Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 096104f3 authored by Varun Shah's avatar Varun Shah
Browse files

Refactored same profile group check for CrossProfileApps. 

Moved isSameProfileGroup check to it's own method where the calling
identity is cleared so that the calling application doesn't need
extra permissions.

Bug: 121180087
Test: atest com.android.server.pm.CrossProfileAppsServiceImplTest
Change-Id: I36c830136509255b19b7912ea6259e21413caabd
parent 183bdcf1

services/core/java/com/android/server/pm/CrossProfileAppsServiceImpl.java

+10 −1
Original line number Diff line number Diff line
@@ -120,7 +120,7 @@ public class CrossProfileAppsServiceImpl extends ICrossProfileApps.Stub { 
                        android.Manifest.permission.INTERACT_ACROSS_PROFILES, callingUid,

                        -1, true);

                if (permissionFlag != PackageManager.PERMISSION_GRANTED

                        || !mInjector.getUserManager().isSameProfileGroup(callerUserId, userId)) {

                        || !isSameProfileGroup(callerUserId, userId)) {

                    throw new SecurityException("Attempt to launch activity without required "

                            + android.Manifest.permission.INTERACT_ACROSS_PROFILES + " permission"

                            + " or target user is not in the same profile group.");
@@ -209,6 +209,15 @@ public class CrossProfileAppsServiceImpl extends ICrossProfileApps.Stub { 
        }

    }



    private boolean isSameProfileGroup(@UserIdInt int callerUserId, @UserIdInt int userId) {

        final long ident = mInjector.clearCallingIdentity();

        try {

            return mInjector.getUserManager().isSameProfileGroup(callerUserId, userId);

        } finally {

            mInjector.restoreCallingIdentity(ident);

        }

    }



    /**

     * Verify that the given calling package is belong to the calling UID.

     */