Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 30cc3b9a authored by Dmitry Dementyev's avatar Dmitry Dementyev Committed by Automerger Merge Worker
Browse files

Merge "Check key intent for selectors and prohibited flags" into sc-v2-dev am:... 

Merge "Check key intent for selectors and prohibited flags" into sc-v2-dev am: 26d2e7b6 am: 0bc50d59

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/21614465



Change-Id: I931365eebf61e79923153939a43963cb0e7cd758
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents f77df3ce 0bc50d59

services/core/java/com/android/server/accounts/AccountManagerService.java

+13 −5
Original line number Diff line number Diff line
@@ -4884,10 +4884,6 @@ public class AccountManagerService 
            if (intent.getClipData() == null) {

                intent.setClipData(ClipData.newPlainText(null, null));

            }

            intent.setFlags(intent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION

                    | Intent.FLAG_GRANT_WRITE_URI_PERMISSION

                    | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION

                    | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION));

            final long bid = Binder.clearCallingIdentity();

            try {

                PackageManager pm = mContext.getPackageManager();
@@ -4933,7 +4929,19 @@ public class AccountManagerService 
            if (intent == null) {

                return (simulateIntent == null);

            }

            return intent.filterEquals(simulateIntent);

            if (!intent.filterEquals(simulateIntent)) {

                return false;

            }



            if (intent.getSelector() != simulateIntent.getSelector()) {

                return false;

            }



            int prohibitedFlags = Intent.FLAG_GRANT_READ_URI_PERMISSION

                    | Intent.FLAG_GRANT_WRITE_URI_PERMISSION

                    | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION

                    | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION;

            return (simulateIntent.getFlags() & prohibitedFlags) == 0;

        }



        private boolean isExportedSystemActivity(ActivityInfo activityInfo) {

services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTest.java

+36 −0
Original line number Diff line number Diff line
@@ -18,6 +18,7 @@ package com.android.server.accounts; 


import static android.database.sqlite.SQLiteDatabase.deleteDatabase;



import static org.mockito.ArgumentMatchers.contains;

import static org.mockito.Matchers.any;

import static org.mockito.Matchers.anyBoolean;

import static org.mockito.Matchers.anyInt;
@@ -707,6 +708,41 @@ public class AccountManagerServiceTest extends AndroidTestCase { 
        assertNotNull(intent.getParcelableExtra(AccountManagerServiceTestFixtures.KEY_CALLBACK));

    }



    @SmallTest

    public void testStartAddAccountSessionWhereAuthenticatorReturnsIntentWithProhibitedFlags()

            throws Exception {

        unlockSystemUser();

        ResolveInfo resolveInfo = new ResolveInfo();

        resolveInfo.activityInfo = new ActivityInfo();

        resolveInfo.activityInfo.applicationInfo = new ApplicationInfo();

        when(mMockPackageManager.resolveActivityAsUser(

                any(Intent.class), anyInt(), anyInt())).thenReturn(resolveInfo);

        when(mMockPackageManager.checkSignatures(

                anyInt(), anyInt())).thenReturn(PackageManager.SIGNATURE_MATCH);



        final CountDownLatch latch = new CountDownLatch(1);

        Response response = new Response(latch, mMockAccountManagerResponse);

        Bundle options = createOptionsWithAccountName(

                AccountManagerServiceTestFixtures.ACCOUNT_NAME_INTERVENE);

        int prohibitedFlags = Intent.FLAG_GRANT_READ_URI_PERMISSION

                | Intent.FLAG_GRANT_WRITE_URI_PERMISSION

                | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION

                | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION;

        options.putInt(AccountManagerServiceTestFixtures.KEY_INTENT_FLAGS, prohibitedFlags);



        mAms.startAddAccountSession(

                response, // response

                AccountManagerServiceTestFixtures.ACCOUNT_TYPE_1, // accountType

                "authTokenType",

                null, // requiredFeatures

                true, // expectActivityLaunch

                options); // optionsIn

        waitForLatch(latch);



        verify(mMockAccountManagerResponse).onError(

                eq(AccountManager.ERROR_CODE_INVALID_RESPONSE), contains("invalid intent"));

    }



    @SmallTest

    public void testStartAddAccountSessionError() throws Exception {

        unlockSystemUser();

services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java

+2 −3
Original line number Diff line number Diff line
@@ -17,9 +17,6 @@ package com.android.server.accounts; 


import android.accounts.Account;



import java.util.ArrayList;

import java.util.List;



/**

 * Constants shared between test AccountAuthenticators and AccountManagerServiceTest.

 */
@@ -31,6 +28,8 @@ public final class AccountManagerServiceTestFixtures { 
            "account_manager_service_test:account_status_token_key";

    public static final String KEY_ACCOUNT_PASSWORD =

            "account_manager_service_test:account_password_key";

    public static final String KEY_INTENT_FLAGS =

            "account_manager_service_test:intent_flags_key";

    public static final String KEY_OPTIONS_BUNDLE =

            "account_manager_service_test:option_bundle_key";

    public static final String ACCOUNT_NAME_SUCCESS = "success_on_return@fixture.com";

services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java

+3 −2
Original line number Diff line number Diff line
@@ -24,8 +24,6 @@ import android.content.Context; 
import android.content.Intent;

import android.os.Bundle;



import com.android.frameworks.servicestests.R;



import java.util.concurrent.atomic.AtomicInteger;



/**
@@ -270,11 +268,13 @@ public class TestAccountType1Authenticator extends AbstractAccountAuthenticator 
        String accountName = null;

        Bundle sessionBundle = null;

        String password = null;

        int intentFlags = 0;

        if (options != null) {

            accountName = options.getString(AccountManagerServiceTestFixtures.KEY_ACCOUNT_NAME);

            sessionBundle = options.getBundle(

                    AccountManagerServiceTestFixtures.KEY_ACCOUNT_SESSION_BUNDLE);

            password = options.getString(AccountManagerServiceTestFixtures.KEY_ACCOUNT_PASSWORD);

            intentFlags = options.getInt(AccountManagerServiceTestFixtures.KEY_INTENT_FLAGS, 0);

        }



        Bundle result = new Bundle();
@@ -302,6 +302,7 @@ public class TestAccountType1Authenticator extends AbstractAccountAuthenticator 
            intent.putExtra(AccountManagerServiceTestFixtures.KEY_RESULT,

                    eventualActivityResultData);

            intent.putExtra(AccountManagerServiceTestFixtures.KEY_CALLBACK, response);

            intent.setFlags(intentFlags);



            result.putParcelable(AccountManager.KEY_INTENT, intent);

        } else {