From b8de70f95562972076dc1ddd147006bb0af068aa Mon Sep 17 00:00:00 2001 From: ning <214848454@qq.com> Date: Sat, 7 Oct 2023 09:55:55 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=89=E5=85=A8=E6=8E=A5=E5=8F=A3=E5=BC=80?= =?UTF-8?q?=E5=8F=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: ning --- bundle.json | 2 + interfaces/inner_api/BUILD.gn | 2 + .../common/include/edm_ipc_interface_code.h | 1 + .../include/security_manager_proxy.h | 34 ++++++ .../src/security_manager_proxy.cpp | 61 +++++++++++ interfaces/kits/security_manager/BUILD.gn | 49 +++++++++ .../include/security_manager_addon.h | 40 +++++++ .../src/security_manager_addon.cpp | 75 +++++++++++++ services/edm_plugin/BUILD.gn | 11 ++ .../include/get_security_patch_tag_plugin.h | 32 ++++++ .../src/get_security_patch_tag_plugin.cpp | 49 +++++++++ test/unittest/BUILD.gn | 1 + test/unittest/edm_plugin/BUILD.gn | 2 + .../get_security_patch_tag_plugin_test.cpp | 70 ++++++++++++ test/unittest/security_manager_proxy/BUILD.gn | 74 +++++++++++++ .../security_manager_proxy_test.cpp | 102 ++++++++++++++++++ test/unittest/src/utils.cpp | 4 +- 17 files changed, 608 insertions(+), 1 deletion(-) create mode 100644 interfaces/inner_api/security_manager/include/security_manager_proxy.h create mode 100644 interfaces/inner_api/security_manager/src/security_manager_proxy.cpp create mode 100644 interfaces/kits/security_manager/BUILD.gn create mode 100644 interfaces/kits/security_manager/include/security_manager_addon.h create mode 100644 interfaces/kits/security_manager/src/security_manager_addon.cpp create mode 100644 services/edm_plugin/include/get_security_patch_tag_plugin.h create mode 100644 services/edm_plugin/src/get_security_patch_tag_plugin.cpp create mode 100644 test/unittest/edm_plugin/src/get_security_patch_tag_plugin_test.cpp create mode 100644 test/unittest/security_manager_proxy/BUILD.gn create mode 100644 test/unittest/security_manager_proxy/security_manager_proxy_test.cpp diff --git a/bundle.json b/bundle.json index 9f5819005..46b615b30 100644 --- a/bundle.json +++ b/bundle.json @@ -98,6 +98,7 @@ "//base/customization/enterprise_device_management/interfaces/kits/restrictions:restrictions", "//base/customization/enterprise_device_management/interfaces/kits/usb_manager:usbmanager", "//base/customization/enterprise_device_management/interfaces/kits/wifi_manager:wifimanager", + "//base/customization/enterprise_device_management/interfaces/kits/security_manager:securitymanager", "//base/customization/enterprise_device_management/framework/extension:enterprise_admin_extension", "//base/customization/enterprise_device_management/interfaces/kits/enterprise_admin_extension:enterpriseadminextensionability_napi", "//base/customization/enterprise_device_management/interfaces/kits/enterprise_admin_extension_context:enterpriseadminextensioncontext_napi", @@ -121,6 +122,7 @@ "//base/customization/enterprise_device_management/services/edm_plugin:wifi_manager_plugin", "//base/customization/enterprise_device_management/services/edm_plugin:bundle_manager_plugin", "//base/customization/enterprise_device_management/services/edm_plugin:application_manager_plugin", + "//base/customization/enterprise_device_management/services/edm_plugin:security_manager_plugin", "//base/customization/enterprise_device_management/sa_profile:edm_sa_profile", "//base/customization/enterprise_device_management/etc/init:edm.cfg", "//base/customization/enterprise_device_management/etc/param:edm.para", diff --git a/interfaces/inner_api/BUILD.gn b/interfaces/inner_api/BUILD.gn index 4125786e1..1e79ac343 100644 --- a/interfaces/inner_api/BUILD.gn +++ b/interfaces/inner_api/BUILD.gn @@ -26,6 +26,7 @@ config("edmservice_kits_config") { "device_settings/include", "network_manager/include", "restrictions/include", + "security_manager/include", "usb_manager/include", "wifi_manager/include", ] @@ -49,6 +50,7 @@ ohos_shared_library("edmservice_kits") { "./device_settings/src/device_settings_proxy.cpp", "./network_manager/src/network_manager_proxy.cpp", "./restrictions/src/restrictions_proxy.cpp", + "./security_manager/src/security_manager_proxy.cpp", "./usb_manager/src/usb_manager_proxy.cpp", "./wifi_manager/src/wifi_manager_proxy.cpp", ] diff --git a/interfaces/inner_api/common/include/edm_ipc_interface_code.h b/interfaces/inner_api/common/include/edm_ipc_interface_code.h index 77b073c3d..9ca860855 100644 --- a/interfaces/inner_api/common/include/edm_ipc_interface_code.h +++ b/interfaces/inner_api/common/include/edm_ipc_interface_code.h @@ -61,6 +61,7 @@ enum EdmInterfaceCode : uint32_t { USB_READ_ONLY = 1026, INSTALL_CERTIFICATE = 1027, INSTALL = 1028, + GET_SECURITY_PATCH_TAG = 1029, POLICY_CODE_END = 3000, }; } // namespace EDM diff --git a/interfaces/inner_api/security_manager/include/security_manager_proxy.h b/interfaces/inner_api/security_manager/include/security_manager_proxy.h new file mode 100644 index 000000000..21bc28305 --- /dev/null +++ b/interfaces/inner_api/security_manager/include/security_manager_proxy.h @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_INNER_API_SECURITY_MANAGER_INCLUDE_SECURITY_MANAGER_PROXY_H +#define INTERFACES_INNER_API_SECURITY_MANAGER_INCLUDE_SECURITY_MANAGER_PROXY_H + +#include "enterprise_device_mgr_proxy.h" + +namespace OHOS { +namespace EDM { +class SecurityManagerProxy { +public: + static std::shared_ptr GetSecurityManagerProxy(); + int32_t GetSecurityPatchTag(const AppExecFwk::ElementName &admin, std::string &info); + +private: + static std::shared_ptr instance_; + static std::mutex mutexLock_; +}; +} // namespace EDM +} // namespace OHOS +#endif // INTERFACES_INNER_API_SECURITY_MANAGER_INCLUDE_SECURITY_MANAGER_PROXY_H \ No newline at end of file diff --git a/interfaces/inner_api/security_manager/src/security_manager_proxy.cpp b/interfaces/inner_api/security_manager/src/security_manager_proxy.cpp new file mode 100644 index 000000000..fc11364a6 --- /dev/null +++ b/interfaces/inner_api/security_manager/src/security_manager_proxy.cpp @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "security_manager_proxy.h" + +#include "edm_constants.h" +#include "edm_log.h" +#include "func_code.h" + +namespace OHOS { +namespace EDM { +std::shared_ptr SecurityManagerProxy::instance_ = nullptr; +std::mutex SecurityManagerProxy::mutexLock_; +const std::u16string DESCRIPTOR = u"ohos.edm.IEnterpriseDeviceMgr"; + +std::shared_ptr SecurityManagerProxy::GetSecurityManagerProxy() +{ + if (instance_ == nullptr) { + std::lock_guard lock(mutexLock_); + if (instance_ == nullptr) { + std::shared_ptr temp = std::make_shared(); + instance_ = temp; + } + } + return instance_; +} + +int32_t SecurityManagerProxy::GetSecurityPatchTag(const AppExecFwk::ElementName &admin, std::string &securityPatchTag) +{ + EDMLOGD("SecurityManagerProxy::GetSecurityPatchTag"); + MessageParcel data; + MessageParcel reply; + data.WriteInterfaceToken(DESCRIPTOR); + data.WriteInt32(WITHOUT_USERID); + data.WriteInt32(HAS_ADMIN); + data.WriteParcelable(&admin); + EnterpriseDeviceMgrProxy::GetInstance()->GetPolicy(EdmInterfaceCode::GET_SECURITY_PATCH_TAG, data, reply); + int32_t ret = ERR_INVALID_VALUE; + bool blRes = reply.ReadInt32(ret) && (ret == ERR_OK); + if (!blRes) { + EDMLOGE("EnterpriseDeviceMgrProxy:GetPolicy fail. %{public}d", ret); + return ret; + } + reply.ReadString(securityPatchTag); + return ret; +} + +} // namespace EDM +} // namespace OHOS diff --git a/interfaces/kits/security_manager/BUILD.gn b/interfaces/kits/security_manager/BUILD.gn new file mode 100644 index 000000000..71f6edbe3 --- /dev/null +++ b/interfaces/kits/security_manager/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2023-2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +ohos_shared_library("securitymanager") { + include_dirs = [ + "include", + "../common/include", + ] + + sources = [ + "../common/src/napi_edm_common.cpp", + "../common/src/napi_edm_error.cpp", + "./src/security_manager_addon.cpp", + ] + + configs = [ "../../../common/config:coverage_flags" ] + + deps = [ "../../inner_api:edmservice_kits" ] + + external_deps = [ + "ability_base:want", + "hilog:libhilog", + "napi:ace_napi", + ] + + relative_install_dir = "module/enterprise" + sanitize = { + boundary_sanitize = true + cfi = true + debug = false + integer_overflow = true + stack_protector_ret = true + ubsan = true + } + subsystem_name = "customization" + part_name = "enterprise_device_management" +} diff --git a/interfaces/kits/security_manager/include/security_manager_addon.h b/interfaces/kits/security_manager/include/security_manager_addon.h new file mode 100644 index 000000000..49f05a7f5 --- /dev/null +++ b/interfaces/kits/security_manager/include/security_manager_addon.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_KITS_SECURITY_MANAGER_INCLUDE_SECURITY_MANAGER_ADDON_H +#define INTERFACES_KITS_SECURITY_MANAGER_INCLUDE_SECURITY_MANAGER_ADDON_H + +#include "napi/native_api.h" +#include "napi/native_common.h" +#include "napi/native_node_api.h" +#include "napi_edm_common.h" +#include "napi_edm_error.h" +#include "security_manager_proxy.h" +#include "want.h" + +namespace OHOS { +namespace EDM { + +class SecurityManagerAddon { +public: + static napi_value Init(napi_env env, napi_value exports); + +private: + static napi_value GetSecurityPatchTag(napi_env env, napi_callback_info info); +}; +} // namespace EDM +} // namespace OHOS + +#endif // INTERFACES_KITS_SECURITY_MANAGER_INCLUDE_SECURITY_MANAGER_ADDON_H diff --git a/interfaces/kits/security_manager/src/security_manager_addon.cpp b/interfaces/kits/security_manager/src/security_manager_addon.cpp new file mode 100644 index 000000000..b5e183f9a --- /dev/null +++ b/interfaces/kits/security_manager/src/security_manager_addon.cpp @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "security_manager_addon.h" + +#include "edm_constants.h" +#include "edm_log.h" + +using namespace OHOS::EDM; + +napi_value SecurityManagerAddon::Init(napi_env env, napi_value exports) +{ + napi_property_descriptor property[] = { + DECLARE_NAPI_FUNCTION("getSecurityPatchTag", GetSecurityPatchTag), + }; + NAPI_CALL(env, napi_define_properties(env, exports, sizeof(property) / sizeof(property[0]), property)); + return exports; +} + +napi_value SecurityManagerAddon::GetSecurityPatchTag(napi_env env, napi_callback_info info) +{ + EDMLOGI("NAPI_GetSecurityPatchTag called"); + size_t argc = ARGS_SIZE_ONE; + napi_value argv[ARGS_SIZE_ONE] = {nullptr}; + napi_value thisArg = nullptr; + void *data = nullptr; + OHOS::AppExecFwk::ElementName elementName; + + NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, &thisArg, &data)); + ASSERT_AND_THROW_PARAM_ERROR(env, argc >= ARGS_SIZE_ONE, "parameter count error"); + ASSERT_AND_THROW_PARAM_ERROR(env, MatchValueType(env, argv[ARR_INDEX_ZERO], napi_object), "parameter type error"); + bool boolret = ParseElementName(env, elementName, argv[ARR_INDEX_ZERO]); + ASSERT_AND_THROW_PARAM_ERROR(env, boolret, "element name param error"); + EDMLOGD( + "EnableAdmin: elementName.bundlename %{public}s, " + "elementName.abilityname:%{public}s", + elementName.GetBundleName().c_str(), + elementName.GetAbilityName().c_str()); + std::string stringRet; + auto securityManagerProxy = SecurityManagerProxy::GetSecurityManagerProxy(); + int32_t ret = securityManagerProxy->GetSecurityPatchTag(elementName, stringRet); + if (FAILED(ret)) { + napi_throw(env, CreateError(env, ret)); + } + napi_value securityPatchTag; + napi_create_string_utf8(env, stringRet.c_str(), stringRet.size(), &securityPatchTag); + return securityPatchTag; +} + +static napi_module g_securityModule = { + .nm_version = 1, + .nm_flags = 0, + .nm_filename = nullptr, + .nm_register_func = SecurityManagerAddon::Init, + .nm_modname = "enterprise.securityManager", + .nm_priv = ((void *)0), + .reserved = {0}, +}; + +extern "C" __attribute__((constructor)) void SecurityManagerRegister() +{ + napi_module_register(&g_securityModule); +} diff --git a/services/edm_plugin/BUILD.gn b/services/edm_plugin/BUILD.gn index 744620f5c..1ad84ea22 100644 --- a/services/edm_plugin/BUILD.gn +++ b/services/edm_plugin/BUILD.gn @@ -192,3 +192,14 @@ edm_plugin_shared_library("browser_plugin") { external_deps = [ "c_utils:utils" ] } + +edm_plugin_shared_library("security_manager_plugin") { + sources = [ "./src/get_security_patch_tag_plugin.cpp" ] + + deps = [ "../../common/native:edm_commom" ] + + external_deps = [ + "c_utils:utils", + "init:libbegetutil", + ] +} diff --git a/services/edm_plugin/include/get_security_patch_tag_plugin.h b/services/edm_plugin/include/get_security_patch_tag_plugin.h new file mode 100644 index 000000000..e6107ace1 --- /dev/null +++ b/services/edm_plugin/include/get_security_patch_tag_plugin.h @@ -0,0 +1,32 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SERVICES_EDM_PLUGIN_INCLUDE_GET_SECURITY_PATCH_TAG_PLUGIN_H +#define SERVICES_EDM_PLUGIN_INCLUDE_GET_SECURITY_PATCH_TAG_PLUGIN_H + +#include "plugin_singleton.h" + +namespace OHOS { +namespace EDM { +class GetSecurityPatchTagPlugin : public PluginSingleton { +public: + void InitPlugin(std::shared_ptr> ptr) override; + + ErrCode OnGetPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) override; +}; +} // namespace EDM +} // namespace OHOS + +#endif // SERVICES_EDM_PLUGIN_INCLUDE_GET_SECURITY_PATCH_TAG_PLUGIN_H diff --git a/services/edm_plugin/src/get_security_patch_tag_plugin.cpp b/services/edm_plugin/src/get_security_patch_tag_plugin.cpp new file mode 100644 index 000000000..84d326e65 --- /dev/null +++ b/services/edm_plugin/src/get_security_patch_tag_plugin.cpp @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "get_security_patch_tag_plugin.h" + +#include "edm_ipc_interface_code.h" +#include "iplugin_manager.h" +#include "parameter.h" +#include "string_serializer.h" + +namespace OHOS { +namespace EDM { +const bool REGISTER_RESULT = IPluginManager::GetInstance()->AddPlugin(GetSecurityPatchTagPlugin::GetPlugin()); + +void GetSecurityPatchTagPlugin::InitPlugin(std::shared_ptr> ptr) +{ + EDMLOGI("GetSecurityPatchTagPlugin InitPlugin..."); + ptr->InitAttribute(EdmInterfaceCode::GET_SECURITY_PATCH_TAG, "get_security_patch_tag", + "ohos.permission.ENTERPRISE_MANAGE_SECURITY", IPlugin::PermissionType::SUPER_DEVICE_ADMIN, false); + ptr->SetSerializer(StringSerializer::GetInstance()); +} + +ErrCode GetSecurityPatchTagPlugin::OnGetPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) +{ + EDMLOGI("GetSecurityPatchTagPlugin OnGetPolicy."); + const char* securityPatchTagPtr = GetSecurityPatchTag(); + if (securityPatchTagPtr == nullptr) { + EDMLOGE("GetSecurityPatchTagPlugin GetSecurityPatchTag Failed. GetSecurityPatchTag is nullptr."); + return EdmReturnErrCode::SYSTEM_ABNORMALLY; + } + std::string securityPatchTag = securityPatchTagPtr; + reply.WriteInt32(ERR_OK); + reply.WriteString(securityPatchTag); + return ERR_OK; +} +} // namespace EDM +} // namespace OHOS diff --git a/test/unittest/BUILD.gn b/test/unittest/BUILD.gn index 4eb49a07a..101c5ade9 100644 --- a/test/unittest/BUILD.gn +++ b/test/unittest/BUILD.gn @@ -196,6 +196,7 @@ group("unittest") { "enterprise_device_mgr_proxy:unittest", "network_manager_proxy:unittest", "restrictions_proxy:unittest", + "security_manager_proxy:unittest", "usb_manager_proxy:unittest", "wifi_manager_proxy:unittest", ] diff --git a/test/unittest/edm_plugin/BUILD.gn b/test/unittest/edm_plugin/BUILD.gn index 163f6982b..d4daa989b 100644 --- a/test/unittest/edm_plugin/BUILD.gn +++ b/test/unittest/edm_plugin/BUILD.gn @@ -40,6 +40,7 @@ ohos_unittest("EdmPluginTest") { "./src/disallowed_running_bundles_plugin_test.cpp", "./src/edm_data_ability_utils_mock.cpp", "./src/get_device_name_plugin_test.cpp", + "./src/get_security_patch_tag_plugin_test.cpp", "./src/global_proxy_plugin_test.cpp", "./src/install_plugin_test.cpp", "./src/iptables_rule_plugin_test.cpp", @@ -126,6 +127,7 @@ ohos_static_library("edm_all_plugin_static") { "../../../services/edm_plugin/src/get_display_version_plugin.cpp", "../../../services/edm_plugin/src/get_ip_address_plugin.cpp", "../../../services/edm_plugin/src/get_mac_plugin.cpp", + "../../../services/edm_plugin/src/get_security_patch_tag_plugin.cpp", "../../../services/edm_plugin/src/global_proxy_plugin.cpp", "../../../services/edm_plugin/src/install_plugin.cpp", "../../../services/edm_plugin/src/iptables_rule_plugin.cpp", diff --git a/test/unittest/edm_plugin/src/get_security_patch_tag_plugin_test.cpp b/test/unittest/edm_plugin/src/get_security_patch_tag_plugin_test.cpp new file mode 100644 index 000000000..012fb99be --- /dev/null +++ b/test/unittest/edm_plugin/src/get_security_patch_tag_plugin_test.cpp @@ -0,0 +1,70 @@ +/* + * Copyright (c) 2023-2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "get_security_patch_tag_plugin.h" + +#include + +#include "edm_data_ability_utils_mock.h" +#include "edm_ipc_interface_code.h" +#include "iplugin_manager.h" +#include "utils.h" + +using namespace testing::ext; +using namespace testing; + +namespace OHOS { +namespace EDM { +namespace TEST { +class GetSecurityPatchTagPluginTest : public testing::Test { +protected: + static void SetUpTestSuite(void); + + static void TearDownTestSuite(void); +}; + +void GetSecurityPatchTagPluginTest::SetUpTestSuite(void) +{ + Utils::SetEdmServiceEnable(); + Utils::SetEdmInitialEnv(); +} + +void GetSecurityPatchTagPluginTest::TearDownTestSuite(void) +{ + Utils::SetEdmServiceDisable(); + Utils::ResetTokenTypeAndUid(); + ASSERT_TRUE(Utils::IsOriginalUTEnv()); + std::cout << "now ut process is orignal ut env : " << Utils::IsOriginalUTEnv() << std::endl; +} + +/** + * @tc.name: GetSecurityPatchTagSuc + * @tc.desc: Test get security patch tag function. + * @tc.type: FUNC + */ +HWTEST_F(GetSecurityPatchTagPluginTest, GetSecurityPatchTagSuc, TestSize.Level1) +{ + std::shared_ptr plugin = GetSecurityPatchTagPlugin::GetPlugin(); + std::string policyValue{"GetSecurityPatchTag"}; + MessageParcel data; + MessageParcel reply; + plugin->OnGetPolicy(policyValue, data, reply, DEFAULT_USER_ID); + ASSERT_TRUE(reply.ReadInt32() == ERR_OK); + ASSERT_TRUE(reply.ReadString() != ""); +} + +} // namespace TEST +} // namespace EDM +} // namespace OHOS \ No newline at end of file diff --git a/test/unittest/security_manager_proxy/BUILD.gn b/test/unittest/security_manager_proxy/BUILD.gn new file mode 100644 index 000000000..ab390514f --- /dev/null +++ b/test/unittest/security_manager_proxy/BUILD.gn @@ -0,0 +1,74 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") + +module_output_path = "enterprise_device_management/enterprise_device_management" + +ohos_unittest("EdmSecurityManagerUnitTest") { + module_out_path = module_output_path + + include_dirs = [ + "../include", + "../mock/include", + "../enterprise_device_mgr_proxy/enterprise_device_mgr_proxy_test", + ] + + sources = [ + "../enterprise_device_mgr_proxy/enterprise_device_mgr_proxy_test/enterprise_device_mgr_stub_mock.cpp", + "../mock/src/edm_sys_manager_mock.cpp", + "../src/utils.cpp", + "./security_manager_proxy_test.cpp", + ] + + configs = [ "../../../common/config:coverage_flags" ] + + deps = [ + "../../../interfaces/inner_api:edmservice_kits", + "//third_party/googletest:gmock_main", + "//third_party/googletest:gtest_main", + ] + + external_deps = [ + "ability_base:want", + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "hilog:libhilog", + "init:libbegetutil", + "ipc:ipc_core", + "netmanager_base:net_conn_manager_if", + "samgr:samgr_proxy", + ] + + sanitize = { + boundary_sanitize = true + cfi = true + debug = false + integer_overflow = true + stack_protector_ret = true + ubsan = true + } + subsystem_name = "customization" + part_name = "enterprise_device_management" +} + +group("unittest") { + testonly = true + + deps = [ + # deps file + ":EdmSecurityManagerUnitTest", + ] +} diff --git a/test/unittest/security_manager_proxy/security_manager_proxy_test.cpp b/test/unittest/security_manager_proxy/security_manager_proxy_test.cpp new file mode 100644 index 000000000..36a7770fa --- /dev/null +++ b/test/unittest/security_manager_proxy/security_manager_proxy_test.cpp @@ -0,0 +1,102 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include + +#include "edm_sys_manager_mock.h" +#include "enterprise_device_mgr_stub_mock.h" +#include "security_manager_proxy.h" +#include "utils.h" + +using namespace testing::ext; +using namespace testing; + +namespace OHOS { +namespace EDM { +namespace TEST { +const std::string ADMIN_PACKAGENAME = "com.edm.test.demo"; +class SecurityManagerProxyTest : public testing::Test { +protected: + void SetUp() override; + + void TearDown() override; + + static void TearDownTestSuite(void); + std::shared_ptr proxy_ = nullptr; + std::shared_ptr edmSysManager_ = nullptr; + sptr object_ = nullptr; +}; + +void SecurityManagerProxyTest::SetUp() +{ + proxy_ = SecurityManagerProxy::GetSecurityManagerProxy(); + edmSysManager_ = std::make_shared(); + object_ = new (std::nothrow) EnterpriseDeviceMgrStubMock(); + edmSysManager_->RegisterSystemAbilityOfRemoteObject(ENTERPRISE_DEVICE_MANAGER_SA_ID, object_); + Utils::SetEdmServiceEnable(); +} + +void SecurityManagerProxyTest::TearDown() +{ + proxy_.reset(); + edmSysManager_->UnregisterSystemAbilityOfRemoteObject(ENTERPRISE_DEVICE_MANAGER_SA_ID); + object_ = nullptr; + Utils::SetEdmServiceDisable(); +} + +void SecurityManagerProxyTest::TearDownTestSuite() +{ + ASSERT_FALSE(Utils::GetEdmServiceState()); + std::cout << "EdmServiceState : " << Utils::GetEdmServiceState() << std::endl; +} + +/** + * @tc.name: TestGetSecurityPatchTagSuc + * @tc.desc: Test GetSecurityPatchTag success func. + * @tc.type: FUNC + */ +HWTEST_F(SecurityManagerProxyTest, TestGetSecurityPatchTagSuc, TestSize.Level1) +{ + OHOS::AppExecFwk::ElementName admin; + admin.SetBundleName(ADMIN_PACKAGENAME); + EXPECT_CALL(*object_, SendRequest(_, _, _, _)) + .Times(1) + .WillOnce(Invoke(object_.GetRefPtr(), &EnterpriseDeviceMgrStubMock::InvokeSendRequestGetPolicy)); + std::string res; + int32_t ret = proxy_->GetSecurityPatchTag(admin, res); + ASSERT_TRUE(ret == ERR_OK); + ASSERT_TRUE(res == RETURN_STRING); +} + +/** + * @tc.name: TestGetSecurityPatchTagFail + * @tc.desc: Test GetSecurityPatchTag without enable edm service func. + * @tc.type: FUNC + */ +HWTEST_F(SecurityManagerProxyTest, TestGetSecurityPatchTagFail, TestSize.Level1) +{ + Utils::SetEdmServiceDisable(); + OHOS::AppExecFwk::ElementName admin; + admin.SetBundleName(ADMIN_PACKAGENAME); + std::string res; + int32_t ret = proxy_->GetSecurityPatchTag(admin, res); + ASSERT_TRUE(ret == EdmReturnErrCode::ADMIN_INACTIVE); +} +} // namespace TEST +} // namespace EDM +} // namespace OHOS diff --git a/test/unittest/src/utils.cpp b/test/unittest/src/utils.cpp index 568e25f39..8f82979bd 100644 --- a/test/unittest/src/utils.cpp +++ b/test/unittest/src/utils.cpp @@ -33,6 +33,7 @@ const std::string PERMISSION_ACCESS_CERT_MANAGER = "ohos.permission.ACCESS_CERT_ const std::string PERMISSION_NETSYS_INTERNAL = "ohos.permission.NETSYS_INTERNAL"; const std::string PERMISSION_INSTALL_BUNDLE = "ohos.permission.INSTALL_BUNDLE"; const std::string PERMISSION_RUNNING_STATE_OBSERVER = "ohos.permission.RUNNING_STATE_OBSERVER"; +const std::string PERMISSION_ENTERPRISE_MANAGE_SECURITY = "ohos.permission.ENTERPRISE_MANAGE_SECURITY"; void Utils::ExecCmdSync(const std::string &cmd) { @@ -79,7 +80,8 @@ void Utils::SetEdmInitialEnv() PERMISSION_ACCESS_CERT_MANAGER.c_str(), PERMISSION_NETSYS_INTERNAL.c_str(), PERMISSION_INSTALL_BUNDLE.c_str(), - PERMISSION_RUNNING_STATE_OBSERVER.c_str() + PERMISSION_RUNNING_STATE_OBSERVER.c_str(), + PERMISSION_ENTERPRISE_MANAGE_SECURITY.c_str() }; Utils::SetNativeTokenTypeAndPermissions(permissions, sizeof(permissions) / sizeof(permissions[0])); seteuid(Utils::EDM_UID); -- Gitee