1/* 2 * Copyright (c) 2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16#include "netmanager_base_test_security.h" 17 18#include "nativetoken_kit.h" 19#include "token_setproc.h" 20 21namespace OHOS { 22namespace NetManagerStandard { 23using namespace Security::AccessToken; 24using Security::AccessToken::AccessTokenID; 25namespace { 26HapInfoParams netManagerBaseParms = { 27 .userID = 1, 28 .bundleName = "netmanager_base_test", 29 .instIndex = 0, 30 .appIDDesc = "test", 31 .isSystemApp = true, 32}; 33 34HapInfoParams netConnManagerNotSystemInfo = { 35 .userID = 1, 36 .bundleName = "netmanager_base_test", 37 .instIndex = 0, 38 .appIDDesc = "test", 39}; 40 41HapInfoParams netDataShareInfo = { 42 .userID = 100, 43 .bundleName = "netmanager_base_test", 44 .instIndex = 0, 45 .appIDDesc = "test", 46 .isSystemApp = true, 47}; 48 49PermissionDef testNetConnInfoPermDef = { 50 .permissionName = "ohos.permission.GET_NETWORK_INFO", 51 .bundleName = "netmanager_base_test", 52 .grantMode = 1, 53 .availableLevel = APL_SYSTEM_BASIC, 54 .label = "label", 55 .labelId = 1, 56 .description = "Test ethernet maneger network info", 57 .descriptionId = 1, 58}; 59 60PermissionStateFull testNetConnInfoState = { 61 .permissionName = "ohos.permission.GET_NETWORK_INFO", 62 .isGeneral = true, 63 .resDeviceID = { "local" }, 64 .grantStatus = { PermissionState::PERMISSION_GRANTED }, 65 .grantFlags = { 2 }, 66}; 67 68PermissionDef testNetConnInternetPermDef = { 69 .permissionName = "ohos.permission.INTERNET", 70 .bundleName = "netmanager_base_test", 71 .grantMode = 1, 72 .availableLevel = APL_SYSTEM_BASIC, 73 .label = "label", 74 .labelId = 1, 75 .description = "Test net connect manager internet", 76 .descriptionId = 1, 77}; 78 79PermissionStateFull testNetConnInternetState = { 80 .permissionName = "ohos.permission.INTERNET", 81 .isGeneral = true, 82 .resDeviceID = { "local" }, 83 .grantStatus = { PermissionState::PERMISSION_GRANTED }, 84 .grantFlags = { 2 }, 85}; 86 87PermissionDef testNetConnInternalPermDef = { 88 .permissionName = "ohos.permission.CONNECTIVITY_INTERNAL", 89 .bundleName = "netmanager_base_test", 90 .grantMode = 1, 91 .availableLevel = APL_SYSTEM_BASIC, 92 .label = "label", 93 .labelId = 1, 94 .description = "Test net connect manager internet", 95 .descriptionId = 1, 96}; 97 98PermissionStateFull testNetConnInternalState = { 99 .permissionName = "ohos.permission.CONNECTIVITY_INTERNAL", 100 .isGeneral = true, 101 .resDeviceID = { "local" }, 102 .grantStatus = { PermissionState::PERMISSION_GRANTED }, 103 .grantFlags = { 2 }, 104}; 105 106PermissionDef testNetPolicyStrategyPermDef = { 107 .permissionName = "ohos.permission.MANAGE_NET_STRATEGY", 108 .bundleName = "netmanager_base_test", 109 .grantMode = 1, 110 .availableLevel = APL_SYSTEM_BASIC, 111 .label = "label", 112 .labelId = 1, 113 .description = "Test net policy manager", 114 .descriptionId = 1, 115}; 116 117PermissionStateFull testManageNetStrategyState = { 118 .permissionName = "ohos.permission.MANAGE_NET_STRATEGY", 119 .isGeneral = true, 120 .resDeviceID = { "local" }, 121 .grantStatus = { PermissionState::PERMISSION_GRANTED }, 122 .grantFlags = { 2 }, 123}; 124 125PermissionDef testNetSysInternalDef = { 126 .permissionName = "ohos.permission.NETSYS_INTERNAL", 127 .bundleName = "netmanager_base_test", 128 .grantMode = 1, 129 .availableLevel = APL_SYSTEM_BASIC, 130 .label = "label", 131 .labelId = 1, 132 .description = "Test netsys_native_manager_test", 133 .descriptionId = 1, 134}; 135 136PermissionStateFull testNetSysInternalState = { 137 .permissionName = "ohos.permission.NETSYS_INTERNAL", 138 .isGeneral = true, 139 .resDeviceID = { "local" }, 140 .grantStatus = { PermissionState::PERMISSION_GRANTED }, 141 .grantFlags = { 2 }, 142}; 143 144PermissionDef testNetConnSettingsPermDef = { 145 .permissionName = "ohos.permission.MANAGE_SECURE_SETTINGS", 146 .bundleName = "netmanager_base_test", 147 .grantMode = 1, 148 .label = "label", 149 .labelId = 1, 150 .description = "Test net data share", 151 .descriptionId = 1, 152 .availableLevel = APL_SYSTEM_BASIC, 153}; 154 155PermissionStateFull testNetConnSettingsState = { 156 .grantFlags = { 2 }, 157 .grantStatus = { PermissionState::PERMISSION_GRANTED }, 158 .isGeneral = true, 159 .permissionName = "ohos.permission.MANAGE_SECURE_SETTINGS", 160 .resDeviceID = { "local" }, 161}; 162 163PermissionDef testNetStatsPermDef = { 164 .permissionName = "ohos.permission.GET_NETWORK_STATS", 165 .bundleName = "netmanager_base_test", 166 .grantMode = 1, 167 .availableLevel = APL_SYSTEM_BASIC, 168 .label = "label", 169 .labelId = 1, 170 .description = "Test net stats manager", 171 .descriptionId = 1, 172}; 173 174PermissionStateFull testNetStatsState = { 175 .permissionName = "ohos.permission.GET_NETWORK_STATS", 176 .isGeneral = true, 177 .resDeviceID = { "local" }, 178 .grantStatus = { PermissionState::PERMISSION_GRANTED }, 179 .grantFlags = { 2 }, 180}; 181 182HapPolicyParams netManagerBasePolicy = { 183 .apl = APL_SYSTEM_BASIC, 184 .domain = "test.domain", 185 .permList = { testNetConnInfoPermDef, testNetConnInternetPermDef, testNetConnInternalPermDef, 186 testNetPolicyStrategyPermDef, testNetSysInternalDef, testNetStatsPermDef }, 187 .permStateList = { testNetConnInfoState, testNetConnInternetState, testNetConnInternalState, 188 testManageNetStrategyState, testNetSysInternalState, testNetStatsState }, 189}; 190 191PermissionDef testNoPermissionDef = { 192 .permissionName = "", 193 .bundleName = "netmanager_base_test", 194 .grantMode = 1, 195 .availableLevel = APL_SYSTEM_BASIC, 196 .label = "label", 197 .labelId = 1, 198 .description = "Test no permission", 199 .descriptionId = 1, 200}; 201 202PermissionStateFull testNoPermissionState = { 203 .permissionName = "", 204 .isGeneral = true, 205 .resDeviceID = { "local" }, 206 .grantStatus = { PermissionState::PERMISSION_GRANTED }, 207 .grantFlags = { 2 }, 208}; 209 210HapPolicyParams testNoPermission = { 211 .apl = APL_SYSTEM_BASIC, 212 .domain = "test.domain", 213 .permList = { testNoPermissionDef }, 214 .permStateList = { testNoPermissionState }, 215}; 216 217HapPolicyParams netDataSharePolicy = { 218 .apl = APL_SYSTEM_BASIC, 219 .domain = "test.domain", 220 .permList = { testNetConnSettingsPermDef }, 221 .permStateList = { testNetConnSettingsState }, 222}; 223} // namespace 224 225NetManagerBaseAccessToken::NetManagerBaseAccessToken() : currentID_(GetSelfTokenID()) 226{ 227 AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(netManagerBaseParms, netManagerBasePolicy); 228 accessID_ = tokenIdEx.tokenIdExStruct.tokenID; 229 SetSelfTokenID(tokenIdEx.tokenIDEx); 230} 231 232NetManagerBaseAccessToken::~NetManagerBaseAccessToken() 233{ 234 AccessTokenKit::DeleteToken(accessID_); 235 SetSelfTokenID(currentID_); 236} 237 238NetManagerBaseNotSystemToken::NetManagerBaseNotSystemToken() : currentID_(GetSelfTokenID()) 239{ 240 AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(netConnManagerNotSystemInfo, netManagerBasePolicy); 241 accessID_ = tokenIdEx.tokenIdExStruct.tokenID; 242 SetSelfTokenID(accessID_); 243} 244 245NetManagerBaseNotSystemToken::~NetManagerBaseNotSystemToken() 246{ 247 AccessTokenKit::DeleteToken(accessID_); 248 SetSelfTokenID(currentID_); 249} 250 251NetManagerBaseNoPermissionToken::NetManagerBaseNoPermissionToken() : currentID_(GetSelfTokenID()) 252{ 253 AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(netManagerBaseParms, testNoPermission); 254 accessID_ = tokenIdEx.tokenIdExStruct.tokenID; 255 SetSelfTokenID(tokenIdEx.tokenIDEx); 256} 257 258NetManagerBaseNoPermissionToken::~NetManagerBaseNoPermissionToken() 259{ 260 AccessTokenKit::DeleteToken(accessID_); 261 SetSelfTokenID(currentID_); 262} 263 264NetManagerBaseDataShareToken::NetManagerBaseDataShareToken() : currentID_(GetSelfTokenID()) 265{ 266 AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(netDataShareInfo, netDataSharePolicy); 267 accessID_ = tokenIdEx.tokenIdExStruct.tokenID; 268 SetSelfTokenID(tokenIdEx.tokenIDEx); 269} 270 271NetManagerBaseDataShareToken::~NetManagerBaseDataShareToken() 272{ 273 AccessTokenKit::DeleteToken(accessID_); 274 SetSelfTokenID(currentID_); 275} 276} // namespace NetManagerStandard 277} // namespace OHOS 278