1 /**
2 * Copyright (c) 2021 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "ActsPMSTest.h"
17
18 using namespace std;
19 using namespace testing::ext;
20
21 static PmsInnerApi *g_interface;
22 static PermissionTrans g_systemPers[] = {
23 {
24 "ohos.permission.CAMERA",
25 "for CAMERA use",
26 INUSE,
27 },
28 {
29 "ohos.permission.RECORD_AUDIO",
30 "for RECORD_AUDIO use",
31 ALWAYS,
32 },
33 {
34 "ohos.permission.READ_MEDIA_AUDIO",
35 "for READ_MEDIA_AUDIO use",
36 INUSE,
37 },
38 {
39 "ohos.permission.READ_MEDIA_IMAGES",
40 "for READ_MEDIA_IMAGES use",
41 ALWAYS,
42 },
43 {
44 "ohos.permission.READ_MEDIA_VIDEO",
45 "for READ_MEDIA_VIDEO use",
46 INUSE,
47 },
48 {
49 "ohos.permission.WRITE_MEDIA_AUDIO",
50 "for WRITE_MEDIA_AUDIO use",
51 ALWAYS,
52 },
53 {
54 "ohos.permission.WRITE_MEDIA_IMAGES",
55 "for WRITE_MEDIA_IMAGES use",
56 INUSE,
57 },
58 {
59 "ohos.permission.WRITE_MEDIA_VIDEO",
60 "for WRITE_MEDIA_VIDEO use",
61 ALWAYS,
62 },
63 {
64 "ohos.permission.MODIFY_AUDIO_SETTINGS",
65 "for MODIFY_AUDIO_SETTINGS use",
66 INUSE,
67 },
68 };
69
70 class ActsPMSDeleteTest : public testing::Test {
71 protected:
SetUpTestCase(void)72 static void SetUpTestCase(void)
73 {
74 CreateAppDir();
75 IUnknown *iUnknown = SAMGR_GetInstance()->GetFeatureApi(PERMISSION_SERVICE, PERM_INNER);
76 iUnknown->QueryInterface(iUnknown, DEFAULT_VERSION, (void **) &g_interface);
77 setuid(0);
78 }
TearDownTestCase(void)79 static void TearDownTestCase(void) {}
SetUp()80 virtual void SetUp() {}
TearDown()81 virtual void TearDown()
82 {
83 DeletePermissions(TEST_APP_ID);
84 DeletePermissions(TEST_APP_ID2);
85 DeletePermissions(SUBTEST_APP_ID);
86 UnLoadPermissions(TEST_TASKID);
87 UnLoadPermissions(SUBTEST_TASKID);
88 }
89 };
90
91 /**
92 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0200
93 * @tc.name The application is unloaded and the permission data is deleted
94 * @tc.desc [C- SECURITY -0800]
95 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0200, Function | MediumTest | Level0)96 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0200, Function | MediumTest | Level0)
97 {
98 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
99 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl;
100 ret = DeletePermissions(TEST_APP_ID);
101 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
102 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers);
103 }
104
105 /**
106 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0210
107 * @tc.name Unload unknown applications
108 * @tc.desc [C- SECURITY -0800]
109 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0210, Function | MediumTest | Level2)110 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0210, Function | MediumTest | Level2)
111 {
112 int ret = DeletePermissions(TEST_APP_ID);
113 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
114 ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
115 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl;
116 ret = DeletePermissions(TEST_APP_ID);
117 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
118 ret = DeletePermissions(TEST_APP_ID);
119 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
120 }
121
122 /**
123 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0230
124 * @tc.name Delete multiple application permissions
125 * @tc.desc [C- SECURITY -0800]
126 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0230, Function | MediumTest | Level3)127 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0230, Function | MediumTest | Level3)
128 {
129 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
130 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl;
131 ret = SaveOrUpdatePermissions(TEST_APP_ID2, g_systemPers, 0, FIRST_INSTALL);
132 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl;
133 ret = DeletePermissions(TEST_APP_ID);
134 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
135 ret = DeletePermissions(TEST_APP_ID2);
136 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
137 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers);
138 CheckAppPermission(TEST_APP_ID2, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers);
139 }
140
141 /**
142 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0250
143 * @tc.name After the application permissions are loaded, the permissions can be deleted
144 * @tc.desc [C- SECURITY -0800]
145 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0250, Function | MediumTest | Level3)146 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0250, Function | MediumTest | Level3)
147 {
148 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
149 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl;
150 ret = LoadPermissions(TEST_APP_ID, TEST_TASKID);
151 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "load ret = " << ret << endl;
152 ret = DeletePermissions(TEST_APP_ID);
153 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
154 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers);
155 ret = UnLoadPermissions(TEST_TASKID);
156 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl;
157 }
158
159 /**
160 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0260
161 * @tc.name After the application permissions are unloaded, the permissions can be deleted
162 * @tc.desc [C- SECURITY -0800]
163 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0260, Function | MediumTest | Level2)164 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0260, Function | MediumTest | Level2)
165 {
166 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
167 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl;
168 ret = LoadPermissions(TEST_APP_ID, TEST_TASKID);
169 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "load ret = " << ret << endl;
170 ret = UnLoadPermissions(TEST_TASKID);
171 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl;
172 ret = DeletePermissions(TEST_APP_ID);
173 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
174 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers);
175 }
176
177 /**
178 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0270
179 * @tc.name After the application permissions are checked, the permissions can be deleted
180 * @tc.desc [C- SECURITY -0800]
181 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0270, Function | MediumTest | Level2)182 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0270, Function | MediumTest | Level2)
183 {
184 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
185 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl;
186 for (int i = 0; i < SYS_PERM_NUM; i++) {
187 g_interface->GrantPermission(TEST_APP_ID, g_systemPers[i].name);
188 }
189 ret = LoadPermissions(TEST_APP_ID, TEST_TASKID);
190 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "load ret = " << ret << endl;
191 ret = CheckPermission(TEST_TASKID, g_systemPers[0].name);
192 EXPECT_EQ(ret, GRANTED) << "checkperm ret = " << ret << endl;
193 ret = DeletePermissions(TEST_APP_ID);
194 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
195 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers);
196 ret = UnLoadPermissions(TEST_TASKID);
197 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "unload ret = " << ret << endl;
198 }
199
200 /**
201 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0280
202 * @tc.name After the application permissions are queryed, the permissions can be deleted
203 * @tc.desc [C- SECURITY -0800]
204 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0280, Function | MediumTest | Level4)205 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0280, Function | MediumTest | Level4)
206 {
207 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
208 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl;
209 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_SUCCESS, SYS_PERM_NUM, g_systemPers);
210 ret = DeletePermissions(TEST_APP_ID);
211 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
212 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers);
213 }
214
215 /**
216 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0290
217 * @tc.name After the application permissions are granted, the permissions can be deleted
218 * @tc.desc [C- SECURITY -0800]
219 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0290, Function | MediumTest | Level2)220 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0290, Function | MediumTest | Level2)
221 {
222 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
223 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl;
224 for (int i = 0; i < SYS_PERM_NUM; i++) {
225 ret = g_interface->GrantPermission(TEST_APP_ID, g_systemPers[i].name);
226 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "grant ret = " << ret << endl;
227 }
228 ret = DeletePermissions(TEST_APP_ID);
229 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
230 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers);
231 }
232
233 /**
234 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0300
235 * @tc.name After the application permissions are revoked, the permissions can be deleted
236 * @tc.desc [C- SECURITY -0800]
237 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0300, Function | MediumTest | Level2)238 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0300, Function | MediumTest | Level2)
239 {
240 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
241 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl;
242 for (int i = 0; i < SYS_PERM_NUM; i++) {
243 ret = g_interface->RevokePermission(TEST_APP_ID, g_systemPers[i].name);
244 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "revoke ret = " << ret << endl;
245 }
246 ret = DeletePermissions(TEST_APP_ID);
247 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
248 CheckAppPermission(TEST_APP_ID, PERM_ERRORCODE_FILE_NOT_EXIST, 0, g_systemPers);
249 }
250
251 /**
252 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0310
253 * @tc.name Another application permission change does not affect delete permission
254 * @tc.desc [C- SECURITY -0800]
255 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0310, Function | MediumTest | Level3)256 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0310, Function | MediumTest | Level3)
257 {
258 int pid = fork();
259 int status = 0;
260 if (pid != 0) {
261 SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
262 int ret = DeletePermissions(TEST_APP_ID);
263 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
264 waitpid(pid, &status, 0);
265 } else {
266 SubTestWithoutCheck(SUBTEST_APP_ID, SUBTEST_TASKID);
267 exit(0);
268 }
269 }
270
271 /**
272 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0420
273 * @tc.name The permission file is abnormal and can be deleted
274 * @tc.desc [C- SECURITY -0800]
275 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0420, Function | MediumTest | Level4)276 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0420, Function | MediumTest | Level4)
277 {
278 int ret = SaveOrUpdatePermissions(TEST_APP_ID, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
279 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "save ret = " << ret << endl;
280 int fd = access(TEST_APP_PATH, F_OK);
281 if (fd == 0) {
282 unlink(TEST_APP_PATH);
283 }
284 fd = open(TEST_APP_PATH, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR);
285 if (fd >= 0) {
286 write(fd, PERMISSION_UNSUPPORTED, strlen(PERMISSION_UNSUPPORTED));
287 close(fd);
288 }
289 DeletePermissions(TEST_APP_ID);
290 fd = open(TEST_APP_PATH, O_RDONLY);
291 EXPECT_LT(fd, 0);
292 }
293
294 /**
295 * @tc.number SUB_SEC_AppSEC_PermissionMgmt_PMS_0500
296 * @tc.name Can delete application permission with long and short package names
297 * @tc.desc [C- SECURITY -0800]
298 */
HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0500, Function | MediumTest | Level2)299 HWTEST_F(ActsPMSDeleteTest, testSecPMPMS_0500, Function | MediumTest | Level2)
300 {
301 SaveOrUpdatePermissions(TEST_APP_SHORT, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
302 SaveOrUpdatePermissions(TEST_APP_LONG, g_systemPers, SYS_PERM_NUM, FIRST_INSTALL);
303 int ret = DeletePermissions(TEST_APP_SHORT);
304 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
305 ret = DeletePermissions(TEST_APP_LONG);
306 EXPECT_EQ(ret, PERM_ERRORCODE_SUCCESS) << "delete ret = " << ret << endl;
307 }