1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "dlp_permission_kit_test.h"
17 #include <chrono>
18 #include <openssl/rand.h>
19 #include <thread>
20 #include <unistd.h>
21 #include <vector>
22 #include "gtest/gtest.h"
23 #include "accesstoken_kit.h"
24 #include "cert_parcel.h"
25 #include "dlp_permission.h"
26 #include "dlp_permission_log.h"
27 #include "dlp_sandbox_callback_info.h"
28 #include "dlp_sandbox_change_callback_customize.h"
29 #define private public
30 #include "dlp_sandbox_change_callback.h"
31 #include "hex_string.h"
32 #include "open_dlp_file_callback.h"
33 #undef private
34 #include "parameters.h"
35 #include "param_wrapper.h"
36 #include "permission_policy.h"
37 #include "securec.h"
38 #include "token_setproc.h"
39 #include "visited_dlp_file_info.h"
40 #include "want.h"
41 #include "bundle_mgr_client.h"
42
43 namespace OHOS {
44 namespace Security {
45 namespace DlpPermission {
46 using namespace testing::ext;
47 using namespace OHOS::Security::AccessToken;
48
49 namespace {
50 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_DLP_PERMISSION, "DlpPermissionKitTest"};
51
52 const uint32_t ACCOUNT_LENGTH = 20;
53 const uint32_t AESKEY_LEN = 32;
54 const uint32_t IV_LEN = 32;
55 const uint32_t USER_NUM = 10;
56 const int AUTH_PERM = 1;
57 const int64_t DELTA_EXPIRY_TIME = 200;
58
59 const uint32_t INVALID_ACCOUNT_LENGTH_UPPER = 2048;
60 const uint32_t INVALID_ACCOUNT_LENGTH_LOWER = 0;
61 const uint32_t INVALID_AESKEY_LEN_UPPER = 256;
62 const uint32_t INVALID_AESKEY_LEN_LOWER = 0;
63 const uint32_t INVALID_IV_LEN_UPPER = 256;
64 const uint32_t INVALID_IV_LEN_LOWER = 0;
65 const uint32_t INVALID_USER_NUM_UPPER = 200;
66 const uint32_t INVALID_AUTH_PERM_UPPER = 5;
67 const uint32_t INVALID_AUTH_PERM_LOWER = 0;
68 const int64_t INVALID_DELTA_EXPIRY_TIME = -100;
69
70 const int32_t DEFAULT_USERID = 100;
71 const int32_t ACTION_SET_EDIT = 0xff;
72 const int32_t ACTION_SET_FC = 0x7ff;
73 static AccessTokenID g_selfTokenId = 0;
74 static AccessTokenID g_dlpManagerTokenId = 0;
75 static int32_t g_selfUid = 0;
76 const std::string DLP_MANAGER_APP = "com.ohos.dlpmanager";
77 const std::string TEST_URI = "datashare:///media/file/8";
78 const std::string TEST_UNEXIST_URI = "datashare:///media/file/1";
79 static const std::string DLP_ENABEL = "const.dlp.dlp_enable";
80 static const uint8_t ARRAY_CHAR_SIZE = 62;
81 static const char CHAR_ARRAY[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
82 } // namespace
83
GetRandNum()84 static uint8_t GetRandNum()
85 {
86 uint8_t rand;
87 RAND_bytes(reinterpret_cast<unsigned char *>(&rand), sizeof(rand));
88 return rand;
89 }
90
TestRecordProcessInfo()91 static void TestRecordProcessInfo()
92 {
93 g_selfTokenId = GetSelfTokenID();
94 DLP_LOG_INFO(LABEL, "get self tokenId is %{public}d", g_selfTokenId);
95 g_dlpManagerTokenId = AccessTokenKit::GetHapTokenID(DEFAULT_USERID, DLP_MANAGER_APP, 0);
96 DLP_LOG_INFO(LABEL, "get dlp manager tokenId is %{public}d", g_dlpManagerTokenId);
97 g_selfUid = getuid();
98 DLP_LOG_INFO(LABEL, "get self uid is %{public}d", g_selfUid);
99 }
100
TestSetSelfTokenId(AccessTokenID tokenId)101 static bool TestSetSelfTokenId(AccessTokenID tokenId)
102 {
103 // set tokenId can only be called by native process
104 int32_t uid = getuid();
105 if (setuid(g_selfUid) != 0) {
106 DLP_LOG_ERROR(LABEL, "setuid fail, %s", strerror(errno));
107 return false;
108 }
109
110 DLP_LOG_INFO(LABEL, "set self tokenId from %{public}u to %{public}d",
111 static_cast<unsigned int>(GetSelfTokenID()), tokenId);
112 if (SetSelfTokenID(tokenId) != DLP_OK) {
113 DLP_LOG_ERROR(LABEL, "set self tokenId fail");
114 if (setuid(uid) != 0) {
115 DLP_LOG_ERROR(LABEL, "setuid fail, %s", strerror(errno));
116 }
117 return false;
118 }
119
120 if (setuid(uid) != 0) {
121 DLP_LOG_ERROR(LABEL, "setuid fail, %s", strerror(errno));
122 return false;
123 }
124 return true;
125 }
126
TestGetTokenId(int userID,const std::string & bundleName,int instIndex,AccessTokenID & tokenId)127 static bool TestGetTokenId(int userID, const std::string& bundleName, int instIndex, AccessTokenID& tokenId)
128 {
129 AccessTokenID tmpTokenId = GetSelfTokenID();
130 if (!TestSetSelfTokenId(g_selfTokenId)) {
131 return false;
132 }
133 int32_t uid = getuid();
134 setuid(g_selfUid);
135 tokenId = AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex);
136 setuid(uid);
137 DLP_LOG_INFO(LABEL, "get app tokenId is %{public}d", tokenId);
138 if (!TestSetSelfTokenId(tmpTokenId)) {
139 return false;
140 }
141 return true;
142 }
143
TestGetAppUid(const std::string & bundleName,int32_t appIndex,int32_t userId,int32_t & uid)144 static bool TestGetAppUid(const std::string& bundleName, int32_t appIndex, int32_t userId, int32_t& uid)
145 {
146 AccessTokenID tmpTokenId = GetSelfTokenID();
147 if (!TestSetSelfTokenId(g_selfTokenId)) {
148 return false;
149 }
150 OHOS::AppExecFwk::BundleInfo info;
151 OHOS::AppExecFwk::BundleMgrClient bundleMgrClient;
152 if (appIndex > 0) {
153 if (bundleMgrClient.GetSandboxBundleInfo(bundleName, appIndex, userId, info) != DLP_OK) {
154 DLP_LOG_ERROR(LABEL, "get sandbox app info fail");
155 return false;
156 }
157 } else {
158 if (!bundleMgrClient.GetBundleInfo(bundleName, OHOS::AppExecFwk::GET_BUNDLE_DEFAULT, info, userId)) {
159 DLP_LOG_ERROR(LABEL, "get app info fail");
160 return false;
161 }
162 }
163 DLP_LOG_INFO(LABEL, "get app uid: %{public}d", info.uid);
164 if (!TestSetSelfTokenId(tmpTokenId)) {
165 return false;
166 }
167 uid = info.uid;
168 return true;
169 }
170
TestInstallDlpSandbox(const std::string & bundleName,DLPFileAccess dlpFileAccess,int32_t userId,SandboxInfo & sandboxInfo)171 static void TestInstallDlpSandbox(
172 const std::string& bundleName, DLPFileAccess dlpFileAccess, int32_t userId, SandboxInfo& sandboxInfo)
173 {
174 // install sandbox need permission ACCESS_DLP_FILE, dlpmanager has this permission
175 AccessTokenID tokenId = GetSelfTokenID();
176 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
177
178 ASSERT_EQ(DLP_OK, DlpPermissionKit::InstallDlpSandbox(bundleName, dlpFileAccess, userId, sandboxInfo, TEST_URI));
179 ASSERT_TRUE(sandboxInfo.appIndex != 0);
180
181 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
182 }
183
TestUninstallDlpSandbox(const std::string & bundleName,int32_t appIndex,int32_t userId)184 static void TestUninstallDlpSandbox(const std::string& bundleName, int32_t appIndex, int32_t userId)
185 {
186 // uninstall sandbox need permission ACCESS_DLP_FILE, dlpmanager has this permission
187 AccessTokenID tokenId = GetSelfTokenID();
188 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
189
190 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(bundleName, appIndex, userId));
191
192 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
193 }
194
TestMockApp(const std::string & bundleName,int32_t appIndex,int32_t userId)195 static void TestMockApp(const std::string& bundleName, int32_t appIndex, int32_t userId)
196 {
197 AccessTokenID tokenId;
198 ASSERT_TRUE(TestGetTokenId(userId, bundleName, appIndex, tokenId));
199 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
200 int32_t uid;
201 ASSERT_TRUE(TestGetAppUid(bundleName, appIndex, userId, uid));
202 ASSERT_EQ(DLP_OK, setuid(uid));
203 }
204
TestRecoverProcessInfo(int32_t uid,AccessTokenID tokenId)205 static void TestRecoverProcessInfo(int32_t uid, AccessTokenID tokenId)
206 {
207 ASSERT_EQ(DLP_OK, setuid((uid)));
208 ASSERT_TRUE(TestSetSelfTokenId((tokenId)));
209 }
210
SetUpTestCase()211 void DlpPermissionKitTest::SetUpTestCase()
212 {
213 // make test case clean
214 DLP_LOG_INFO(LABEL, "SetUpTestCase.");
215 TestRecordProcessInfo();
216 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
217 }
218
TearDownTestCase()219 void DlpPermissionKitTest::TearDownTestCase()
220 {
221 DLP_LOG_INFO(LABEL, "TearDownTestCase.");
222 ASSERT_TRUE(TestSetSelfTokenId(g_selfTokenId));
223 }
224
SetUp()225 void DlpPermissionKitTest::SetUp()
226 {
227 DLP_LOG_INFO(LABEL, "SetUp ok.");
228 }
229
TearDown()230 void DlpPermissionKitTest::TearDown()
231 {
232 DLP_LOG_INFO(LABEL, "TearDown.");
233 }
234
GenerateRandArray(uint32_t len)235 static uint8_t* GenerateRandArray(uint32_t len)
236 {
237 if (len < 1) {
238 DLP_LOG_ERROR(LABEL, "len error");
239 return nullptr;
240 }
241 uint8_t* str = new (std::nothrow) uint8_t[len];
242 if (str == nullptr) {
243 DLP_LOG_ERROR(LABEL, "New memory fail");
244 return nullptr;
245 }
246 for (uint32_t i = 0; i < len; i++) {
247 str[i] = GetRandNum() % 255; // uint8_t range 0 ~ 255
248 }
249 return str;
250 }
251
GenerateRandStr(uint32_t len,std::string & res)252 static void GenerateRandStr(uint32_t len, std::string& res)
253 {
254 for (uint32_t i = 0; i < len; i++) {
255 uint32_t index = GetRandNum() % ARRAY_CHAR_SIZE;
256 DLP_LOG_INFO(LABEL, "%{public}u", index);
257 res.push_back(CHAR_ARRAY[index]);
258 }
259 DLP_LOG_INFO(LABEL, "%{public}s", res.c_str());
260 }
261
262 struct GeneratePolicyParam {
263 uint32_t ownerAccountLen;
264 uint32_t aeskeyLen;
265 uint32_t ivLen;
266 uint32_t userNum;
267 uint32_t authAccountLen;
268 uint32_t authPerm;
269 int64_t deltaTime;
270 };
271
GeneratePolicy(PermissionPolicy & encPolicy,GeneratePolicyParam param)272 static void GeneratePolicy(PermissionPolicy& encPolicy, GeneratePolicyParam param)
273 {
274 uint64_t curTime = static_cast<uint64_t>(
275 std::chrono::duration_cast<std::chrono::seconds>(std::chrono::system_clock::now().time_since_epoch()).count());
276 GenerateRandStr(param.ownerAccountLen, encPolicy.ownerAccount_);
277 encPolicy.ownerAccountId_ = encPolicy.ownerAccount_;
278 encPolicy.ownerAccountType_ = DOMAIN_ACCOUNT;
279 uint8_t* key = GenerateRandArray(param.aeskeyLen);
280 encPolicy.SetAeskey(key, param.aeskeyLen);
281 if (key != nullptr) {
282 delete[] key;
283 key = nullptr;
284 }
285 uint8_t* iv = GenerateRandArray(param.ivLen);
286 encPolicy.SetIv(iv, param.ivLen);
287 if (iv != nullptr) {
288 delete[] iv;
289 iv = nullptr;
290 }
291 for (uint32_t user = 0; user < param.userNum; ++user) {
292 std::string accountName;
293 GenerateRandStr(param.authAccountLen, accountName);
294 AuthUserInfo perminfo = {.authAccount = strdup(const_cast<char *>(accountName.c_str())),
295 .authPerm = static_cast<DLPFileAccess>(param.authPerm),
296 .permExpiryTime = curTime + param.deltaTime,
297 .authAccountType = DOMAIN_ACCOUNT};
298 encPolicy.authUsers_.emplace_back(perminfo);
299 }
300 }
301
TestGenerateDlpCertWithInvalidParam(GeneratePolicyParam param)302 static int32_t TestGenerateDlpCertWithInvalidParam(GeneratePolicyParam param)
303 {
304 PermissionPolicy encPolicy;
305 GeneratePolicy(encPolicy, param);
306 std::vector<uint8_t> cert;
307 int32_t res = DlpPermissionKit::GenerateDlpCertificate(encPolicy, cert);
308 return res;
309 }
310
311 /**
312 * @tc.name: SetRetentionState01
313 * @tc.desc: SetRetentionState abnormal input test.
314 * @tc.type: FUNC
315 * @tc.require:SR000I38N7
316 */
317 HWTEST_F(DlpPermissionKitTest, SetRetentionState01, TestSize.Level1)
318 {
319 int32_t uid = getuid();
320 AccessTokenID selfTokenId = GetSelfTokenID();
321 std::vector<std::string> docUriVec;
322 docUriVec.push_back(TEST_URI);
323 SandboxInfo sandboxInfo;
324
325 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
326 ASSERT_EQ(DLP_OK,
327 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
328 ASSERT_TRUE(sandboxInfo.appIndex != 0);
329 AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, DLP_MANAGER_APP, sandboxInfo.appIndex);
330 AccessTokenID normalTokenId = AccessTokenKit::GetHapTokenID(100, DLP_MANAGER_APP, 0);
331 std::vector<RetentionSandBoxInfo> retentionSandBoxInfoVec;
332 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
333 ASSERT_TRUE(0 == retentionSandBoxInfoVec.size());
334 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
335 retentionSandBoxInfoVec.clear();
336 ASSERT_EQ(DLP_SERVICE_ERROR_API_NOT_FOR_SANDBOX_ERROR,
337 DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
338 ASSERT_TRUE(TestSetSelfTokenId(normalTokenId));
339 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
340 ASSERT_TRUE(0 == retentionSandBoxInfoVec.size());
341 ASSERT_EQ(DLP_SERVICE_ERROR_API_ONLY_FOR_SANDBOX_ERROR, DlpPermissionKit::SetRetentionState(docUriVec));
342 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
343 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::SetRetentionState(docUriVec));
344 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
345 ASSERT_TRUE(TestSetSelfTokenId(normalTokenId));
346 retentionSandBoxInfoVec.clear();
347 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
348 ASSERT_TRUE(0 == retentionSandBoxInfoVec.size());
349 retentionSandBoxInfoVec.clear();
350 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
351 ASSERT_TRUE(0 == retentionSandBoxInfoVec.size());
352 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
353 TestRecoverProcessInfo(uid, selfTokenId);
354 }
355
356 /**
357 * @tc.name: SetRetentionState02
358 * @tc.desc: SetRetentionState abnormal input test.
359 * @tc.type: FUNC
360 * @tc.require:SR000I38N7
361 */
362 HWTEST_F(DlpPermissionKitTest, SetRetentionState02, TestSize.Level1)
363 {
364 int32_t uid = getuid();
365 AccessTokenID tokenId = GetSelfTokenID();
366 DLP_LOG_INFO(LABEL, "SetRetentionState02 tokenId from %{public}u", static_cast<unsigned int>(GetSelfTokenID()));
367 std::vector<std::string> docUriVec;
368 std::vector<RetentionSandBoxInfo> retentionSandBoxInfoVec;
369 SandboxInfo sandboxInfo;
370 ASSERT_EQ(DLP_OK,
371 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
372 docUriVec.clear();
373 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
374 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::CancelRetentionState(docUriVec));
375 docUriVec.push_back(TEST_UNEXIST_URI);
376 ASSERT_EQ(DLP_OK, DlpPermissionKit::CancelRetentionState(docUriVec));
377 docUriVec.clear();
378 docUriVec.push_back(TEST_URI);
379 ASSERT_EQ(DLP_OK, DlpPermissionKit::CancelRetentionState(docUriVec));
380 retentionSandBoxInfoVec.clear();
381 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
382 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetRetentionSandboxList(DLP_MANAGER_APP, retentionSandBoxInfoVec));
383 ASSERT_TRUE(0 == retentionSandBoxInfoVec.size());
384 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
385 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
386 TestRecoverProcessInfo(uid, tokenId);
387 }
388
389 /* *
390 * @tc.name: SetRetentionState03
391 * @tc.desc: SetRetentionState abnormal input test.
392 * @tc.type: FUNC
393 * @tc.require:SR000I38N7
394 */
395 HWTEST_F(DlpPermissionKitTest, SetRetentionState03, TestSize.Level1)
396 {
397 int32_t uid = getuid();
398 SandboxInfo sandboxInfo;
399 AccessTokenID tokenId = GetSelfTokenID();
400 DLP_LOG_INFO(LABEL, "SetRetentionState03 tokenId from %{public}u", static_cast<unsigned int>(GetSelfTokenID()));
401
402 ASSERT_EQ(DLP_OK,
403 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
404 ASSERT_TRUE(sandboxInfo.appIndex != 0);
405 AccessTokenID sandboxTokenId = AccessTokenKit::GetHapTokenID(DEFAULT_USERID, DLP_MANAGER_APP, sandboxInfo.appIndex);
406 DLP_LOG_INFO(LABEL, "SetRetentionState03 sandboxTokenId tokenId from %{public}d ", sandboxTokenId);
407 ASSERT_TRUE(TestSetSelfTokenId(sandboxTokenId));
408 std::vector<std::string> docUriVec;
409 int32_t res = DlpPermissionKit::SetRetentionState(docUriVec);
410 DLP_LOG_INFO(LABEL, "SetRetentionState03 res %{public}d", res);
411 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, res);
412 docUriVec.push_back(TEST_URI);
413 res = DlpPermissionKit::SetRetentionState(docUriVec);
414 DLP_LOG_INFO(LABEL, "SetRetentionState03 res %{public}d", res);
415 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, res);
416 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
417 TestRecoverProcessInfo(uid, tokenId);
418 }
419
420 /* *
421 * @tc.name: OnGenerateDlpCertificate001
422 * @tc.desc: OnGenerateDlpCertificate abnormal input test.
423 * @tc.type: FUNC
424 * @tc.require:AR000GVIG0
425 */
426 HWTEST_F(DlpPermissionKitTest, OnGenerateDlpCertificate001, TestSize.Level1)
427 {
428 auto generateDlpCertificateCallback = std::make_shared<ClientGenerateDlpCertificateCallback>();
429 std::vector<uint8_t> cert;
430 cert = { 1, 2, 3 };
431 generateDlpCertificateCallback->OnGenerateDlpCertificate(-1, cert);
432 ASSERT_EQ(-1, generateDlpCertificateCallback->result_);
433 ASSERT_TRUE(generateDlpCertificateCallback->isCallBack_);
434 }
435
436 /**
437 * @tc.name: OnParseDlpCertificate001
438 * @tc.desc: OnParseDlpCertificate abnormal input test.
439 * @tc.type: FUNC
440 * @tc.require:AR000GVIG0
441 */
442 HWTEST_F(DlpPermissionKitTest, OnParseDlpCertificate001, TestSize.Level1)
443 {
444 auto parseDlpCertificateCallback = std::make_shared<ClientParseDlpCertificateCallback>();
445 PermissionPolicy policy;
446 parseDlpCertificateCallback->OnParseDlpCertificate(-1, policy, {});
447 ASSERT_EQ(-1, parseDlpCertificateCallback->result_);
448 ASSERT_TRUE(parseDlpCertificateCallback->isCallBack_);
449 }
450
451 /* *
452 * @tc.name: GenerateDlpCertificate001
453 * @tc.desc: GenerateDlpCertificate abnormal input test.
454 * @tc.type: FUNC
455 * @tc.require:AR000GVIG0
456 */
457 HWTEST_F(DlpPermissionKitTest, GenerateDlpCertificate001, TestSize.Level1)
458 {
459 GeneratePolicyParam param = {INVALID_ACCOUNT_LENGTH_UPPER, AESKEY_LEN,
460 IV_LEN, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
461 EXPECT_EQ(
462 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
463 param.ownerAccountLen = INVALID_ACCOUNT_LENGTH_LOWER;
464 EXPECT_EQ(
465 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
466 param = {ACCOUNT_LENGTH, INVALID_AESKEY_LEN_UPPER,
467 IV_LEN, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
468 EXPECT_EQ(
469 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
470 param = {ACCOUNT_LENGTH, INVALID_AESKEY_LEN_LOWER,
471 IV_LEN, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
472 EXPECT_EQ(
473 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
474 param = {ACCOUNT_LENGTH, AESKEY_LEN, INVALID_IV_LEN_UPPER, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
475 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
476 param = {ACCOUNT_LENGTH, AESKEY_LEN, INVALID_IV_LEN_LOWER, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
477 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
478 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
479 INVALID_USER_NUM_UPPER, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
480 EXPECT_EQ(
481 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
482 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
483 USER_NUM, INVALID_ACCOUNT_LENGTH_UPPER, AUTH_PERM, DELTA_EXPIRY_TIME};
484 EXPECT_EQ(
485 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
486 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
487 USER_NUM, INVALID_ACCOUNT_LENGTH_LOWER, AUTH_PERM, DELTA_EXPIRY_TIME};
488 EXPECT_EQ(
489 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
490 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
491 USER_NUM, ACCOUNT_LENGTH, INVALID_AUTH_PERM_UPPER, DELTA_EXPIRY_TIME};
492 EXPECT_EQ(
493 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
494 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
495 USER_NUM, ACCOUNT_LENGTH, INVALID_AUTH_PERM_LOWER, DELTA_EXPIRY_TIME};
496 EXPECT_EQ(
497 DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
498 param = {ACCOUNT_LENGTH, AESKEY_LEN, IV_LEN,
499 USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, INVALID_DELTA_EXPIRY_TIME};
500 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, TestGenerateDlpCertWithInvalidParam(param));
501 param = {ACCOUNT_LENGTH, AESKEY_LEN,
502 AESKEY_LEN, USER_NUM, ACCOUNT_LENGTH, AUTH_PERM, DELTA_EXPIRY_TIME};
503 EXPECT_NE(DLP_OK, TestGenerateDlpCertWithInvalidParam(param));
504 }
505
506 /**
507 * @tc.name: ParseDlpCertificate001
508 * @tc.desc: ParseDlpCertificate abnormal input test.
509 * @tc.type: FUNC
510 * @tc.require:AR000GVIG0
511 */
512 HWTEST_F(DlpPermissionKitTest, ParseDlpCertificate001, TestSize.Level1)
513 {
514 sptr<CertParcel> certParcel = new (std::nothrow) CertParcel();
515 PermissionPolicy policy;
516 certParcel->contactAccount = "test";
517 std::string appId = "test_appId_passed";
518 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::ParseDlpCertificate(certParcel, policy, appId, true));
519 certParcel->cert = {1, 2, 3};
520 ASSERT_NE(DLP_OK, DlpPermissionKit::ParseDlpCertificate(certParcel, policy, appId, true));
521 }
522
523 /**
524 * @tc.name: InstallDlpSandbox001
525 * @tc.desc: InstallDlpSandbox test.
526 * @tc.type: FUNC
527 * @tc.require:AR000GVIG8
528 */
529 HWTEST_F(DlpPermissionKitTest, InstallDlpSandbox001, TestSize.Level1)
530 {
531 SandboxInfo sandboxInfo;
532 ASSERT_EQ(DLP_OK,
533 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
534 ASSERT_TRUE(sandboxInfo.appIndex != 0);
535 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
536 }
537
538 /**
539 * @tc.name: InstallDlpSandbox002
540 * @tc.desc: InstallDlpSandbox invalid input.
541 * @tc.type: FUNC
542 * @tc.require:AR000GVIG8
543 */
544 HWTEST_F(DlpPermissionKitTest, InstallDlpSandbox002, TestSize.Level1)
545 {
546 SandboxInfo sandboxInfo;
547 ASSERT_NE(
548 DLP_OK, DlpPermissionKit::InstallDlpSandbox("test.test", READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
549 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID,
550 DlpPermissionKit::InstallDlpSandbox("", READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
551 ASSERT_EQ(
552 DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP,
553 static_cast<DLPFileAccess>(100), DEFAULT_USERID, sandboxInfo, TEST_URI));
554 }
555
556 /**
557 * @tc.name: UninstallDlpSandbox001
558 * @tc.desc: UninstallDlpSandbox test.
559 * @tc.type: FUNC
560 * @tc.require: SR000GVIGF AR000GVIGG
561 */
562 HWTEST_F(DlpPermissionKitTest, UninstallDlpSandbox001, TestSize.Level1)
563 {
564 SandboxInfo sandboxInfo;
565 ASSERT_EQ(DLP_OK,
566 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
567 ASSERT_TRUE(sandboxInfo.appIndex != 0);
568 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
569 }
570
571 /* *
572 * @tc.name: UninstallDlpSandbox002
573 * @tc.desc: UninstallDlpSandbox invalid input.
574 * @tc.type: FUNC
575 * @tc.require: SR000GVIGF AR000GVIGG
576 */
577 HWTEST_F(DlpPermissionKitTest, UninstallDlpSandbox002, TestSize.Level1)
578 {
579 int32_t appIndex = 1;
580 ASSERT_NE(DLP_OK, DlpPermissionKit::UninstallDlpSandbox("test.test", appIndex, DEFAULT_USERID));
581 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::UninstallDlpSandbox("", appIndex, DEFAULT_USERID));
582 }
583
584 /**
585 * @tc.name: GetSandboxExternalAuthorization001
586 * @tc.desc: GetSandboxExternalAuthorization test.
587 * @tc.type: FUNC
588 * @tc.require: SR000GVIR0 AR000GVIR1
589 */
590 HWTEST_F(DlpPermissionKitTest, GetSandboxExternalAuthorization001, TestSize.Level1)
591 {
592 int32_t uid = getuid();
593 AccessTokenID selfTokenId = GetSelfTokenID();
594 // sandboxUid is invalid
595 OHOS::AAFwk::Want want;
596 SandBoxExternalAuthorType authType;
597 ASSERT_NE(DLP_OK, DlpPermissionKit::GetSandboxExternalAuthorization(-1, want, authType));
598
599 // sandboxUid is ok
600 SandboxInfo sandboxInfo;
601 ASSERT_EQ(DLP_OK,
602 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
603 int sandboxUid;
604 ASSERT_TRUE(TestGetAppUid(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID, sandboxUid));
605 ASSERT_EQ(DLP_SERVICE_ERROR_API_ONLY_FOR_SANDBOX_ERROR,
606 DlpPermissionKit::GetSandboxExternalAuthorization(sandboxUid, want, authType));
607 ASSERT_EQ(DLP_SERVICE_ERROR_API_ONLY_FOR_SANDBOX_ERROR,
608 DlpPermissionKit::GetSandboxExternalAuthorization(sandboxUid, want, authType));
609 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
610 ASSERT_TRUE(authType == DENY_START_ABILITY);
611 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
612
613 // uid is not sandbox
614 ASSERT_EQ(DLP_SERVICE_ERROR_PARCEL_OPERATE_FAIL,
615 DlpPermissionKit::GetSandboxExternalAuthorization(1000, want, authType));
616 ASSERT_TRUE(authType == DENY_START_ABILITY);
617 TestRecoverProcessInfo(uid, selfTokenId);
618 }
619
620 /**
621 * @tc.name: QueryDlpFileCopyableByTokenId001
622 * @tc.desc: QueryDlpFileCopyableByTokenId with read only sandbox app tokenId.
623 * @tc.type: FUNC
624 * @tc.require: SR000GVIGL AR000GVIGM
625 */
626 HWTEST_F(DlpPermissionKitTest, QueryDlpFileCopyableByTokenId001, TestSize.Level1)
627 {
628 // query dlp file access with read only sandbox app tokenId
629 SandboxInfo sandboxInfo;
630 ASSERT_EQ(DLP_OK,
631 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo, TEST_URI));
632 ASSERT_TRUE(sandboxInfo.appIndex != 0);
633 AccessTokenID sandboxTokenId;
634 ASSERT_TRUE(TestGetTokenId(DEFAULT_USERID, DLP_MANAGER_APP, sandboxInfo.appIndex, sandboxTokenId));
635 bool copyable = false;
636 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileCopyableByTokenId(copyable, sandboxTokenId));
637 ASSERT_EQ(copyable, false);
638 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
639 }
640
641 /**
642 * @tc.name: QueryDlpFileCopyableByTokenId002
643 * @tc.desc: QueryDlpFileCopyableByTokenId with full control sandbox app tokenId.
644 * @tc.type: FUNC
645 * @tc.require: SR000GVIGL AR000GVIGM
646 */
647 HWTEST_F(DlpPermissionKitTest, QueryDlpFileCopyableByTokenId002, TestSize.Level1)
648 {
649 // query dlp file access with full control sandbox app tokenId
650 SandboxInfo sandboxInfo;
651 ASSERT_EQ(DLP_OK,
652 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
653 ASSERT_TRUE(sandboxInfo.appIndex != 0);
654 AccessTokenID sandboxTokenId;
655 ASSERT_TRUE(TestGetTokenId(DEFAULT_USERID, DLP_MANAGER_APP, sandboxInfo.appIndex, sandboxTokenId));
656 bool copyable = false;
657 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileCopyableByTokenId(copyable, sandboxTokenId));
658 ASSERT_EQ(copyable, true);
659 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
660 }
661
662 /**
663 * @tc.name: QueryDlpFileCopyableByTokenId003
664 * @tc.desc: QueryDlpFileCopyableByTokenId with normal app tokenId.
665 * @tc.type: FUNC
666 * @tc.require: SR000GVIGL AR000GVIGM
667 */
668 HWTEST_F(DlpPermissionKitTest, QueryDlpFileCopyableByTokenId003, TestSize.Level1)
669 {
670 // query dlp file access with normal app tokenId
671 bool copyable = false;
672 AccessTokenID normalTokenId;
673 ASSERT_TRUE(TestGetTokenId(DEFAULT_USERID, DLP_MANAGER_APP, 0, normalTokenId));
674 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileCopyableByTokenId(copyable, normalTokenId));
675 ASSERT_EQ(copyable, true);
676 }
677
678 /**
679 * @tc.name: QueryDlpFileCopyableByTokenId004
680 * @tc.desc: QueryDlpFileCopyableByTokenId invalid input.
681 * @tc.type: FUNC
682 * @tc.require: SR000GVIGL AR000GVIGM
683 */
684 HWTEST_F(DlpPermissionKitTest, QueryDlpFileCopyableByTokenId004, TestSize.Level1)
685 {
686 // query dlp file access with invalid tokenId
687 bool copyable = false;
688 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::QueryDlpFileCopyableByTokenId(copyable, 0));
689 ASSERT_EQ(copyable, false);
690 }
691
692 /**
693 * @tc.name: QueryDlpFileAccess001
694 * @tc.desc: QueryDlpFileAccess in normal app.
695 * @tc.type: FUNC
696 * @tc.require: SR000GVIGN AR000GVIGO
697 */
698 HWTEST_F(DlpPermissionKitTest, QueryDlpFileAccess001, TestSize.Level1)
699 {
700 // query dlp file access in normal app
701 int32_t uid = getuid();
702 AccessTokenID tokenId = GetSelfTokenID();
703 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
704
705 DLPPermissionInfo permInfo;
706 ASSERT_EQ(DLP_SERVICE_ERROR_API_ONLY_FOR_SANDBOX_ERROR, DlpPermissionKit::QueryDlpFileAccess(permInfo));
707
708 TestRecoverProcessInfo(uid, tokenId);
709 }
710
711 /**
712 * @tc.name: QueryDlpFileAccess002
713 * @tc.desc: QueryDlpFileAccess in read only sandbox app.
714 * @tc.type: FUNC
715 * @tc.require: SR000GVIGN AR000GVIGO
716 */
717 HWTEST_F(DlpPermissionKitTest, QueryDlpFileAccess002, TestSize.Level1)
718 {
719 // query dlp file access in read only sandbox app
720 SandboxInfo sandboxInfo;
721 TestInstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo);
722
723 int32_t uid = getuid();
724 AccessTokenID tokenId = GetSelfTokenID();
725 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
726
727 DLPPermissionInfo permInfo;
728 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileAccess(permInfo));
729 ASSERT_EQ(permInfo.dlpFileAccess, READ_ONLY);
730 ASSERT_EQ(permInfo.flags, ACTION_VIEW);
731
732 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
733 TestRecoverProcessInfo(uid, tokenId);
734 }
735
736 /**
737 * @tc.name: QueryDlpFileAccess003
738 * @tc.desc: QueryDlpFileAccess in content edit sandbox app.
739 * @tc.type: FUNC
740 * @tc.require: SR000GVIGN AR000GVIGO
741 */
742 HWTEST_F(DlpPermissionKitTest, QueryDlpFileAccess003, TestSize.Level1)
743 {
744 // query dlp file access in content edit sandbox app
745 SandboxInfo sandboxInfo;
746 TestInstallDlpSandbox(DLP_MANAGER_APP, CONTENT_EDIT, DEFAULT_USERID, sandboxInfo);
747
748 int32_t uid = getuid();
749 AccessTokenID tokenId = GetSelfTokenID();
750 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
751
752 DLPPermissionInfo permInfo;
753 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileAccess(permInfo));
754 ASSERT_EQ(permInfo.dlpFileAccess, CONTENT_EDIT);
755 ASSERT_EQ(permInfo.flags, ACTION_SET_EDIT);
756
757 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
758 TestRecoverProcessInfo(uid, tokenId);
759 }
760
761 /**
762 * @tc.name: QueryDlpFileAccess004
763 * @tc.desc: QueryDlpFileAccess in full control sandbox app.
764 * @tc.type: FUNC
765 * @tc.require: SR000GVIGN AR000GVIGO
766 */
767 HWTEST_F(DlpPermissionKitTest, QueryDlpFileAccess004, TestSize.Level1)
768 {
769 // query dlp file access in full control sandbox app
770 SandboxInfo sandboxInfo;
771 TestInstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo);
772
773 int32_t uid = getuid();
774 AccessTokenID tokenId = GetSelfTokenID();
775 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
776
777 DLPPermissionInfo permInfo;
778 ASSERT_EQ(DLP_OK, DlpPermissionKit::QueryDlpFileAccess(permInfo));
779 ASSERT_EQ(permInfo.dlpFileAccess, FULL_CONTROL);
780 ASSERT_EQ(permInfo.flags, ACTION_SET_FC);
781
782 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
783 TestRecoverProcessInfo(uid, tokenId);
784 }
785
786 /**
787 * @tc.name: IsInDlpSandbox001
788 * @tc.desc: IsInDlpSandbox in normal app.
789 * @tc.type: FUNC
790 * @tc.require: SR000GVIGN AR000GVIGO
791 */
792 HWTEST_F(DlpPermissionKitTest, IsInDlpSandbox001, TestSize.Level1)
793 {
794 // query whether in sandbox in normal app
795 bool inSandbox = false;
796
797 int32_t uid = getuid();
798 AccessTokenID tokenId = GetSelfTokenID();
799 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
800
801 ASSERT_EQ(DLP_OK, DlpPermissionKit::IsInDlpSandbox(inSandbox));
802 ASSERT_EQ(inSandbox, false);
803
804 TestRecoverProcessInfo(uid, tokenId);
805 }
806
807 /**
808 * @tc.name: IsInDlpSandbox002
809 * @tc.desc: IsInDlpSandbox in read only sandbox app.
810 * @tc.type: FUNC
811 * @tc.require: SR000GVIGN AR000GVIGO
812 */
813 HWTEST_F(DlpPermissionKitTest, IsInDlpSandbox002, TestSize.Level1)
814 {
815 // query whether in sandbox in read only sandbox app
816 SandboxInfo sandboxInfo;
817 TestInstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo);
818
819 int32_t uid = getuid();
820 AccessTokenID tokenId = GetSelfTokenID();
821 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
822
823 bool inSandbox = false;
824 ASSERT_EQ(DLP_OK, DlpPermissionKit::IsInDlpSandbox(inSandbox));
825 ASSERT_EQ(inSandbox, true);
826 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
827 TestRecoverProcessInfo(uid, tokenId);
828 }
829
830 /**
831 * @tc.name: IsInDlpSandbox003
832 * @tc.desc: IsInDlpSandbox in full control sandbox app.
833 * @tc.type: FUNC
834 * @tc.require: SR000GVIGN AR000GVIGO
835 */
836 HWTEST_F(DlpPermissionKitTest, IsInDlpSandbox003, TestSize.Level1)
837 {
838 // query whether in sandbox in full control sandbox app
839 SandboxInfo sandboxInfo;
840 TestInstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo);
841
842 int32_t uid = getuid();
843 AccessTokenID tokenId = GetSelfTokenID();
844 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
845
846 bool inSandbox = false;
847 ASSERT_EQ(DLP_OK, DlpPermissionKit::IsInDlpSandbox(inSandbox));
848 ASSERT_EQ(inSandbox, true);
849
850 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
851 TestRecoverProcessInfo(uid, tokenId);
852 }
853
854 /**
855 * @tc.name: GetDlpSupportFileType001
856 * @tc.desc: GetDlpSupportFileType in normal app.
857 * @tc.type: FUNC
858 * @tc.require: SR000GVIGN AR000GVIGO
859 */
860 HWTEST_F(DlpPermissionKitTest, GetDlpSupportFileType001, TestSize.Level1)
861 {
862 DLP_LOG_INFO(LABEL, "enter GetDlpSupportFileType001");
863 // query support dlp file types in normal app
864 std::vector<std::string> supportFileType;
865 int32_t uid = getuid();
866 AccessTokenID tokenId = GetSelfTokenID();
867 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
868
869 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDlpSupportFileType(supportFileType));
870 ASSERT_EQ(supportFileType.empty(), false);
871
872 TestRecoverProcessInfo(uid, tokenId);
873 }
874
875 /**
876 * @tc.name: GetDlpSupportFileType002
877 * @tc.desc: GetDlpSupportFileType in read only sandbox app.
878 * @tc.type: FUNC
879 * @tc.require: SR000GVIGN AR000GVIGO
880 */
881 HWTEST_F(DlpPermissionKitTest, GetDlpSupportFileType002, TestSize.Level1)
882 {
883 // query support dlp file types in read only sandbox app
884 SandboxInfo sandboxInfo;
885 TestInstallDlpSandbox(DLP_MANAGER_APP, READ_ONLY, DEFAULT_USERID, sandboxInfo);
886
887 int32_t uid = getuid();
888 AccessTokenID tokenId = GetSelfTokenID();
889 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
890 std::vector<std::string> supportFileType;
891 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDlpSupportFileType(supportFileType));
892 ASSERT_EQ(supportFileType.empty(), false);
893
894 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
895 TestRecoverProcessInfo(uid, tokenId);
896 }
897
898 /**
899 * @tc.name: GetDlpSupportFileType003
900 * @tc.desc: GetDlpSupportFileType in context edit sandbox app.
901 * @tc.type: FUNC
902 * @tc.require:
903 */
904 HWTEST_F(DlpPermissionKitTest, GetDlpSupportFileType003, TestSize.Level1)
905 {
906 // query support dlp file types in context edit sandbox app
907 SandboxInfo sandboxInfo;
908 TestInstallDlpSandbox(DLP_MANAGER_APP, CONTENT_EDIT, DEFAULT_USERID, sandboxInfo);
909
910 int32_t uid = getuid();
911 AccessTokenID tokenId = GetSelfTokenID();
912 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
913 std::vector<std::string> supportFileType;
914 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDlpSupportFileType(supportFileType));
915 ASSERT_EQ(supportFileType.empty(), false);
916
917 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
918 TestRecoverProcessInfo(uid, tokenId);
919 }
920
921 /**
922 * @tc.name: GetDlpSupportFileType004
923 * @tc.desc: GetDlpSupportFileType in full control sandbox app.
924 * @tc.type: FUNC
925 * @tc.require: SR000GVIGN AR000GVIGO
926 */
927 HWTEST_F(DlpPermissionKitTest, GetDlpSupportFileType004, TestSize.Level1)
928 {
929 DLP_LOG_INFO(LABEL, "enter GetDlpSupportFileType004");
930 // query support dlp file types in full control sandbox app
931 SandboxInfo sandboxInfo;
932 TestInstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo);
933
934 int32_t uid = getuid();
935 AccessTokenID tokenId = GetSelfTokenID();
936 TestMockApp(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
937
938 std::vector<std::string> supportFileType;
939 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDlpSupportFileType(supportFileType));
940 ASSERT_EQ(supportFileType.empty(), false);
941
942 TestUninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID);
943 TestRecoverProcessInfo(uid, tokenId);
944 }
945
946 /**
947 * @tc.name: GetDlpGatheringPolicy001
948 * @tc.desc: GetDlpGatheringPolicy test
949 * @tc.type: FUNC
950 * @tc.require:
951 */
952 HWTEST_F(DlpPermissionKitTest, GetDlpGatheringPolicy001, TestSize.Level1)
953 {
954 // query gathering policy on this device
955 bool isGathering = false;
956
957 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDlpGatheringPolicy(isGathering));
958 ASSERT_EQ(isGathering, false);
959 }
960
961 /**
962 * @tc.name: ClearUnreservedSandbox001
963 * @tc.desc: ClearUnreservedSandbox.
964 * @tc.type: FUNC
965 * @tc.require: SR000I38N7
966 */
967 HWTEST_F(DlpPermissionKitTest, ClearUnreservedSandbox001, TestSize.Level1)
968 {
969 ASSERT_EQ(DLP_SERVICE_ERROR_PERMISSION_DENY, DlpPermissionKit::ClearUnreservedSandbox());
970 }
971
972 class CbCustomizeTest : public DlpSandboxChangeCallbackCustomize {
973 public:
CbCustomizeTest()974 explicit CbCustomizeTest() {}
~CbCustomizeTest()975 ~CbCustomizeTest() {}
976
DlpSandboxChangeCallback(DlpSandboxCallbackInfo & result)977 virtual void DlpSandboxChangeCallback(DlpSandboxCallbackInfo& result) {}
978 };
979
980 class TestOpenDlpFileCallbackCustomize : public OpenDlpFileCallbackCustomize {
981 public:
TestOpenDlpFileCallbackCustomize()982 explicit TestOpenDlpFileCallbackCustomize() {}
~TestOpenDlpFileCallbackCustomize()983 ~TestOpenDlpFileCallbackCustomize() {}
984
OnOpenDlpFile(OpenDlpFileCallbackInfo & result)985 void OnOpenDlpFile(OpenDlpFileCallbackInfo &result)
986 {
987 called = true;
988 }
989 bool called = false;
990 };
991
992 /**
993 * @tc.name: RegisterDlpSandboxChangeCallback001
994 * @tc.desc: RegisterDlpSandboxChangeCallback.
995 * @tc.type: FUNC
996 * @tc.require: DTS2023040302317
997 */
998 HWTEST_F(DlpPermissionKitTest, RegisterDlpSandboxChangeCallback001, TestSize.Level1)
999 {
1000 const std::shared_ptr<DlpSandboxChangeCallbackCustomize> callbackPtr = std::make_shared<CbCustomizeTest>();
1001 int32_t res = DlpPermissionKit::RegisterDlpSandboxChangeCallback(callbackPtr);
1002 ASSERT_EQ(DLP_OK, res);
1003 res = DlpPermissionKit::RegisterDlpSandboxChangeCallback(callbackPtr);
1004 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, res);
1005 bool result;
1006 SandboxInfo sandboxInfo;
1007 ASSERT_EQ(DLP_OK,
1008 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
1009 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
1010 res = DlpPermissionKit::UnregisterDlpSandboxChangeCallback(result);
1011 ASSERT_EQ(DLP_OK, res);
1012 }
1013
1014 /**
1015 * @tc.name: RegisterDlpSandboxChangeCallback002
1016 * @tc.desc: RegisterDlpSandboxChangeCallback.
1017 * @tc.type: FUNC
1018 * @tc.require: DTS2023040302317
1019 */
1020 HWTEST_F(DlpPermissionKitTest, RegisterDlpSandboxChangeCallback002, TestSize.Level1)
1021 {
1022 int32_t res = DlpPermissionKit::RegisterDlpSandboxChangeCallback(nullptr);
1023 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, res);
1024 bool result;
1025 res = DlpPermissionKit::UnregisterDlpSandboxChangeCallback(result);
1026 ASSERT_EQ(DLP_CALLBACK_PARAM_INVALID, res);
1027 }
1028
1029 /**
1030 * @tc.name: RegisterDlpSandboxChangeCallback003
1031 * @tc.desc: RegisterDlpSandboxChangeCallback.
1032 * @tc.type: FUNC
1033 * @tc.require: DTS2023040302317
1034 */
1035 HWTEST_F(DlpPermissionKitTest, RegisterDlpSandboxChangeCallback003, TestSize.Level1)
1036 {
1037 bool result;
1038 int32_t res = DlpPermissionKit::UnregisterDlpSandboxChangeCallback(result);
1039 ASSERT_EQ(DLP_CALLBACK_PARAM_INVALID, res);
1040 }
1041
1042 /**
1043 * @tc.name: DlpSandboxChangeCallback001
1044 * @tc.desc: DlpSandboxChangeCallback function test.
1045 * @tc.type: FUNC
1046 * @tc.require: DTS2023040302317
1047 */
1048 HWTEST_F(DlpPermissionKitTest, DlpSandboxChangeCallback001, TestSize.Level1)
1049 {
1050 std::shared_ptr<CbCustomizeTest> callbackPtr = nullptr;
1051 std::shared_ptr<DlpSandboxChangeCallback> callback = std::make_shared<DlpSandboxChangeCallback>(
1052 callbackPtr);
1053 ASSERT_NE(callback, nullptr);
1054 DlpSandboxCallbackInfo result;
1055 callback->DlpSandboxStateChangeCallback(result);
1056 ASSERT_EQ(callback->customizedCallback_, nullptr);
1057 }
1058
1059 /**
1060 * @tc.name: DlpSandboxChangeCallback002
1061 * @tc.desc: DlpSandboxChangeCallback function test.
1062 * @tc.type: FUNC
1063 * @tc.require: DTS2023040302317
1064 */
1065 HWTEST_F(DlpPermissionKitTest, DlpSandboxChangeCallback002, TestSize.Level1)
1066 {
1067 std::shared_ptr<CbCustomizeTest> callbackPtr = std::make_shared<CbCustomizeTest>();
1068 std::shared_ptr<DlpSandboxChangeCallback> callback = std::make_shared<DlpSandboxChangeCallback>(callbackPtr);
1069 ASSERT_NE(callback, nullptr);
1070 DlpSandboxCallbackInfo result;
1071 callback->DlpSandboxStateChangeCallback(result);
1072 ASSERT_NE(callback->customizedCallback_, nullptr);
1073 callback->Stop();
1074 }
1075
1076 /**
1077 * @tc.name: RegisterOpenDlpFileCallback001
1078 * @tc.desc: RegisterOpenDlpFileCallback.
1079 * @tc.type: FUNC
1080 * @tc.require:
1081 */
1082 HWTEST_F(DlpPermissionKitTest, RegisterOpenDlpFileCallback001, TestSize.Level1)
1083 {
1084 int32_t uid = getuid();
1085 AccessTokenID tokenId = GetSelfTokenID();
1086 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
1087
1088 const std::shared_ptr<TestOpenDlpFileCallbackCustomize> callbackPtr =
1089 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1090 ASSERT_NE(callbackPtr, nullptr);
1091 EXPECT_EQ(DLP_OK, DlpPermissionKit::RegisterOpenDlpFileCallback(callbackPtr));
1092 SandboxInfo sandboxInfo;
1093 EXPECT_EQ(DLP_OK,
1094 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
1095 usleep(50000); // sleep 50ms
1096 EXPECT_EQ(true, callbackPtr->called);
1097 EXPECT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
1098 EXPECT_EQ(DLP_OK, DlpPermissionKit::UnRegisterOpenDlpFileCallback(callbackPtr));
1099
1100 TestRecoverProcessInfo(uid, tokenId);
1101 }
1102
1103 /**
1104 * @tc.name: RegisterOpenDlpFileCallback002
1105 * @tc.desc: RegisterOpenDlpFileCallback.
1106 * @tc.type: FUNC
1107 * @tc.require:
1108 */
1109 HWTEST_F(DlpPermissionKitTest, RegisterOpenDlpFileCallback002, TestSize.Level1)
1110 {
1111 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::RegisterOpenDlpFileCallback(nullptr));
1112 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::UnRegisterOpenDlpFileCallback(nullptr));
1113 }
1114
1115 /**
1116 * @tc.name: RegisterOpenDlpFileCallback003
1117 * @tc.desc: RegisterOpenDlpFileCallback.
1118 * @tc.type: FUNC
1119 * @tc.require:
1120 */
1121 HWTEST_F(DlpPermissionKitTest, RegisterOpenDlpFileCallback003, TestSize.Level1)
1122 {
1123 int32_t uid = getuid();
1124 AccessTokenID tokenId = GetSelfTokenID();
1125 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
1126
1127 const std::shared_ptr<TestOpenDlpFileCallbackCustomize> callbackPtr =
1128 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1129 ASSERT_NE(callbackPtr, nullptr);
1130 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::UnRegisterOpenDlpFileCallback(callbackPtr));
1131
1132 TestRecoverProcessInfo(uid, tokenId);
1133 }
1134
1135 /**
1136 * @tc.name: RegisterOpenDlpFileCallback004
1137 * @tc.desc: RegisterOpenDlpFileCallback.
1138 * @tc.type: FUNC
1139 * @tc.require:
1140 */
1141 HWTEST_F(DlpPermissionKitTest, RegisterOpenDlpFileCallback004, TestSize.Level1)
1142 {
1143 int32_t uid = getuid();
1144 AccessTokenID tokenId = GetSelfTokenID();
1145 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
1146
1147 std::vector<std::shared_ptr<TestOpenDlpFileCallbackCustomize>> ptrList;
1148 const std::shared_ptr<TestOpenDlpFileCallbackCustomize> callbackPtr =
1149 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1150 ASSERT_NE(callbackPtr, nullptr);
1151 EXPECT_EQ(DLP_OK, DlpPermissionKit::RegisterOpenDlpFileCallback(callbackPtr));
1152 ptrList.emplace_back(callbackPtr);
1153 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::RegisterOpenDlpFileCallback(callbackPtr));
1154 for (int32_t i = 0; i < 99; i++) {
1155 const std::shared_ptr<TestOpenDlpFileCallbackCustomize> callback =
1156 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1157 ASSERT_NE(callback, nullptr);
1158 EXPECT_EQ(DLP_OK, DlpPermissionKit::RegisterOpenDlpFileCallback(callback));
1159 ptrList.emplace_back(callback);
1160 }
1161 const std::shared_ptr<TestOpenDlpFileCallbackCustomize> callback =
1162 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1163 ASSERT_NE(callback, nullptr);
1164 EXPECT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::RegisterOpenDlpFileCallback(callback));
1165 ptrList.emplace_back(callback);
1166 for (auto& iter : ptrList) {
1167 DlpPermissionKit::UnRegisterOpenDlpFileCallback(iter);
1168 }
1169
1170 TestRecoverProcessInfo(uid, tokenId);
1171 }
1172
1173 /**
1174 * @tc.name: OpenDlpFileCallback001
1175 * @tc.desc: OpenDlpFileCallback function test.
1176 * @tc.type: FUNC
1177 * @tc.require:
1178 */
1179 HWTEST_F(DlpPermissionKitTest, OpenDlpFileCallback001, TestSize.Level1)
1180 {
1181 std::shared_ptr<TestOpenDlpFileCallbackCustomize> callbackPtr = nullptr;
1182 std::shared_ptr<OpenDlpFileCallback> callback = std::make_shared<OpenDlpFileCallback>(callbackPtr);
1183 ASSERT_NE(callback, nullptr);
1184 OpenDlpFileCallbackInfo result;
1185 callback->OnOpenDlpFile(result);
1186 ASSERT_EQ(callback->customizedCallback_, nullptr);
1187 }
1188
1189 /**
1190 * @tc.name: OpenDlpFileCallback002
1191 * @tc.desc: OpenDlpFileCallback function test.
1192 * @tc.type: FUNC
1193 * @tc.require:
1194 */
1195 HWTEST_F(DlpPermissionKitTest, OpenDlpFileCallback002, TestSize.Level1)
1196 {
1197 std::shared_ptr<TestOpenDlpFileCallbackCustomize> callbackPtr =
1198 std::make_shared<TestOpenDlpFileCallbackCustomize>();
1199 std::shared_ptr<OpenDlpFileCallback> callback = std::make_shared<OpenDlpFileCallback>(callbackPtr);
1200 ASSERT_NE(callback, nullptr);
1201 OpenDlpFileCallbackInfo result;
1202 callback->OnOpenDlpFile(result);
1203 EXPECT_EQ(true, callbackPtr->called);
1204 ASSERT_NE(callback->customizedCallback_, nullptr);
1205 }
1206
1207 /**
1208 * @tc.name: OnGenerateDlpCertificate002
1209 * @tc.desc: OnGenerateDlpCertificate function test.
1210 * @tc.type: FUNC
1211 * @tc.require: DTS2023040302317
1212 */
1213 HWTEST_F(DlpPermissionKitTest, OnGenerateDlpCertificate002, TestSize.Level1)
1214 {
1215 std::vector<uint8_t> cert;
1216 auto generateDlpCertificateCallback = std::make_shared<ClientGenerateDlpCertificateCallback>();
1217 generateDlpCertificateCallback->OnGenerateDlpCertificate(0, cert);
1218 ASSERT_EQ(0, generateDlpCertificateCallback->result_);
1219 PermissionPolicy policy;
1220 auto parseDlpCertificateCallback = std::make_shared<ClientParseDlpCertificateCallback>();
1221 parseDlpCertificateCallback->OnParseDlpCertificate(0, policy, {});
1222 ASSERT_EQ(0, generateDlpCertificateCallback->result_);
1223 }
1224
1225 /**
1226 * @tc.name: ParseDlpCertificate002
1227 * @tc.desc: ParseDlpCertificate abnormal input test.
1228 * @tc.type: FUNC
1229 * @tc.require:AR000GVIG0
1230 */
1231 HWTEST_F(DlpPermissionKitTest, ParseDlpCertificate002, TestSize.Level1)
1232 {
1233 sptr<CertParcel> certParcel = new (std::nothrow) CertParcel();
1234 certParcel->offlineCert.push_back(1);
1235 PermissionPolicy policy;
1236 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID,
1237 DlpPermissionKit::ParseDlpCertificate(certParcel, policy, "", true));
1238
1239 policy.ownerAccount_ = "test";
1240 policy.ownerAccountId_ = "test";
1241 policy.ownerAccountType_ = CLOUD_ACCOUNT;
1242 std::vector<AuthUserInfo> authUsers_;
1243 AuthUserInfo info;
1244 info.authAccount = "test";
1245 info.authPerm = FULL_CONTROL;
1246 info.permExpiryTime = 1784986283;
1247 info.authAccountType = CLOUD_ACCOUNT;
1248 authUsers_.push_back(info);
1249 uint8_t* iv = new (std::nothrow) uint8_t[16];
1250 uint8_t* aseKey = new (std::nothrow) uint8_t[16];
1251 policy.SetIv(iv, 16);
1252 policy.SetAeskey(aseKey, 16);
1253 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID,
1254 DlpPermissionKit::ParseDlpCertificate(certParcel, policy, "", true));
1255 delete[] iv;
1256 delete[] aseKey;
1257 }
1258
1259 /**
1260 * @tc.name: GetDLPFileVisitRecord001
1261 * @tc.desc: GetDLPFileVisitRecord.
1262 * @tc.type: FUNC
1263 * @tc.require: AR000I38MV
1264 */
1265 HWTEST_F(DlpPermissionKitTest, GetDLPFileVisitRecord001, TestSize.Level1)
1266 {
1267 int32_t uid = getuid();
1268 AccessTokenID selfTokenId = GetSelfTokenID();
1269 std::vector<VisitedDLPFileInfo> infoVec;
1270 SandboxInfo sandboxInfo;
1271 ASSERT_EQ(DLP_OK,
1272 DlpPermissionKit::InstallDlpSandbox(DLP_MANAGER_APP, FULL_CONTROL, DEFAULT_USERID, sandboxInfo, TEST_URI));
1273 ASSERT_TRUE(sandboxInfo.appIndex != 0);
1274 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
1275 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
1276 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDLPFileVisitRecord(infoVec));
1277 DLP_LOG_INFO(LABEL, "GetDLPFileVisitRecord size:%{public}zu", infoVec.size());
1278 ASSERT_TRUE(1 == infoVec.size());
1279 setuid(g_selfUid);
1280 infoVec.clear();
1281 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetDLPFileVisitRecord(infoVec));
1282 ASSERT_TRUE(0 == infoVec.size());
1283 AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, DLP_MANAGER_APP, sandboxInfo.appIndex);
1284 ASSERT_TRUE(TestSetSelfTokenId(tokenId));
1285 ASSERT_EQ(DLP_SERVICE_ERROR_API_NOT_FOR_SANDBOX_ERROR, DlpPermissionKit::GetDLPFileVisitRecord(infoVec));
1286 ASSERT_TRUE(TestSetSelfTokenId(g_dlpManagerTokenId));
1287 ASSERT_EQ(DLP_OK, DlpPermissionKit::UninstallDlpSandbox(DLP_MANAGER_APP, sandboxInfo.appIndex, DEFAULT_USERID));
1288
1289 TestRecoverProcessInfo(uid, selfTokenId);
1290 }
1291
1292 /* *
1293 * @tc.name: SetSandboxAppConfig001
1294 * @tc.desc: SetSandboxAppConfig001 test.
1295 * @tc.type: FUNC
1296 * @tc.require: SR000IEUH3
1297 */
1298 HWTEST_F(DlpPermissionKitTest, SetSandboxAppConfig001, TestSize.Level1)
1299 {
1300 int32_t uid = getuid();
1301 AccessTokenID tokenId = GetSelfTokenID();
1302 TestMockApp(DLP_MANAGER_APP, 0, DEFAULT_USERID);
1303 std::string config = "test";
1304 ASSERT_EQ(DLP_OK, DlpPermissionKit::SetSandboxAppConfig(config));
1305 std::string configGet;
1306 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetSandboxAppConfig(configGet));
1307 ASSERT_EQ(DLP_OK, DlpPermissionKit::CleanSandboxAppConfig());
1308 TestRecoverProcessInfo(uid, tokenId);
1309 }
1310
1311 /* *
1312 * @tc.name: SetMDMPolicy001
1313 * @tc.desc: SetMDMPolicy001 abnormal input test.
1314 * @tc.type: FUNC
1315 * @tc.require: SR000IEUHS
1316 */
1317 HWTEST_F(DlpPermissionKitTest, SetMDMPolicy001, TestSize.Level1)
1318 {
1319 seteuid(1000);
1320 std::vector<std::string> appIdList;
1321 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::SetMDMPolicy(appIdList));
1322 appIdList.push_back("@ohos.test.bundleName1_QG9ob3MudGVzdC5idW5kbGVOYW1lMQ==");
1323 ASSERT_EQ(DLP_SERVICE_ERROR_PERMISSION_DENY, DlpPermissionKit::SetMDMPolicy(appIdList));
1324 seteuid(3057);
1325 ASSERT_EQ(DLP_OK, DlpPermissionKit::SetMDMPolicy(appIdList));
1326 appIdList.push_back("");
1327 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::SetMDMPolicy(appIdList));
1328 appIdList.pop_back();
1329 appIdList.push_back("@ohos.test.bundleName2_QG9ob3MudGVzdC5idW5kbGVOYW1lMg==");
1330 appIdList.push_back("@ohos.test.bundleName3_QG9ob3MudGVzdC5idW5kbGVOYW1lMw==");
1331 appIdList.push_back(
1332 "@ohos.test.bundleNameWhichIsLongerThanThe200digitsLengthLimit\
1333 123456789123456789123456789_QG9ob3MudGVzdC5idW5kbGVOYW1lV2hpY2hJc0xvbmdlclRoYW5UaGUyMDBkaWdpdHNMZW5nd\
1334 GhMaW1pdDEyMzQ1Njc4OTEyMzQ1Njc4OTEyMzQ1Njc4OQ==");
1335 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::SetMDMPolicy(appIdList));
1336 appIdList.pop_back();
1337 for (int i = 0; i < 250; i++) {
1338 appIdList.push_back("@ohos.test.bundleName1_QG9ob3MudGVzdC5idW5kbGVOYW1lMQ==");
1339 }
1340 ASSERT_EQ(DLP_SERVICE_ERROR_VALUE_INVALID, DlpPermissionKit::SetMDMPolicy(appIdList));
1341 appIdList.clear();
1342 }
1343
1344 /* *
1345 * @tc.name: GetMDMPolicy001
1346 * @tc.desc: GetMDMPolicy001S abnormal input test.
1347 * @tc.type: FUNC
1348 * @tc.require: SR000IEUHS
1349 */
1350 HWTEST_F(DlpPermissionKitTest, GetMDMPolicy001, TestSize.Level1)
1351 {
1352 seteuid(1000);
1353 std::vector<std::string> appIdList;
1354 ASSERT_EQ(DLP_SERVICE_ERROR_PERMISSION_DENY, DlpPermissionKit::GetMDMPolicy(appIdList));
1355 seteuid(3057);
1356 ASSERT_EQ(DLP_OK, DlpPermissionKit::GetMDMPolicy(appIdList));
1357 appIdList.clear();
1358 }
1359
1360 /* *
1361 * @tc.name: RemoveMDMPolicy001
1362 * @tc.desc: RemoveMDMPolicy001 abnormal input test.
1363 * @tc.type: FUNC
1364 * @tc.require: SR000IEUHS
1365 */
1366 HWTEST_F(DlpPermissionKitTest, RemoveMDMPolicy001, TestSize.Level1)
1367 {
1368 seteuid(1000);
1369 ASSERT_EQ(DLP_SERVICE_ERROR_PERMISSION_DENY, DlpPermissionKit::RemoveMDMPolicy());
1370 seteuid(3057);
1371 ASSERT_EQ(DLP_OK, DlpPermissionKit::RemoveMDMPolicy());
1372 }
1373
1374 /* *
1375 * @tc.name: IsDLPFeatureProvided001
1376 * @tc.desc: IsDLPFeatureProvided.
1377 * @tc.type: FUNC
1378 * @tc.require:
1379 */
1380 HWTEST_F(DlpPermissionKitTest, IsDLPFeatureProvided001, TestSize.Level1)
1381 {
1382 DLP_LOG_DEBUG(LABEL, "Start IsDLPFeatureProvided001.");
1383 bool isProvided;
1384 ASSERT_EQ(DLP_OK, DlpPermissionKit::IsDLPFeatureProvided(isProvided));
1385 }
1386 } // namespace DlpPermission
1387 } // namespace Security
1388 } // namespace OHOS
1389