openharmony/filemanagement_app_file_service
1
0
Fork 0
mirror of https://gitee.com/openharmony/filemanagement_app_file_service synced 2024-11-23 16:10:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

新增innerApi接口完善持久化授权流程

Browse Source 
Signed-off-by: cuiruibin <cuiruibin3@huawei.com>
This commit is contained in:
cuiruibin 2024-04-26 14:52:19 +08:00
parent 75c4a1a0d3
commit 693a0762e7
5 changed files with 437 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
interfaces/innerkits/native/BUILD.gn
View File

@ -62,6 +62,7 @@ ohos_shared_library("fileshare_native") {
"c_utils:utils",
"file_api:filemgmt_libn",
"hilog:libhilog",
"init:libbegetutil",
"ipc:ipc_core",
"napi:ace_napi",
]

9
interfaces/innerkits/native/file_share/include/file_permission.h
View File

@ -74,6 +74,12 @@ public:
static int32_t DeactivatePermission(const vector<UriPolicyInfo> &uriPolicies,
deque<struct PolicyErrorResult> &errorResults);
static int32_t CheckPersistentPermission(const vector<UriPolicyInfo> &uriPolicies, vector<bool> &errorResults);
static string GetPathByPermission(const std::string &permission);
static int32_t SetPolicy(uint64_t providerTokenId,
uint64_t targetTokenId,
vector<UriPolicyInfo> &uriPolicies,
vector<bool> &errorResults,
uint32_t policyFlag);
#ifdef SANDBOX_MANAGER
private:
static void ParseErrorResults(const vector<uint32_t> &resultCodes,
@ -84,6 +90,9 @@ private:
deque<struct PolicyErrorResult> &errorResults);
static vector<PolicyInfo> GetPathPolicyInfoFromUriPolicyInfo(const vector<UriPolicyInfo> &uriPolicies,
vector<bool> &errorResults);
static int32_t CheckUriPersistentPermission(uint64_t tokenId,
const vector<UriPolicyInfo> &uriPolicies,
vector<bool> &errorResults)
#endif
};
} // namespace AppFileService

128
interfaces/innerkits/native/file_share/src/file_permission.cpp
View File

@ -13,10 +13,11 @@
* limitations under the License.
*/
#include "file_permission.h"
#include <unistd.h>
#include "log.h"
#include "parameter.h"
#include "uri.h"
#include <unistd.h>
#include <unordered_set>
#ifdef SANDBOX_MANAGER
#include "accesstoken_kit.h"
#include "bundle_constants.h"
@ -25,6 +26,7 @@
#include "n_error.h"
#include "sandbox_helper.h"
#include "sandbox_manager_err_code.h"
#include "tokenid_kit.h"
#endif
namespace OHOS {
@ -36,7 +38,20 @@ const std::string INVALID_MODE_MESSAGE = "Invalid operation mode!";
const std::string INVALID_PATH_MESSAGE = "Invalid path!";
const std::string PERMISSION_NOT_PERSISTED_MESSAGE = "The policy is no persistent capability!";
const std::string FILE_SCHEME_PREFIX = "file://";
const std::string FILE_MANAGER_AUTHORITY = "docs";
const std::string SANDBOX_STORAGE_PATH = "/storage/Users/currentUser/";
const std::string DOWNLOAD_PATH = "/storage/Users/currentUser/Download";
const std::string DESKTOP_PATH = "/storage/Users/currentUser/Desktop";
const std::string DOCUMENTS_PATH = "/storage/Users/currentUser/Documents";
const std::string READ_WRITE_DOWNLOAD_PERMISSION = "ohos.permission.READ_WRITE_DOWNLOAD_DIRECTORY";
const std::string READ_WRITE_DESKTOP_PERMISSION = "ohos.permission.READ_WRITE_DESKTOP_DIRECTORY";
const std::string READ_WRITE_DOCUMENTS_PERMISSION = "ohos.permission.READ_WRITE_DOCUMENTS_DIRECTORY";
const std::string SET_SANDBOX_POLICY_PERMISSION = "ohos.permission.SET_SANDBOX_POLICY";
const std::string FILE_ACCESS_MANAGER_PERMISSION = "ohos.permission.FILE_ACCESS_MANAGER";
const std::unordered_map<std::string, std::string> permissionPathMap = {
{READ_WRITE_DOWNLOAD_PERMISSION, DOWNLOAD_PATH},
{READ_WRITE_DESKTOP_PERMISSION, DESKTOP_PATH},
{READ_WRITE_DOCUMENTS_PERMISSION, DOCUMENTS_PATH}};
#ifdef SANDBOX_MANAGER
namespace {
bool CheckValidUri(const string &uriStr)
@ -158,14 +173,6 @@ vector<PolicyInfo> FilePermission::GetPathPolicyInfoFromUriPolicyInfo(const vect
PolicyErrorResult result = {uriPolicy.uri, PolicyErrorCode::INVALID_PATH, INVALID_PATH_MESSAGE};
errorResults.emplace_back(result);
} else {
string currentUserId = to_string(IPCSkeleton::GetCallingTokenID() / AppExecFwk::Constants::BASE_USER_RANGE);
int32_t ret = SandboxHelper::GetPhysicalPath(uri.ToString(), currentUserId, path);
if (ret != 0) {
PolicyErrorResult result = {uriPolicy.uri, PolicyErrorCode::INVALID_PATH, INVALID_PATH_MESSAGE};
errorResults.emplace_back(result);
LOGE("Failed to get physical path, errorcode: %{public}d", ret);
continue;
}
PolicyInfo policyInfo = {path, uriPolicy.mode};
pathPolicies.emplace_back(policyInfo);
}
@ -184,13 +191,6 @@ vector<PolicyInfo> FilePermission::GetPathPolicyInfoFromUriPolicyInfo(const vect
LOGE("Not correct uri!");
errorResults.emplace_back(false);
} else {
string currentUserId = to_string(IPCSkeleton::GetCallingTokenID() / AppExecFwk::Constants::BASE_USER_RANGE);
int32_t ret = SandboxHelper::GetPhysicalPath(uri.ToString(), currentUserId, path);
if (ret != 0) {
errorResults.emplace_back(false);
LOGE("Failed to get physical path, errorcode: %{public}d", ret);
continue;
}
PolicyInfo policyInfo = {path, uriPolicy.mode};
pathPolicies.emplace_back(policyInfo);
errorResults.emplace_back(true);
@ -198,7 +198,48 @@ vector<PolicyInfo> FilePermission::GetPathPolicyInfoFromUriPolicyInfo(const vect
}
return pathPolicies;
}
static bool CheckPermission(uint64_t tokenCaller, const string &permission)
{
return Security::AccessToken::AccessTokenKit::VerifyAccessToken(tokenCaller, permission) ==
Security::AccessToken::PermissionState::PERMISSION_GRANTED;
}
static bool IsFileManagerUri(const string &pathStr)
{
return pathStr.find(DOWNLOAD_PATH) == 0 || pathStr.find(DESKTOP_PATH) == 0 || pathStr.find(DOCUMENTS_PATH) == 0;
}
static bool CheckFileManagerUriPermission(uint64_t providerTokenId, const string &pathStr)
{
return (IsFileManagerUri(pathStr) && CheckPermission(providerTokenId, FILE_ACCESS_MANAGER_PERMISSION)) ||
(pathStr.find(DOWNLOAD_PATH) == 0 && CheckPermission(providerTokenId, READ_WRITE_DOWNLOAD_PERMISSION)) ||
(pathStr.find(DESKTOP_PATH) == 0 && CheckPermission(providerTokenId, READ_WRITE_DESKTOP_PERMISSION)) ||
(pathStr.find(DOCUMENTS_PATH) == 0 && CheckPermission(providerTokenId, READ_WRITE_DOCUMENTS_PERMISSION));
}
int32_t FilePermission::CheckUriPersistentPermission(uint64_t tokenId,
const vector<UriPolicyInfo> &uriPolicies,
vector<bool> &errorResults)
{
int errorCode = 0;
vector<PolicyInfo> pathPolicies = GetPathPolicyInfoFromUriPolicyInfo(uriPolicies, errorResults);
if (pathPolicies.size() == 0) {
return EPERM;
}
vector<bool> resultCodes;
int32_t sandboxManagerErrorCode = SandboxManagerKit::CheckPersistPolicy(tokenId, pathPolicies, resultCodes);
for (size_t i = 0; i < pathPolicies.size(); i++) {
if (!resultCodes[i]) {
resultCodes[i] = CheckFileManagerUriPermission(tokenId, pathPolicies[i].path);
}
}
errorCode = ErrorCodeConversion(sandboxManagerErrorCode);
ParseErrorResults(resultCodes, errorResults);
return errorCode;
}
#endif
int32_t FilePermission::PersistPermission(const vector<UriPolicyInfo> &uriPolicies,
deque<struct PolicyErrorResult> &errorResults)
{
@ -267,15 +308,50 @@ int32_t FilePermission::CheckPersistentPermission(const vector<UriPolicyInfo> &u
{
int errorCode = 0;
#ifdef SANDBOX_MANAGER
vector<PolicyInfo> pathPolicies = GetPathPolicyInfoFromUriPolicyInfo(uriPolicies, errorResults);
if (pathPolicies.size() == 0) {
return errorCode;
}
vector<bool> resultCodes;
auto tokenId = IPCSkeleton::GetCallingTokenID();
int32_t sandboxManagerErrorCode = SandboxManagerKit::CheckPersistPolicy(tokenId, pathPolicies, resultCodes);
errorCode = ErrorCodeConversion(sandboxManagerErrorCode);
ParseErrorResults(resultCodes, errorResults);
errorCode = CheckUriPersistentPermission(tokenId, uriPolicies, errorResults);
#endif
return errorCode;
}
string FilePermission::GetPathByPermission(const std::string &permission)
{
#ifdef SANDBOX_MANAGER
if (permissionPathMap.find(permission) != permissionPathMap.end()) {
return permissionPathMap.at(permission);
}
#endif
return "";
}
int32_t FilePermission::SetPolicy(uint64_t providerTokenId,
uint64_t targetTokenId,
vector<UriPolicyInfo> &uriPolicies,
vector<bool> &errorResults,
uint32_t policyFlag)
{
int errorCode = 0;
#ifdef SANDBOX_MANAGER
if (!CheckPermission(providerTokenId, SET_SANDBOX_POLICY_PERMISSION)) {
return FileManagement::LibN::E_PERMISSION;
}
errorCode = CheckUriPersistentPermission(providerTokenId, uriPolicies, errorResults);
if (errorCode != SANDBOX_MANAGER_OK) {
LOGE("SandboxManagerKit::CheckPersistPolicy is failed, code:%{public}d.", errorCode);
}
vector<PolicyInfo> setPathPolicies;
for (size_t i = 0; i < uriPolicies.size(); i++) {
if (errorResults[i]) {
Uri uri(uriPolicies[i].uri);
string path = SandboxHelper::Decode(uri.GetPath());
PolicyInfo policyInfo = {path, uriPolicies[i].mode};
setPathPolicies.emplace_back(policyInfo);
}
}
int32_t sandboxManagerErrorCode = SandboxManagerKit::SetPolicy(targetTokenId, setPathPolicies, policyFlag);
if (sandboxManagerErrorCode != SANDBOX_MANAGER_OK) {
LOGE("SandboxManagerKit::SetPolicy is failed, code:%{public}d.", sandboxManagerErrorCode);
}
#endif
return errorCode;
}

342
test/unittest/file_permission_native/src/file_permission_test.cpp
View File

@ -42,7 +42,8 @@ namespace AppFileService {
const char *g_fileManagerFullMountEnableParameter = "const.filemanager.full_mount.enable";
const std::string SET_POLICY_PERMISSION = "ohos.permission.SET_SANDBOX_POLICY";
const std::string ACCESS_PERSIST_PERMISSION = "ohos.permission.FILE_ACCESS_PERSIST";
const std::string BUNDLE_A = "com.example.filesharea";
const std::string READ_WRITE_DOWNLOAD_PERMISSION = "ohos.permission.READ_WRITE_DOWNLOAD_DIRECTORY";
const std::string BUNDLE_NAME_A = "com.example.filesharea";
uint64_t g_mockToken;
OHOS::Security::AccessToken::PermissionStateFull g_testState1 = {
.permissionName = SET_POLICY_PERMISSION,
@ -58,9 +59,16 @@ OHOS::Security::AccessToken::PermissionStateFull g_testState2 = {
.grantStatus = {0},
.grantFlags = {0},
};
OHOS::Security::AccessToken::PermissionStateFull g_testState3 = {
.permissionName = READ_WRITE_DOWNLOAD_PERMISSION,
.isGeneral = true,
.resDeviceID = {"1"},
.grantStatus = {0},
.grantFlags = {0},
};
OHOS::Security::AccessToken::HapInfoParams g_testInfoParams = {
.userID = 1,
.bundleName = "full_mount_permission_test",
.bundleName = BUNDLE_NAME_A,
.instIndex = 0,
.appIDDesc = "test",
};
@ -68,7 +76,7 @@ OHOS::Security::AccessToken::HapPolicyParams g_testPolicyParams = {
.apl = OHOS::Security::AccessToken::APL_NORMAL,
.domain = "test.domain",
.permList = {},
.permStateList = {g_testState1, g_testState2},
.permStateList = {g_testState1, g_testState2, g_testState3},
};
void NativeTokenGet()
@ -96,11 +104,9 @@ void FilePermissionTest::SetUpTestCase()
NativeTokenGet();
OHOS::Security::AccessToken::AccessTokenID tokenId =
OHOS::Security::AccessToken::AccessTokenKit::GetNativeTokenId("foundation");
EXPECT_EQ(0, tokenId);
EXPECT_EQ(0, SetSelfTokenID(tokenId));
OHOS::Security::AccessToken::AccessTokenIDEx tokenIdEx = {0};
tokenIdEx = OHOS::Security::AccessToken::AccessTokenKit::AllocHapToken(g_testInfoParams, g_testPolicyParams);
EXPECT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID);
g_mockToken = tokenIdEx.tokenIdExStruct.tokenID;
EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIdExStruct.tokenID));
}
@ -130,10 +136,8 @@ static bool CheckFileManagerFullMountEnable()
HWTEST_F(FilePermissionTest, PersistPermission_test_0000, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin PersistPermission_test_0000";
UriPolicyInfo infoA = {
.uri = "file://" + BUNDLE_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE
};
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
deque<struct PolicyErrorResult> errorResults;
@ -152,9 +156,9 @@ HWTEST_F(FilePermissionTest, PersistPermission_test_0000, testing::ext::TestSize
HWTEST_F(FilePermissionTest, PersistPermission_test_0001, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin PersistPermission_test_0001";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_A + "/storage",
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
UriPolicyInfo infoB = {.uri = "file://" + BUNDLE_A + "/storage", .mode = -1};
UriPolicyInfo infoB = {.uri = "file://" + BUNDLE_NAME_A + "/storage", .mode = -1};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
uriPolicies.emplace_back(infoB);
@ -179,7 +183,7 @@ HWTEST_F(FilePermissionTest, PersistPermission_test_0001, testing::ext::TestSize
HWTEST_F(FilePermissionTest, PersistPermission_test_0002, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin PersistPermission_test_0002";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_A + "/storage/test01.test",
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage/test01.test",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
@ -205,7 +209,7 @@ HWTEST_F(FilePermissionTest, PersistPermission_test_0002, testing::ext::TestSize
HWTEST_F(FilePermissionTest, ActivatePermission_test_0000, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin ActivatePermission_test_0000";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_A + "/storage",
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
@ -225,9 +229,9 @@ HWTEST_F(FilePermissionTest, ActivatePermission_test_0000, testing::ext::TestSiz
HWTEST_F(FilePermissionTest, ActivatePermission_test_0001, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin ActivatePermission_test_0001";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_A + "/storage",
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
UriPolicyInfo infoB = {.uri = "file://" + BUNDLE_A + "/storage", .mode = -1};
UriPolicyInfo infoB = {.uri = "file://" + BUNDLE_NAME_A + "/storage", .mode = -1};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
uriPolicies.emplace_back(infoB);
@ -252,7 +256,7 @@ HWTEST_F(FilePermissionTest, ActivatePermission_test_0001, testing::ext::TestSiz
HWTEST_F(FilePermissionTest, ActivatePermission_test_0002, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin ActivatePermission_test_0002";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_A + "/storage/test01.test",
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage/test01.test",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
@ -278,7 +282,7 @@ HWTEST_F(FilePermissionTest, ActivatePermission_test_0002, testing::ext::TestSiz
HWTEST_F(FilePermissionTest, DeactivatePermission_test_0000, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin DeactivatePermission_test_0000";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_A + "/storage",
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
@ -298,9 +302,9 @@ HWTEST_F(FilePermissionTest, DeactivatePermission_test_0000, testing::ext::TestS
HWTEST_F(FilePermissionTest, DeactivatePermission_test_0001, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin DeactivatePermission_test_0001";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_A + "/storage",
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
UriPolicyInfo infoB = {.uri = "file://" + BUNDLE_A + "/storage", .mode = -1};
UriPolicyInfo infoB = {.uri = "file://" + BUNDLE_NAME_A + "/storage", .mode = -1};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
uriPolicies.emplace_back(infoB);
@ -325,7 +329,7 @@ HWTEST_F(FilePermissionTest, DeactivatePermission_test_0001, testing::ext::TestS
HWTEST_F(FilePermissionTest, DeactivatePermission_test_0002, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin DeactivatePermission_test_0002";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_A + "/storage/test01.test",
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage/test01.test",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
@ -351,7 +355,7 @@ HWTEST_F(FilePermissionTest, DeactivatePermission_test_0002, testing::ext::TestS
HWTEST_F(FilePermissionTest, RevokePermission_test_0000, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin RevokePermission_test_0000";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_A + "/storage",
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
@ -371,12 +375,9 @@ HWTEST_F(FilePermissionTest, RevokePermission_test_0000, testing::ext::TestSize.
HWTEST_F(FilePermissionTest, RevokePermission_test_0001, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin RevokePermission_test_0001";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
UriPolicyInfo infoB = {.uri = "file://" + BUNDLE_A + "/storage", .mode = -1};
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage", .mode = -1};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
uriPolicies.emplace_back(infoB);
deque<struct PolicyErrorResult> errorResults;
int32_t ret = FilePermission::RevokePermission(uriPolicies, errorResults);
if (CheckFileManagerFullMountEnable()) {
@ -398,7 +399,7 @@ HWTEST_F(FilePermissionTest, RevokePermission_test_0001, testing::ext::TestSize.
HWTEST_F(FilePermissionTest, RevokePermission_test_0002, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin RevokePermission_test_0002";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_A + "/storage/test01.test",
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage/test01.test",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
@ -413,5 +414,294 @@ HWTEST_F(FilePermissionTest, RevokePermission_test_0002, testing::ext::TestSize.
};
GTEST_LOG_(INFO) << "FileShareTest-end RevokePermission_test_0002";
}
/**
* @tc.name: GetPathByPermission_test_0001
* @tc.desc: Test function of GetPathByPermission() interface for SUCCESS.
* @tc.size: MEDIUM
* @tc.type: FUNC
* @tc.level Level 1
* @tc.require:
*/
HWTEST_F(FilePermissionTest, GetPathByPermission_test_0001, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin GetPathByPermission_test_0001";
std::string PermissionName = "ohos.permission.READ_WRITE_DOWNLOAD_DIRECTORY";
std::string sandboxPath = "/storage/Users/currentUser/Download";
std::string path = FilePermission::GetPathByPermission(PermissionName);
if (CheckFileManagerFullMountEnable()) {
EXPECT_EQ(path, sandboxPath);
} else {
EXPECT_EQ(path, "");
};
GTEST_LOG_(INFO) << "FileShareTest-end GetPathByPermission_test_0001";
}
/**
* @tc.name: GetPathByPermission_test_0002
* @tc.desc: Test function of GetPathByPermission() interface for SUCCESS.
* @tc.size: MEDIUM
* @tc.type: FUNC
* @tc.level Level 1
* @tc.require:
*/
HWTEST_F(FilePermissionTest, GetPathByPermission_test_0002, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin GetPathByPermission_test_0002";
std::string PermissionName = "ohos.permission.READ_WRITE_DESKTOP_DIRECTORY";
std::string sandboxPath = "/storage/Users/currentUser/Desktop";
std::string path = FilePermission::GetPathByPermission(PermissionName);
if (CheckFileManagerFullMountEnable()) {
EXPECT_EQ(path, sandboxPath);
} else {
EXPECT_EQ(path, "");
};
GTEST_LOG_(INFO) << "FileShareTest-end GetPathByPermission_test_0002";
}
/**
* @tc.name: GetPathByPermission_test_0003
* @tc.desc: Test function of GetPathByPermission() interface for SUCCESS.
* @tc.size: MEDIUM
* @tc.type: FUNC
* @tc.level Level 1
* @tc.require:
*/
HWTEST_F(FilePermissionTest, GetPathByPermission_test_0003, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin GetPathByPermission_test_0003";
std::string PermissionName = "ohos.permission.READ_WRITE_DOCUMENTS_DIRECTORY";
std::string sandboxPath = "/storage/Users/currentUser/Documents";
std::string path = FilePermission::GetPathByPermission(PermissionName);
if (CheckFileManagerFullMountEnable()) {
EXPECT_EQ(path, sandboxPath);
} else {
EXPECT_EQ(path, "");
};
GTEST_LOG_(INFO) << "FileShareTest-end GetPathByPermission_test_0003";
}
/**
* @tc.name: SetPolicy_test_0001
* @tc.desc: Test function of SetPolicy() interface for SUCCESS.
* @tc.size: MEDIUM
* @tc.type: FUNC
* @tc.level Level 1
* @tc.require:
*/
HWTEST_F(FilePermissionTest, SetPolicy_test_0001, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin SetPolicy_test_0001";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
vector<bool> errorResults;
auto providerTokenId = IPCSkeleton::GetCallingTokenID();
uint32_t PolicyFlag = 0;
int32_t uid = 100;
uint32_t tokenId = OHOS::Security::AccessToken::AccessTokenKit::GetHapTokenID(uid, BUNDLE_NAME_A, 0);
int32_t ret = FilePermission::SetPolicy(providerTokenId, tokenId, uriPolicies, errorResults, PolicyFlag);
if (CheckFileManagerFullMountEnable()) {
EXPECT_EQ(ret, 0);
ASSERT_EQ(uriPolicies.size(), errorResults.size());
EXPECT_EQ(false, errorResults[0]);
} else {
EXPECT_EQ(ret, 0);
};
GTEST_LOG_(INFO) << "FileShareTest-end SetPolicy_test_0001";
}
/**
* @tc.name: SetPolicy_test_0002
* @tc.desc: Test function of SetPolicy() interface for SUCCESS.
* @tc.size: MEDIUM
* @tc.type: FUNC
* @tc.level Level 1
* @tc.require:
*/
HWTEST_F(FilePermissionTest, SetPolicy_test_0002, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin SetPolicy_test_0002";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
deque<struct PolicyErrorResult> errorResults;
int32_t ret = FilePermission::PersistPermission(uriPolicies, errorResults);
EXPECT_EQ(ret, 0);
vector<bool> errorResult;
auto providerTokenId = IPCSkeleton::GetCallingTokenID();
uint32_t PolicyFlag = 0;
int32_t uid = 100;
uint32_t tokenId = OHOS::Security::AccessToken::AccessTokenKit::GetHapTokenID(uid, BUNDLE_NAME_A, 0);
ret = FilePermission::SetPolicy(providerTokenId, tokenId, uriPolicies, errorResult, PolicyFlag);
if (CheckFileManagerFullMountEnable()) {
EXPECT_EQ(ret, 0);
ASSERT_EQ(uriPolicies.size(), errorResult.size());
EXPECT_EQ(true, errorResult[0]);
} else {
EXPECT_EQ(ret, 0);
};
ret = FilePermission::RevokePermission(uriPolicies, errorResults);
GTEST_LOG_(INFO) << "FileShareTest-end SetPolicy_test_0002";
}
/**
* @tc.name: SetPolicy_test_0003
* @tc.desc: Test function of SetPolicy() interface for SUCCESS.
* @tc.size: MEDIUM
* @tc.type: FUNC
* @tc.level Level 1
* @tc.require:
*/
HWTEST_F(FilePermissionTest, SetPolicy_test_0003, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin SetPolicy_test_0003";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage/001.txt",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
vector<bool> errorResult;
auto providerTokenId = IPCSkeleton::GetCallingTokenID();
uint32_t PolicyFlag = 0;
int32_t uid = 100;
uint32_t tokenId = OHOS::Security::AccessToken::AccessTokenKit::GetHapTokenID(uid, BUNDLE_NAME_A, 0);
int32_t ret = FilePermission::SetPolicy(providerTokenId, tokenId, uriPolicies, errorResult, PolicyFlag);
if (CheckFileManagerFullMountEnable()) {
EXPECT_EQ(ret, EPERM);
ASSERT_EQ(uriPolicies.size(), errorResult.size());
EXPECT_EQ(false, errorResult[0]);
} else {
EXPECT_EQ(ret, 0);
};
GTEST_LOG_(INFO) << "FileShareTest-end SetPolicy_test_0003";
}
/**
* @tc.name: SetPolicy_test_0004
* @tc.desc: Test function of SetPolicy() interface for SUCCESS.
* @tc.size: MEDIUM
* @tc.type: FUNC
* @tc.level Level 1
* @tc.require:
*/
HWTEST_F(FilePermissionTest, SetPolicy_test_0004, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin SetPolicy_test_0004";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
UriPolicyInfo infoB = {.uri = "file://" + BUNDLE_NAME_A + "/storage/test02.test",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
UriPolicyInfo infoC = {.uri = "file://docs/storage/Users/currentUser/Download",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
UriPolicyInfo infoD = {.uri = "file://docs/storage/Users/currentUser/Desktop",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
uriPolicies.emplace_back(infoB);
uriPolicies.emplace_back(infoC);
uriPolicies.emplace_back(infoD);
deque<struct PolicyErrorResult> errorResults;
int32_t ret = FilePermission::PersistPermission(uriPolicies, errorResults);
if (CheckFileManagerFullMountEnable()) {
EXPECT_EQ(ret, EPERM);
} else {
EXPECT_EQ(ret, 0);
};
vector<bool> errorResult;
auto providerTokenId = IPCSkeleton::GetCallingTokenID();
uint32_t PolicyFlag = 0;
int32_t uid = 100;
uint32_t tokenId = OHOS::Security::AccessToken::AccessTokenKit::GetHapTokenID(uid, BUNDLE_NAME_A, 0);
ret = FilePermission::SetPolicy(providerTokenId, tokenId, uriPolicies, errorResult, PolicyFlag);
if (CheckFileManagerFullMountEnable()) {
EXPECT_EQ(ret, 0);
ASSERT_EQ(uriPolicies.size(), errorResult.size());
EXPECT_EQ(true, errorResult[0]);
EXPECT_EQ(false, errorResult[1]);
EXPECT_EQ(false, errorResult[2]);
EXPECT_EQ(false, errorResult[3]);
} else {
EXPECT_EQ(ret, 0);
};
ret = FilePermission::RevokePermission(uriPolicies, errorResults);
GTEST_LOG_(INFO) << "FileShareTest-end SetPolicy_test_0004";
}
/**
* @tc.name: CheckPersistentPermission_test_0001
* @tc.desc: Test function of CheckPersistentPermission() interface for SUCCESS.
* @tc.size: MEDIUM
* @tc.type: FUNC
* @tc.level Level 1
* @tc.require:
*/
HWTEST_F(FilePermissionTest, CheckPersistentPermission_test_0001, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin CheckPersistentPermission_test_0001";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
vector<bool> errorResults;
int32_t ret = FilePermission::CheckPersistentPermission(uriPolicies, errorResults);
if (CheckFileManagerFullMountEnable()) {
EXPECT_EQ(ret, 0);
ASSERT_EQ(uriPolicies.size(), errorResults.size());
EXPECT_EQ(false, errorResults[0]);
} else {
EXPECT_EQ(ret, 0);
};
GTEST_LOG_(INFO) << "FileShareTest-end CheckPersistentPermission_test_0001";
}
/**
* @tc.name: CheckPersistentPermission_test_0002
* @tc.desc: Test function of CheckPersistentPermission() interface for SUCCESS.
* @tc.size: MEDIUM
* @tc.type: FUNC
* @tc.level Level 1
* @tc.require:
*/
HWTEST_F(FilePermissionTest, CheckPersistentPermission_test_0002, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin CheckPersistentPermission_test_0002";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
deque<struct PolicyErrorResult> errorResults;
int32_t ret = FilePermission::PersistPermission(uriPolicies, errorResults);
EXPECT_EQ(ret, 0);
vector<bool> errorResult;
ret = FilePermission::CheckPersistentPermission(uriPolicies, errorResult);
if (CheckFileManagerFullMountEnable()) {
EXPECT_EQ(ret, 0);
ASSERT_EQ(uriPolicies.size(), errorResult.size());
EXPECT_EQ(true, errorResult[0]);
} else {
EXPECT_EQ(ret, 0);
};
ret = FilePermission::RevokePermission(uriPolicies, errorResults);
GTEST_LOG_(INFO) << "FileShareTest-end CheckPersistentPermission_test_0002";
}
/**
* @tc.name: CheckPersistentPermission_test_0003
* @tc.desc: Test function of CheckPersistentPermission() interface for SUCCESS.
* @tc.size: MEDIUM
* @tc.type: FUNC
* @tc.level Level 1
* @tc.require:
*/
HWTEST_F(FilePermissionTest, CheckPersistentPermission_test_0003, testing::ext::TestSize.Level1)
{
GTEST_LOG_(INFO) << "FileShareTest-begin CheckPersistentPermission_test_0003";
UriPolicyInfo infoA = {.uri = "file://" + BUNDLE_NAME_A + "/storage/001.txt",
.mode = OperationMode::READ_MODE | OperationMode::WRITE_MODE};
std::vector<UriPolicyInfo> uriPolicies;
uriPolicies.emplace_back(infoA);
vector<bool> errorResult;
int32_t ret = FilePermission::CheckPersistentPermission(uriPolicies, errorResult);
if (CheckFileManagerFullMountEnable()) {
EXPECT_EQ(ret, EPERM);
ASSERT_EQ(uriPolicies.size(), errorResult.size());
EXPECT_EQ(false, errorResult[0]);
} else {
EXPECT_EQ(ret, 0);
};
GTEST_LOG_(INFO) << "FileShareTest-end CheckPersistentPermission_test_0003";
}
} // namespace AppFileService
} // namespace OHOS

9
test/unittest/resource/ohos_test.xml
View File

@ -44,6 +44,15 @@
<option name="shell" value="bm uninstall -n com.example.fileshareb"/>
</cleaner>
</target>
<target name="file_permission_test">
<preparer>
<option name="push" value="filesharea.hap -> /data/test/" src="res"/>
<option name="shell" value="bm install -r -p /data/test/filesharea.hap"/>
</preparer>
<cleaner>
<option name="shell" value="bm uninstall -n com.example.filesharea"/>
</cleaner>
</target>
<target name="file_uri_ndk_test">
<preparer>
<option name="push" value="file_uri_test.txt -> /data/test" src="res"/>