Loading services/core/java/com/android/server/pm/ShortcutService.java +26 −1 Original line number Diff line number Diff line Loading @@ -105,6 +105,7 @@ import android.util.TypedXmlSerializer; import android.util.Xml; import android.view.IWindowManager; import com.android.internal.R; import com.android.internal.annotations.GuardedBy; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.config.sysui.SystemUiDeviceConfigFlags; Loading Loading @@ -455,6 +456,8 @@ public class ShortcutService extends IShortcutService.Stub { private final boolean mIsAppSearchEnabled; private ComponentName mChooserActivity; static class InvalidFileFormatException extends Exception { public InvalidFileFormatException(String message, Throwable cause) { super(message, cause); Loading Loading @@ -1646,6 +1649,26 @@ public class ShortcutService extends IShortcutService.Stub { return callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID; } @VisibleForTesting ComponentName injectChooserActivity() { if (mChooserActivity == null) { mChooserActivity = ComponentName.unflattenFromString( mContext.getResources().getString(R.string.config_chooserActivity)); } return mChooserActivity; } private boolean isCallerChooserActivity() { // TODO(b/228975502): Migrate this check to a proper permission or role check final int callingUid = injectBinderCallingUid(); ComponentName systemChooser = injectChooserActivity(); if (systemChooser == null) { return false; } int uid = injectGetPackageUid(systemChooser.getPackageName(), UserHandle.USER_SYSTEM); return uid == callingUid; } private void enforceSystemOrShell() { if (!(isCallerSystem() || isCallerShell())) { throw new SecurityException("Caller must be system or shell"); Loading Loading @@ -2525,7 +2548,9 @@ public class ShortcutService extends IShortcutService.Stub { IntentFilter filter, @UserIdInt int userId) { Preconditions.checkStringNotEmpty(packageName, "packageName"); Objects.requireNonNull(filter, "intentFilter"); if (!isCallerChooserActivity()) { verifyCaller(packageName, userId); } enforceCallingOrSelfPermission(android.Manifest.permission.MANAGE_APP_PREDICTIONS, "getShareTargets"); synchronized (mLock) { Loading services/tests/servicestests/src/com/android/server/pm/BaseShortcutManagerTest.java +9 −0 Original line number Diff line number Diff line Loading @@ -537,6 +537,11 @@ public abstract class BaseShortcutManagerTest extends InstrumentationTestCase { return mInjectCheckAccessShortcutsPermission; } @Override ComponentName injectChooserActivity() { return mInjectedChooserActivity; } @Override void wtf(String message, Throwable th) { // During tests, WTF is fatal. Loading Loading @@ -678,6 +683,7 @@ public abstract class BaseShortcutManagerTest extends InstrumentationTestCase { protected int mInjectedCallingUid; protected String mInjectedClientPackage; protected ComponentName mInjectedChooserActivity; protected Map<String, PackageInfo> mInjectedPackages; Loading Loading @@ -723,6 +729,9 @@ public abstract class BaseShortcutManagerTest extends InstrumentationTestCase { protected static final String LAUNCHER_4 = "com.android.launcher.4"; protected static final int LAUNCHER_UID_4 = 10014; protected static final String CHOOSER_ACTIVITY_PACKAGE = "com.android.intentresolver"; protected static final int CHOOSER_ACTIVITY_UID = 10015; protected static final int USER_0 = UserHandle.USER_SYSTEM; protected static final int USER_10 = 10; protected static final int USER_11 = 11; Loading services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest1.java +8 −0 Original line number Diff line number Diff line Loading @@ -6901,6 +6901,9 @@ public class ShortcutManagerTest1 extends BaseShortcutManagerTest { } public void testGetShareTargets_permission() { addPackage(CHOOSER_ACTIVITY_PACKAGE, CHOOSER_ACTIVITY_UID, 10, "sig1"); mInjectedChooserActivity = ComponentName.createRelative(CHOOSER_ACTIVITY_PACKAGE, ".ChooserActivity"); IntentFilter filter = new IntentFilter(); assertExpectException(SecurityException.class, "Missing permission", () -> Loading @@ -6909,6 +6912,11 @@ public class ShortcutManagerTest1 extends BaseShortcutManagerTest { // Has permission, now it should pass. mCallerPermissions.add(permission.MANAGE_APP_PREDICTIONS); mManager.getShareTargets(filter); runWithCaller(CHOOSER_ACTIVITY_PACKAGE, USER_0, () -> { // Access is allowed when called from the configured system ChooserActivity mManager.getShareTargets(filter); }); } public void testHasShareTargets_permission() { Loading Loading
services/core/java/com/android/server/pm/ShortcutService.java +26 −1 Original line number Diff line number Diff line Loading @@ -105,6 +105,7 @@ import android.util.TypedXmlSerializer; import android.util.Xml; import android.view.IWindowManager; import com.android.internal.R; import com.android.internal.annotations.GuardedBy; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.config.sysui.SystemUiDeviceConfigFlags; Loading Loading @@ -455,6 +456,8 @@ public class ShortcutService extends IShortcutService.Stub { private final boolean mIsAppSearchEnabled; private ComponentName mChooserActivity; static class InvalidFileFormatException extends Exception { public InvalidFileFormatException(String message, Throwable cause) { super(message, cause); Loading Loading @@ -1646,6 +1649,26 @@ public class ShortcutService extends IShortcutService.Stub { return callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID; } @VisibleForTesting ComponentName injectChooserActivity() { if (mChooserActivity == null) { mChooserActivity = ComponentName.unflattenFromString( mContext.getResources().getString(R.string.config_chooserActivity)); } return mChooserActivity; } private boolean isCallerChooserActivity() { // TODO(b/228975502): Migrate this check to a proper permission or role check final int callingUid = injectBinderCallingUid(); ComponentName systemChooser = injectChooserActivity(); if (systemChooser == null) { return false; } int uid = injectGetPackageUid(systemChooser.getPackageName(), UserHandle.USER_SYSTEM); return uid == callingUid; } private void enforceSystemOrShell() { if (!(isCallerSystem() || isCallerShell())) { throw new SecurityException("Caller must be system or shell"); Loading Loading @@ -2525,7 +2548,9 @@ public class ShortcutService extends IShortcutService.Stub { IntentFilter filter, @UserIdInt int userId) { Preconditions.checkStringNotEmpty(packageName, "packageName"); Objects.requireNonNull(filter, "intentFilter"); if (!isCallerChooserActivity()) { verifyCaller(packageName, userId); } enforceCallingOrSelfPermission(android.Manifest.permission.MANAGE_APP_PREDICTIONS, "getShareTargets"); synchronized (mLock) { Loading
services/tests/servicestests/src/com/android/server/pm/BaseShortcutManagerTest.java +9 −0 Original line number Diff line number Diff line Loading @@ -537,6 +537,11 @@ public abstract class BaseShortcutManagerTest extends InstrumentationTestCase { return mInjectCheckAccessShortcutsPermission; } @Override ComponentName injectChooserActivity() { return mInjectedChooserActivity; } @Override void wtf(String message, Throwable th) { // During tests, WTF is fatal. Loading Loading @@ -678,6 +683,7 @@ public abstract class BaseShortcutManagerTest extends InstrumentationTestCase { protected int mInjectedCallingUid; protected String mInjectedClientPackage; protected ComponentName mInjectedChooserActivity; protected Map<String, PackageInfo> mInjectedPackages; Loading Loading @@ -723,6 +729,9 @@ public abstract class BaseShortcutManagerTest extends InstrumentationTestCase { protected static final String LAUNCHER_4 = "com.android.launcher.4"; protected static final int LAUNCHER_UID_4 = 10014; protected static final String CHOOSER_ACTIVITY_PACKAGE = "com.android.intentresolver"; protected static final int CHOOSER_ACTIVITY_UID = 10015; protected static final int USER_0 = UserHandle.USER_SYSTEM; protected static final int USER_10 = 10; protected static final int USER_11 = 11; Loading
services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest1.java +8 −0 Original line number Diff line number Diff line Loading @@ -6901,6 +6901,9 @@ public class ShortcutManagerTest1 extends BaseShortcutManagerTest { } public void testGetShareTargets_permission() { addPackage(CHOOSER_ACTIVITY_PACKAGE, CHOOSER_ACTIVITY_UID, 10, "sig1"); mInjectedChooserActivity = ComponentName.createRelative(CHOOSER_ACTIVITY_PACKAGE, ".ChooserActivity"); IntentFilter filter = new IntentFilter(); assertExpectException(SecurityException.class, "Missing permission", () -> Loading @@ -6909,6 +6912,11 @@ public class ShortcutManagerTest1 extends BaseShortcutManagerTest { // Has permission, now it should pass. mCallerPermissions.add(permission.MANAGE_APP_PREDICTIONS); mManager.getShareTargets(filter); runWithCaller(CHOOSER_ACTIVITY_PACKAGE, USER_0, () -> { // Access is allowed when called from the configured system ChooserActivity mManager.getShareTargets(filter); }); } public void testHasShareTargets_permission() { Loading
