
+}
\ No newline at end of file
diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.h b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.h
index 03cbc7d1c..9358b78c2 100644
--- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.h
+++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.h
@@ -17,6 +17,7 @@
 #define ACCESSTOKEN_INFO_MANAGER_TEST_H
 
 #include <gtest/gtest.h>
+#include "accesstoken_manager_service.h"
 
 namespace OHOS {
 namespace Security {
@@ -30,6 +31,8 @@ public:
     void SetUp();
 
     void TearDown();
+
+    std::shared_ptr<AccessTokenManagerService> atManagerService_;
 };
 } // namespace AccessToken
 } // namespace Security
diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h
index 8461b8e0e..6eebcff0e 100644
--- a/services/privacymanager/include/service/privacy_manager_service.h
+++ b/services/privacymanager/include/service/privacy_manager_service.h
@@ -49,10 +49,10 @@ public:
         std::vector<std::string>& permList, const sptr<IRemoteObject>& callback) override;
     int32_t UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback) override;
     bool IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName) override;
-    int32_t Dump(int fd, const std::vector<std::u16string>& args) override;
-    int32_t ResponseDumpCommand(int fd,  const std::vector<std::u16string>& args);
+    int32_t Dump(int32_t fd, const std::vector<std::u16string>& args) override;
 private:
     bool Initialize() const;
+    int32_t ResponseDumpCommand(int32_t fd,  const std::vector<std::u16string>& args);
 
     ServiceRunningState state_;
 };
diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp
index a48cae07e..1ff35ddc0 100644
--- a/services/privacymanager/src/service/privacy_manager_service.cpp
+++ b/services/privacymanager/src/service/privacy_manager_service.cpp
@@ -30,7 +30,7 @@ namespace {
 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
     LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PrivacyManagerService"
 };
-constexpr int PERMISSION_USAGE_RECORDS_MAXNUM = 100;
+constexpr int PERMISSION_USAGE_RECORDS_MAX_NUM = 100;
 }
 
 const bool REGISTER_RESULT =
@@ -116,26 +116,30 @@ int32_t PrivacyManagerService::RegisterPermActiveStatusCallback(
     return PermissionRecordManager::GetInstance().RegisterPermActiveStatusCallback(permList, callback);
 }
 
-int32_t PrivacyManagerService::ResponseDumpCommand(int fd, const std::vector<std::u16string>& args)
+int32_t PrivacyManagerService::ResponseDumpCommand(int32_t fd, const std::vector<std::u16string>& args)
 {
-    if (args.size() < 2) { // 2 :need two args 0:command 1:tokenID
+    if (args.size() < 2) { // 2 :need two args 0:command 1:tokenId
         return ERR_INVALID_VALUE;
     }
-    long long tokenID = atoll(static_cast<const char*>(Str16ToStr8(args.at(1)).c_str()));
+    long long tokenId = atoll(static_cast<const char*>(Str16ToStr8(args.at(1)).c_str()));
     PermissionUsedRequest request;
-    if (tokenID <= 0) {
+    if (tokenId <= 0) {
         return ERR_INVALID_VALUE;
     }
-    request.tokenId = static_cast<unsigned int>(tokenID);
+    request.tokenId = static_cast<uint32_t>(tokenId);
     request.flag = FLAG_PERMISSION_USAGE_SUMMARY;
     PermissionUsedResult result;
     if (PermissionRecordManager::GetInstance().GetPermissionUsedRecords(request, result) != 0) {
         return ERR_INVALID_VALUE;
     }
     std::string infos;
-    int RecordsNum = 0;
-    for (int index = result.bundleRecords[0].permissionRecords.size() - 1; index >= 0; index--) {
-        if (RecordsNum > PERMISSION_USAGE_RECORDS_MAXNUM) {
+    if (result.bundleRecords.empty() || result.bundleRecords[0].permissionRecords.empty()) {
+        dprintf(fd, "No Record \n");
+        return ERR_OK;
+    }
+    int32_t RecordsNum = 0;
+    for (int32_t index = result.bundleRecords[0].permissionRecords.size() - 1; index >= 0; index--) {
+        if (RecordsNum > PERMISSION_USAGE_RECORDS_MAX_NUM) {
             break;
         }
         infos.append(R"(  "permissionRecord": [)");
@@ -159,24 +163,27 @@ int32_t PrivacyManagerService::ResponseDumpCommand(int fd, const std::vector<std
     return ERR_OK;
 }
 
-int32_t PrivacyManagerService::Dump(int fd, const std::vector<std::u16string>& args)
+int32_t PrivacyManagerService::Dump(int32_t fd, const std::vector<std::u16string>& args)
 {
     if (fd < 0) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "Dump fd invalid value");
         return ERR_INVALID_VALUE;
     }
-    int ReturnValue = ERR_OK;
+    int32_t ret = ERR_OK;
     dprintf(fd, "Privacy Dump:\n");
-    dprintf(fd, "please use hidumper -s said -a '-h' command help\n");
     std::string arg0 = ((args.size() == 0) ? "" : Str16ToStr8(args.at(0)));
     if (arg0.compare("-h") == 0) {
         dprintf(fd, "Usage:\n");
         dprintf(fd, "       -h: command help\n");
         dprintf(fd, "       -t <TOKEN_ID>: according to specific token id dump permission used records\n");
     } else if (arg0.compare("-t") == 0) {
-        ReturnValue = PrivacyManagerService::ResponseDumpCommand(fd, args);
+        ret = PrivacyManagerService::ResponseDumpCommand(fd, args);
+    }
+
+    if (ret != ERR_OK) {
+        dprintf(fd, "please use hidumper -s said -a '-h' command help\n");
     }
-    return ReturnValue;
+    return ret;
 }
 
 int32_t PrivacyManagerService::UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback)
diff --git a/services/privacymanager/test/unittest/BUILD.gn b/services/privacymanager/test/unittest/BUILD.gn
new file mode 100644
index 000000000..d7178178a
--- /dev/null
+++ b/services/privacymanager/test/unittest/BUILD.gn
@@ -0,0 +1,52 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//base/security/access_token/access_token.gni")
+import("//build/test.gni")
+
+if (is_standard_system && ability_base_enable == true) {
+  ohos_unittest("libprivacy_manager_service_standard_test") {
+    subsystem_name = "security"
+    part_name = "access_token"
+    module_out_path = part_name + "/" + part_name
+
+    include_dirs = [
+      "//base/security/access_token/interfaces/innerkits/accesstoken/include",
+      "//base/security/access_token/frameworks/privacy/include",
+      "//base/security/access_token/interfaces/innerkits/privacy/include",
+      "//base/security/access_token/services/privacymanager/include/service",
+      "//third_party/googletest/include",
+      "//commonlibrary/c_utils/base/include",
+    ]
+
+    sources = [ "privacy_manager_service_test.cpp" ]
+
+    configs = [ "//base/security/access_token/config:coverage_flags" ]
+
+    deps = [
+      "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk",
+      "//base/security/access_token/services/privacymanager:privacy_manager_service",
+      "//third_party/googletest:gtest_main",
+    ]
+
+    external_deps = [
+      "c_utils:utils",
+      "safwk:system_ability_fwk",
+    ]
+  }
+}
+
+group("unittest") {
+  testonly = true
+  deps = [ ":libprivacy_manager_service_standard_test" ]
+}
diff --git a/services/privacymanager/test/unittest/add_permission_used_record_test.cpp b/services/privacymanager/test/unittest/add_permission_used_record_test.cpp
deleted file mode 100644
index c139fe2ab..000000000
--- a/services/privacymanager/test/unittest/add_permission_used_record_test.cpp
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (c) 2022 Huawei Device Co., Ltd.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "add_permission_used_record_test.h"
-
-using namespace testing::ext;
-using namespace OHOS::Security::AccessToken;
-
-void AddPermissionUsedRecordTest::SetUpTestCase()
-{}
-
-void AddPermissionUsedRecordTest::TearDownTestCase()
-{
-}
-
-void AddPermissionUsedRecordTest::SetUp()
-{
-}
-
-void AddPermissionUsedRecordTest::TearDown()
-{
-}
-
-/**
- * @tc.name: AddPermissionUsedRecord_001
- * @tc.desc: cannot AddPermissionUsedRecord with invalid tokenID and permission.
- * @tc.type: FUNC
- * @tc.require:AR000GK6TD=====
- */
-HWTEST_F(AddPermissionUsedRecordTest, AddPermissionUsedRecord_001, TestSize.Level1)
-{
-    int32_t successCount = 1;
-    int32_t fasilCount = 0;
-    std::string permission = "ohon.permission.READ_CONTACTS";
-    AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_InfoParmsA.userID,
-                                                          g_InfoParmsA.bundleName,
-                                                          g_InfoParmsA.instIndex);
-    int32_t ret = PrivacyKit::AddPermissionUsedRecord(0, permission, successCount, fasilCount);
-    ASSERT_EQ(RET_FAILED, ret);
-
-    ret = PrivacyKit::AddPermissionUsedRecord(tokenID, "", successCount, fasilCount);
-    ASSERT_EQ(RET_FAILED, ret);
-}
diff --git a/services/privacymanager/test/unittest/privacy_manager_service_test.cpp b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp
new file mode 100644
index 000000000..885562c1c
--- /dev/null
+++ b/services/privacymanager/test/unittest/privacy_manager_service_test.cpp
@@ -0,0 +1,142 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "privacy_manager_service_test.h"
+#include "accesstoken_kit.h"
+#include "string_ex.h"
+
+using namespace testing::ext;
+using namespace OHOS;
+using namespace OHOS::Security::AccessToken;
+
+namespace {
+constexpr int32_t PERMISSION_USAGE_RECORDS_MAX_NUM = 10;
+static PermissionStateFull g_testState = {
+    .permissionName = "ohos.permission.CAMERA",
+    .grantFlags = {1},
+    .grantStatus = {PermissionState::PERMISSION_GRANTED},
+    .isGeneral = true,
+    .resDeviceID = {"local"}
+};
+
+static HapPolicyParams g_PolicyPrams = {
+    .apl = APL_NORMAL,
+    .domain = "test.domain.A",
+    .permList = {},
+    .permStateList = {g_testState}
+};
+
+static HapInfoParams g_InfoParms = {
+    .userID = 1,
+    .bundleName = "ohos.privacy_test.bundleA",
+    .instIndex = 0,
+    .appIDDesc = "privacy_test.bundleA"
+};
+
+}
+void PrivacyManagerServiceTest::SetUpTestCase()
+{
+}
+
+void PrivacyManagerServiceTest::TearDownTestCase()
+{
+}
+
+void PrivacyManagerServiceTest::SetUp()
+{
+    privacyManagerService_ = DelayedSingleton<PrivacyManagerService>::GetInstance();
+    EXPECT_NE(nullptr, privacyManagerService_);
+    AccessTokenKit::AllocHapToken(g_InfoParms, g_PolicyPrams);
+}
+
+void PrivacyManagerServiceTest::TearDown()
+{
+    privacyManagerService_ = nullptr;
+    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms.userID,
+                                                          g_InfoParms.bundleName,
+                                                          g_InfoParms.instIndex);
+    AccessTokenKit::DeleteToken(tokenId);
+}
+
+/**
+ * @tc.name: Dump001
+ * @tc.desc: Dump record info.
+ * @tc.type: FUNC
+ * @tc.require: issueI4V02P
+ */
+HWTEST_F(PrivacyManagerServiceTest, Dump001, TestSize.Level1)
+{
+    int32_t fd = -1;
+    std::vector<std::u16string> args;
+
+    // fd is 0
+    ASSERT_NE(RET_SUCCESS, privacyManagerService_->Dump(fd, args));
+
+    fd = 1; // 1: std output
+
+    // hidumper
+    ASSERT_EQ(RET_SUCCESS, privacyManagerService_->Dump(fd, args));
+
+    // hidumper -h
+    args.emplace_back(Str8ToStr16("-h"));
+    ASSERT_EQ(RET_SUCCESS, privacyManagerService_->Dump(fd, args));
+
+    args.clear();
+    // hidumper -t
+    args.emplace_back(Str8ToStr16("-t"));
+    ASSERT_NE(RET_SUCCESS, privacyManagerService_->Dump(fd, args));
+
+    args.clear();
+    // hidumper -t
+    args.emplace_back(Str8ToStr16("-t"));
+    args.emplace_back(Str8ToStr16("-1")); // illegal tokenId // illegal tokenId
+    ASSERT_NE(RET_SUCCESS, privacyManagerService_->Dump(fd, args));
+
+    args.clear();
+    // hidumper -t
+    args.emplace_back(Str8ToStr16("-t"));
+    args.emplace_back(Str8ToStr16("123")); // 123: invalid tokenId
+    ASSERT_EQ(RET_SUCCESS, privacyManagerService_->Dump(fd, args));
+}
+
+/**
+ * @tc.name: Dump002
+ * @tc.desc: Dump record info.
+ * @tc.type: FUNC
+ * @tc.require: issueI4V02P
+ */
+HWTEST_F(PrivacyManagerServiceTest, Dump002, TestSize.Level1)
+{
+    int32_t fd = 1; // 1: std output
+    std::vector<std::u16string> args;
+    AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms.userID,
+                                                          g_InfoParms.bundleName,
+                                                          g_InfoParms.instIndex);
+    args.emplace_back(Str8ToStr16("-t"));
+    std::string tokenIdStr = std::to_string(tokenId);
+    args.emplace_back(Str8ToStr16(tokenIdStr));
+
+    ASSERT_EQ(RET_SUCCESS, privacyManagerService_->Dump(fd, args));
+
+    std::string permission = "ohos.permission.CAMERA";
+    for (int32_t i = 0; i < PERMISSION_USAGE_RECORDS_MAX_NUM; i++) {
+        privacyManagerService_->AddPermissionUsedRecord(tokenId, permission, 1, 0);
+    }
+
+    ASSERT_EQ(RET_SUCCESS, privacyManagerService_->Dump(fd, args));
+
+    privacyManagerService_->AddPermissionUsedRecord(tokenId, permission, 1, 0);
+    ASSERT_EQ(RET_SUCCESS, privacyManagerService_->Dump(fd, args));
+}
diff --git a/services/privacymanager/test/unittest/add_permission_used_record_test.h b/services/privacymanager/test/unittest/privacy_manager_service_test.h
similarity index 76%
rename from services/privacymanager/test/unittest/add_permission_used_record_test.h
rename to services/privacymanager/test/unittest/privacy_manager_service_test.h
index 8f6f83d31..6f8c01641 100644
--- a/services/privacymanager/test/unittest/add_permission_used_record_test.h
+++ b/services/privacymanager/test/unittest/privacy_manager_service_test.h
@@ -13,15 +13,16 @@
  * limitations under the License.
  */
 
-#ifndef ADD_PERMISSION_USED_RECORD_TEST_H
-#define ADD_PERMISSION_USED_RECORD_TEST_H
+#ifndef PRIVACY_MANAGER_SERVICE_TEST_H
+#define PRIVACY_MANAGER_SERVICE_TEST_H
 
 #include <gtest/gtest.h>
+#include "privacy_manager_service.h"
 
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-class AddPermissionUsedRecordTest : public testing::Test {
+class PrivacyManagerServiceTest : public testing::Test {
 public:
     static void SetUpTestCase();
 
@@ -30,8 +31,9 @@ public:
     void SetUp();
 
     void TearDown();
+    std::shared_ptr<PrivacyManagerService> privacyManagerService_;
 };
 } // namespace AccessToken
 } // namespace Security
 } // namespace OHOS
-#endif // ADD_PERMISSION_USED_RECORD_TEST_H
+#endif // PRIVACY_MANAGER_SERVICE_TEST_H
-- 
Gitee