Loading packages/SystemUI/src/com/android/systemui/statusbar/notification/collection/coordinator/DeviceProvisionedCoordinator.java +5 −3 Original line number Diff line number Diff line Loading @@ -71,9 +71,11 @@ public class DeviceProvisionedCoordinator implements Coordinator { * marking them as relevant for setup are allowed to show when device is unprovisioned */ private boolean showNotificationEvenIfUnprovisioned(StatusBarNotification sbn) { // system_server checks the permission so systemui can just check whether the // extra exists return sbn.getNotification().extras.getBoolean(Notification.EXTRA_ALLOW_DURING_SETUP); final boolean hasPermission = checkUidPermission( Manifest.permission.NOTIFICATION_DURING_SETUP, sbn.getUid()) == PackageManager.PERMISSION_GRANTED; return hasPermission && sbn.getNotification().extras.getBoolean(Notification.EXTRA_ALLOW_DURING_SETUP); } private int checkUidPermission(String permission, int uid) { Loading packages/SystemUI/tests/src/com/android/systemui/statusbar/notification/collection/coordinator/DeviceProvisionedCoordinatorTest.java +10 −1 Original line number Diff line number Diff line Loading @@ -117,6 +117,10 @@ public class DeviceProvisionedCoordinatorTest extends SysuiTestCase { extras.putBoolean(SHOW_WHEN_UNPROVISIONED_FLAG, true); mNotification.extras = extras; // GIVEN notification has the permission to display during setup when(mIPackageManager.checkUidPermission(SETUP_NOTIF_PERMISSION, NOTIF_UID)) .thenReturn(PackageManager.PERMISSION_GRANTED); // THEN don't filter out the notification assertFalse(mDeviceProvisionedFilter.shouldFilterOut(mEntry, 0)); } Loading @@ -126,10 +130,15 @@ public class DeviceProvisionedCoordinatorTest extends SysuiTestCase { // GIVEN device is unprovisioned when(mDeviceProvisionedController.isDeviceProvisioned()).thenReturn(false); // GIVEN notification does not have the flag to allow the notification during setup // GIVEN notification has a flag to allow the notification during setup Bundle extras = new Bundle(); extras.putBoolean(SHOW_WHEN_UNPROVISIONED_FLAG, true); mNotification.extras = extras; // GIVEN notification does NOT have permission to display during setup when(mIPackageManager.checkUidPermission(SETUP_NOTIF_PERMISSION, NOTIF_UID)) .thenReturn(PackageManager.PERMISSION_DENIED); // THEN filter out the notification assertTrue(mDeviceProvisionedFilter.shouldFilterOut(mEntry, 0)); } Loading services/core/java/com/android/server/notification/NotificationManagerService.java +24 −32 Original line number Diff line number Diff line Loading @@ -521,8 +521,6 @@ public class NotificationManagerService extends SystemService { private PackageManager mPackageManagerClient; PackageManagerInternal mPackageManagerInternal; private PermissionPolicyInternal mPermissionPolicyInternal; private PermissionManagerServiceInternal mPermissionInternal; AudioManager mAudioManager; AudioManagerInternal mAudioManagerInternal; // Can be null for wear Loading Loading @@ -2212,8 +2210,7 @@ public class NotificationManagerService extends SystemService { TelephonyManager telephonyManager, ActivityManagerInternal ami, MultiRateLimiter toastRateLimiter, PermissionHelper permissionHelper, UsageStatsManagerInternal usageStatsManagerInternal, TelecomManager telecomManager, NotificationChannelLogger channelLogger, PermissionManagerServiceInternal permInternal) { TelecomManager telecomManager, NotificationChannelLogger channelLogger) { mHandler = handler; Resources resources = getContext().getResources(); mMaxPackageEnqueueRate = Settings.Global.getFloat(getContext().getContentResolver(), Loading @@ -2231,7 +2228,6 @@ public class NotificationManagerService extends SystemService { mPackageManagerClient = packageManagerClient; mPackageManagerInternal = LocalServices.getService(PackageManagerInternal.class); mPermissionPolicyInternal = LocalServices.getService(PermissionPolicyInternal.class); mPermissionInternal = permInternal; mUmInternal = LocalServices.getService(UserManagerInternal.class); mUsageStatsManagerInternal = usageStatsManagerInternal; mAppOps = appOps; Loading Loading @@ -2543,8 +2539,7 @@ public class NotificationManagerService extends SystemService { AppGlobals.getPermissionManager()), LocalServices.getService(UsageStatsManagerInternal.class), getContext().getSystemService(TelecomManager.class), new NotificationChannelLoggerImpl(), LocalServices.getService(PermissionManagerServiceInternal.class)); new NotificationChannelLoggerImpl()); publishBinderService(Context.NOTIFICATION_SERVICE, mService, /* allowIsolated= */ false, DUMP_FLAG_PRIORITY_CRITICAL | DUMP_FLAG_PRIORITY_NORMAL); Loading Loading @@ -6694,30 +6689,17 @@ public class NotificationManagerService extends SystemService { (userId == UserHandle.USER_ALL) ? USER_SYSTEM : userId); Notification.addFieldsFromContext(ai, notification); int canColorize = mPermissionInternal.checkPermission( android.Manifest.permission.USE_COLORIZED_NOTIFICATIONS, pkg, userId); int canColorize = mPackageManagerClient.checkPermission( android.Manifest.permission.USE_COLORIZED_NOTIFICATIONS, pkg); if (canColorize == PERMISSION_GRANTED) { notification.flags |= Notification.FLAG_CAN_COLORIZE; } else { notification.flags &= ~Notification.FLAG_CAN_COLORIZE; } if (notification.extras.getBoolean(Notification.EXTRA_ALLOW_DURING_SETUP, false)) { int hasShowDuringSetupPerm = mPermissionInternal.checkPermission( android.Manifest.permission.NOTIFICATION_DURING_SETUP, pkg, userId); if (hasShowDuringSetupPerm != PERMISSION_GRANTED) { notification.extras.remove(Notification.EXTRA_ALLOW_DURING_SETUP); if (DBG) { Slog.w(TAG, "warning: pkg " + pkg + " attempting to show during setup" + " without holding perm " + Manifest.permission.NOTIFICATION_DURING_SETUP); } } } if (notification.fullScreenIntent != null && ai.targetSdkVersion >= Build.VERSION_CODES.Q) { int fullscreenIntentPermission = mPermissionInternal.checkPermission( android.Manifest.permission.USE_FULL_SCREEN_INTENT, pkg, userId); int fullscreenIntentPermission = mPackageManagerClient.checkPermission( android.Manifest.permission.USE_FULL_SCREEN_INTENT, pkg); if (fullscreenIntentPermission != PERMISSION_GRANTED) { notification.fullScreenIntent = null; Slog.w(TAG, "Package " + pkg + Loading @@ -6737,7 +6719,7 @@ public class NotificationManagerService extends SystemService { // Ensure MediaStyle has correct permissions for remote device extras if (notification.isStyle(Notification.MediaStyle.class)) { int hasMediaContentControlPermission = mPermissionInternal.checkPermission( int hasMediaContentControlPermission = mPackageManager.checkPermission( android.Manifest.permission.MEDIA_CONTENT_CONTROL, pkg, userId); if (hasMediaContentControlPermission != PERMISSION_GRANTED) { notification.extras.remove(Notification.EXTRA_MEDIA_REMOTE_DEVICE); Loading @@ -6752,7 +6734,7 @@ public class NotificationManagerService extends SystemService { // Ensure only allowed packages have a substitute app name if (notification.extras.containsKey(Notification.EXTRA_SUBSTITUTE_APP_NAME)) { int hasSubstituteAppNamePermission = mPermissionInternal.checkPermission( int hasSubstituteAppNamePermission = mPackageManager.checkPermission( permission.SUBSTITUTE_NOTIFICATION_APP_NAME, pkg, userId); if (hasSubstituteAppNamePermission != PERMISSION_GRANTED) { notification.extras.remove(Notification.EXTRA_SUBSTITUTE_APP_NAME); Loading Loading @@ -8356,9 +8338,15 @@ public class NotificationManagerService extends SystemService { } private boolean isExemptFromRateLimiting(String pkg, int userId) { return mPermissionInternal.checkPermission( boolean isExemptFromRateLimiting = false; try { isExemptFromRateLimiting = mPackageManager.checkPermission( android.Manifest.permission.UNLIMITED_TOASTS, pkg, userId) == PackageManager.PERMISSION_GRANTED; } catch (RemoteException e) { Slog.e(TAG, "Failed to connect with package manager"); } return isExemptFromRateLimiting; } /** Reports rate limiting toasts compat change (used when the toast was blocked). */ Loading Loading @@ -10005,10 +9993,14 @@ public class NotificationManagerService extends SystemService { boolean canUseManagedServices(String pkg, Integer userId, String requiredPermission) { boolean canUseManagedServices = true; if (requiredPermission != null) { if (mPermissionInternal.checkPermission(requiredPermission, pkg, userId) try { if (mPackageManager.checkPermission(requiredPermission, pkg, userId) != PackageManager.PERMISSION_GRANTED) { canUseManagedServices = false; } } catch (RemoteException e) { Slog.e(TAG, "can't talk to pm", e); } } return canUseManagedServices; Loading services/tests/uiservicestests/src/com/android/server/notification/NotificationManagerServiceTest.java +9 −41 Original line number Diff line number Diff line Loading @@ -19,7 +19,6 @@ package com.android.server.notification; import static android.app.ActivityManager.RunningAppProcessInfo.IMPORTANCE_FOREGROUND; import static android.app.ActivityManager.RunningAppProcessInfo.IMPORTANCE_VISIBLE; import static android.app.ActivityTaskManager.INVALID_TASK_ID; import static android.app.Notification.EXTRA_ALLOW_DURING_SETUP; import static android.app.Notification.FLAG_AUTO_CANCEL; import static android.app.Notification.FLAG_BUBBLE; import static android.app.Notification.FLAG_CAN_COLORIZE; Loading Loading @@ -218,7 +217,6 @@ import com.android.server.notification.NotificationManagerService.NotificationAs import com.android.server.notification.NotificationManagerService.NotificationListeners; import com.android.server.pm.PackageManagerService; import com.android.server.pm.UserManagerInternal; import com.android.server.pm.permission.PermissionManagerServiceInternal; import com.android.server.policy.PermissionPolicyInternal; import com.android.server.statusbar.StatusBarManagerInternal; import com.android.server.uri.UriGrantsManagerInternal; Loading Loading @@ -307,9 +305,6 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { ActivityManager mActivityManager; @Mock TelecomManager mTelecomManager; @Mock PermissionManagerServiceInternal mPermissionInternal; @Mock Resources mResources; @Mock Loading Loading @@ -523,7 +518,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { mAppOpsManager, mAppOpsService, mUm, mHistoryManager, mStatsManager, mock(TelephonyManager.class), mAmi, mToastRateLimiter, mPermissionHelper, mock(UsageStatsManagerInternal.class), mTelecomManager, mLogger, mPermissionInternal); mTelecomManager, mLogger); // Return first true for RoleObserver main-thread check when(mMainLooper.isCurrentThread()).thenReturn(true).thenReturn(false); mService.onBootPhase(SystemService.PHASE_SYSTEM_SERVICES_READY, mMainLooper); Loading Loading @@ -4172,36 +4167,9 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { verify(mGroupHelper, never()).onNotificationPosted(any(), anyBoolean()); } @Test public void testNoNotificationDuringSetupPermission() throws Exception { when(mPermissionInternal.checkPermission(any(), any(), anyInt())) .thenReturn(PERMISSION_DENIED); Bundle extras = new Bundle(); extras.putBoolean(EXTRA_ALLOW_DURING_SETUP, true); Notification.Builder nb = new Notification.Builder(mContext, mTestNotificationChannel.getId()) .setContentTitle("foo") .addExtras(extras) .setSmallIcon(android.R.drawable.sym_def_app_icon); StatusBarNotification sbn = new StatusBarNotification(PKG, PKG, 1, "testNoNotificationDuringSetupPermission", mUid, 0, nb.build(), UserHandle.getUserHandleForUid(mUid), null, 0); NotificationRecord nr = new NotificationRecord(mContext, sbn, mTestNotificationChannel); mBinderService.enqueueNotificationWithTag(PKG, PKG, sbn.getTag(), nr.getSbn().getId(), nr.getSbn().getNotification(), nr.getSbn().getUserId()); waitForIdle(); NotificationRecord posted = mService.findNotificationLocked( PKG, nr.getSbn().getTag(), nr.getSbn().getId(), nr.getSbn().getUserId()); assertFalse(posted.getNotification().extras.containsKey(EXTRA_ALLOW_DURING_SETUP)); } @Test public void testNoFakeColorizedPermission() throws Exception { when(mPermissionInternal.checkPermission(any(), any(), anyInt())) .thenReturn(PERMISSION_DENIED); when(mPackageManagerClient.checkPermission(any(), any())).thenReturn(PERMISSION_DENIED); Notification.Builder nb = new Notification.Builder(mContext, mTestNotificationChannel.getId()) .setContentTitle("foo") Loading @@ -4226,7 +4194,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testMediaStyleRemote_hasPermission() throws RemoteException { String deviceName = "device"; when(mPermissionInternal.checkPermission( when(mPackageManager.checkPermission( eq(android.Manifest.permission.MEDIA_CONTENT_CONTROL), any(), anyInt())) .thenReturn(PERMISSION_GRANTED); Notification.MediaStyle style = new Notification.MediaStyle(); Loading Loading @@ -4255,7 +4223,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testMediaStyleRemote_noPermission() throws RemoteException { String deviceName = "device"; when(mPermissionInternal.checkPermission( when(mPackageManager.checkPermission( eq(android.Manifest.permission.MEDIA_CONTENT_CONTROL), any(), anyInt())) .thenReturn(PERMISSION_DENIED); Notification.MediaStyle style = new Notification.MediaStyle(); Loading Loading @@ -4283,7 +4251,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testSubstituteAppName_hasPermission() throws RemoteException { String subName = "Substitute Name"; when(mPermissionInternal.checkPermission( when(mPackageManager.checkPermission( eq(android.Manifest.permission.SUBSTITUTE_NOTIFICATION_APP_NAME), any(), anyInt())) .thenReturn(PERMISSION_GRANTED); Bundle extras = new Bundle(); Loading @@ -4310,7 +4278,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testSubstituteAppName_noPermission() throws RemoteException { when(mPermissionInternal.checkPermission( when(mPackageManager.checkPermission( eq(android.Manifest.permission.SUBSTITUTE_NOTIFICATION_APP_NAME), any(), anyInt())) .thenReturn(PERMISSION_DENIED); Bundle extras = new Bundle(); Loading Loading @@ -5820,7 +5788,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testCanUseManagedServices_hasPermission() throws Exception { when(mPermissionInternal.checkPermission("perm", "pkg", 0)) when(mPackageManager.checkPermission("perm", "pkg", 0)) .thenReturn(PackageManager.PERMISSION_GRANTED); assertEquals(true, mService.canUseManagedServices("pkg", 0, "perm")); Loading @@ -5828,7 +5796,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testCanUseManagedServices_noPermission() throws Exception { when(mPermissionInternal.checkPermission("perm", "pkg", 0)) when(mPackageManager.checkPermission("perm", "pkg", 0)) .thenReturn(PackageManager.PERMISSION_DENIED); assertEquals(false, mService.canUseManagedServices("pkg", 0, "perm")); Loading Loading @@ -6783,7 +6751,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { private void setIfPackageHasPermissionToAvoidToastRateLimiting( String pkg, boolean hasPermission) throws Exception { when(mPermissionInternal.checkPermission(android.Manifest.permission.UNLIMITED_TOASTS, when(mPackageManager.checkPermission(android.Manifest.permission.UNLIMITED_TOASTS, pkg, UserHandle.getUserId(mUid))) .thenReturn(hasPermission ? PERMISSION_GRANTED : PERMISSION_DENIED); } Loading services/tests/uiservicestests/src/com/android/server/notification/RoleObserverTest.java +2 −4 Original line number Diff line number Diff line Loading @@ -72,7 +72,6 @@ import com.android.server.UiServiceTestCase; import com.android.server.lights.LightsManager; import com.android.server.notification.NotificationManagerService.NotificationAssistants; import com.android.server.notification.NotificationManagerService.NotificationListeners; import com.android.server.pm.permission.PermissionManagerServiceInternal; import com.android.server.uri.UriGrantsManagerInternal; import com.android.server.utils.quota.MultiRateLimiter; import com.android.server.wm.ActivityTaskManagerInternal; Loading Loading @@ -170,8 +169,7 @@ public class RoleObserverTest extends UiServiceTestCase { mock(ActivityManagerInternal.class), mock(MultiRateLimiter.class), mock(PermissionHelper.class), mock(UsageStatsManagerInternal.class), mock (TelecomManager.class), mock(NotificationChannelLogger.class), mock(PermissionManagerServiceInternal.class)); mock(NotificationChannelLogger.class)); } catch (SecurityException e) { if (!e.getMessage().contains("Permission Denial: not allowed to send broadcast")) { throw e; Loading Loading
packages/SystemUI/src/com/android/systemui/statusbar/notification/collection/coordinator/DeviceProvisionedCoordinator.java +5 −3 Original line number Diff line number Diff line Loading @@ -71,9 +71,11 @@ public class DeviceProvisionedCoordinator implements Coordinator { * marking them as relevant for setup are allowed to show when device is unprovisioned */ private boolean showNotificationEvenIfUnprovisioned(StatusBarNotification sbn) { // system_server checks the permission so systemui can just check whether the // extra exists return sbn.getNotification().extras.getBoolean(Notification.EXTRA_ALLOW_DURING_SETUP); final boolean hasPermission = checkUidPermission( Manifest.permission.NOTIFICATION_DURING_SETUP, sbn.getUid()) == PackageManager.PERMISSION_GRANTED; return hasPermission && sbn.getNotification().extras.getBoolean(Notification.EXTRA_ALLOW_DURING_SETUP); } private int checkUidPermission(String permission, int uid) { Loading
packages/SystemUI/tests/src/com/android/systemui/statusbar/notification/collection/coordinator/DeviceProvisionedCoordinatorTest.java +10 −1 Original line number Diff line number Diff line Loading @@ -117,6 +117,10 @@ public class DeviceProvisionedCoordinatorTest extends SysuiTestCase { extras.putBoolean(SHOW_WHEN_UNPROVISIONED_FLAG, true); mNotification.extras = extras; // GIVEN notification has the permission to display during setup when(mIPackageManager.checkUidPermission(SETUP_NOTIF_PERMISSION, NOTIF_UID)) .thenReturn(PackageManager.PERMISSION_GRANTED); // THEN don't filter out the notification assertFalse(mDeviceProvisionedFilter.shouldFilterOut(mEntry, 0)); } Loading @@ -126,10 +130,15 @@ public class DeviceProvisionedCoordinatorTest extends SysuiTestCase { // GIVEN device is unprovisioned when(mDeviceProvisionedController.isDeviceProvisioned()).thenReturn(false); // GIVEN notification does not have the flag to allow the notification during setup // GIVEN notification has a flag to allow the notification during setup Bundle extras = new Bundle(); extras.putBoolean(SHOW_WHEN_UNPROVISIONED_FLAG, true); mNotification.extras = extras; // GIVEN notification does NOT have permission to display during setup when(mIPackageManager.checkUidPermission(SETUP_NOTIF_PERMISSION, NOTIF_UID)) .thenReturn(PackageManager.PERMISSION_DENIED); // THEN filter out the notification assertTrue(mDeviceProvisionedFilter.shouldFilterOut(mEntry, 0)); } Loading
services/core/java/com/android/server/notification/NotificationManagerService.java +24 −32 Original line number Diff line number Diff line Loading @@ -521,8 +521,6 @@ public class NotificationManagerService extends SystemService { private PackageManager mPackageManagerClient; PackageManagerInternal mPackageManagerInternal; private PermissionPolicyInternal mPermissionPolicyInternal; private PermissionManagerServiceInternal mPermissionInternal; AudioManager mAudioManager; AudioManagerInternal mAudioManagerInternal; // Can be null for wear Loading Loading @@ -2212,8 +2210,7 @@ public class NotificationManagerService extends SystemService { TelephonyManager telephonyManager, ActivityManagerInternal ami, MultiRateLimiter toastRateLimiter, PermissionHelper permissionHelper, UsageStatsManagerInternal usageStatsManagerInternal, TelecomManager telecomManager, NotificationChannelLogger channelLogger, PermissionManagerServiceInternal permInternal) { TelecomManager telecomManager, NotificationChannelLogger channelLogger) { mHandler = handler; Resources resources = getContext().getResources(); mMaxPackageEnqueueRate = Settings.Global.getFloat(getContext().getContentResolver(), Loading @@ -2231,7 +2228,6 @@ public class NotificationManagerService extends SystemService { mPackageManagerClient = packageManagerClient; mPackageManagerInternal = LocalServices.getService(PackageManagerInternal.class); mPermissionPolicyInternal = LocalServices.getService(PermissionPolicyInternal.class); mPermissionInternal = permInternal; mUmInternal = LocalServices.getService(UserManagerInternal.class); mUsageStatsManagerInternal = usageStatsManagerInternal; mAppOps = appOps; Loading Loading @@ -2543,8 +2539,7 @@ public class NotificationManagerService extends SystemService { AppGlobals.getPermissionManager()), LocalServices.getService(UsageStatsManagerInternal.class), getContext().getSystemService(TelecomManager.class), new NotificationChannelLoggerImpl(), LocalServices.getService(PermissionManagerServiceInternal.class)); new NotificationChannelLoggerImpl()); publishBinderService(Context.NOTIFICATION_SERVICE, mService, /* allowIsolated= */ false, DUMP_FLAG_PRIORITY_CRITICAL | DUMP_FLAG_PRIORITY_NORMAL); Loading Loading @@ -6694,30 +6689,17 @@ public class NotificationManagerService extends SystemService { (userId == UserHandle.USER_ALL) ? USER_SYSTEM : userId); Notification.addFieldsFromContext(ai, notification); int canColorize = mPermissionInternal.checkPermission( android.Manifest.permission.USE_COLORIZED_NOTIFICATIONS, pkg, userId); int canColorize = mPackageManagerClient.checkPermission( android.Manifest.permission.USE_COLORIZED_NOTIFICATIONS, pkg); if (canColorize == PERMISSION_GRANTED) { notification.flags |= Notification.FLAG_CAN_COLORIZE; } else { notification.flags &= ~Notification.FLAG_CAN_COLORIZE; } if (notification.extras.getBoolean(Notification.EXTRA_ALLOW_DURING_SETUP, false)) { int hasShowDuringSetupPerm = mPermissionInternal.checkPermission( android.Manifest.permission.NOTIFICATION_DURING_SETUP, pkg, userId); if (hasShowDuringSetupPerm != PERMISSION_GRANTED) { notification.extras.remove(Notification.EXTRA_ALLOW_DURING_SETUP); if (DBG) { Slog.w(TAG, "warning: pkg " + pkg + " attempting to show during setup" + " without holding perm " + Manifest.permission.NOTIFICATION_DURING_SETUP); } } } if (notification.fullScreenIntent != null && ai.targetSdkVersion >= Build.VERSION_CODES.Q) { int fullscreenIntentPermission = mPermissionInternal.checkPermission( android.Manifest.permission.USE_FULL_SCREEN_INTENT, pkg, userId); int fullscreenIntentPermission = mPackageManagerClient.checkPermission( android.Manifest.permission.USE_FULL_SCREEN_INTENT, pkg); if (fullscreenIntentPermission != PERMISSION_GRANTED) { notification.fullScreenIntent = null; Slog.w(TAG, "Package " + pkg + Loading @@ -6737,7 +6719,7 @@ public class NotificationManagerService extends SystemService { // Ensure MediaStyle has correct permissions for remote device extras if (notification.isStyle(Notification.MediaStyle.class)) { int hasMediaContentControlPermission = mPermissionInternal.checkPermission( int hasMediaContentControlPermission = mPackageManager.checkPermission( android.Manifest.permission.MEDIA_CONTENT_CONTROL, pkg, userId); if (hasMediaContentControlPermission != PERMISSION_GRANTED) { notification.extras.remove(Notification.EXTRA_MEDIA_REMOTE_DEVICE); Loading @@ -6752,7 +6734,7 @@ public class NotificationManagerService extends SystemService { // Ensure only allowed packages have a substitute app name if (notification.extras.containsKey(Notification.EXTRA_SUBSTITUTE_APP_NAME)) { int hasSubstituteAppNamePermission = mPermissionInternal.checkPermission( int hasSubstituteAppNamePermission = mPackageManager.checkPermission( permission.SUBSTITUTE_NOTIFICATION_APP_NAME, pkg, userId); if (hasSubstituteAppNamePermission != PERMISSION_GRANTED) { notification.extras.remove(Notification.EXTRA_SUBSTITUTE_APP_NAME); Loading Loading @@ -8356,9 +8338,15 @@ public class NotificationManagerService extends SystemService { } private boolean isExemptFromRateLimiting(String pkg, int userId) { return mPermissionInternal.checkPermission( boolean isExemptFromRateLimiting = false; try { isExemptFromRateLimiting = mPackageManager.checkPermission( android.Manifest.permission.UNLIMITED_TOASTS, pkg, userId) == PackageManager.PERMISSION_GRANTED; } catch (RemoteException e) { Slog.e(TAG, "Failed to connect with package manager"); } return isExemptFromRateLimiting; } /** Reports rate limiting toasts compat change (used when the toast was blocked). */ Loading Loading @@ -10005,10 +9993,14 @@ public class NotificationManagerService extends SystemService { boolean canUseManagedServices(String pkg, Integer userId, String requiredPermission) { boolean canUseManagedServices = true; if (requiredPermission != null) { if (mPermissionInternal.checkPermission(requiredPermission, pkg, userId) try { if (mPackageManager.checkPermission(requiredPermission, pkg, userId) != PackageManager.PERMISSION_GRANTED) { canUseManagedServices = false; } } catch (RemoteException e) { Slog.e(TAG, "can't talk to pm", e); } } return canUseManagedServices; Loading
services/tests/uiservicestests/src/com/android/server/notification/NotificationManagerServiceTest.java +9 −41 Original line number Diff line number Diff line Loading @@ -19,7 +19,6 @@ package com.android.server.notification; import static android.app.ActivityManager.RunningAppProcessInfo.IMPORTANCE_FOREGROUND; import static android.app.ActivityManager.RunningAppProcessInfo.IMPORTANCE_VISIBLE; import static android.app.ActivityTaskManager.INVALID_TASK_ID; import static android.app.Notification.EXTRA_ALLOW_DURING_SETUP; import static android.app.Notification.FLAG_AUTO_CANCEL; import static android.app.Notification.FLAG_BUBBLE; import static android.app.Notification.FLAG_CAN_COLORIZE; Loading Loading @@ -218,7 +217,6 @@ import com.android.server.notification.NotificationManagerService.NotificationAs import com.android.server.notification.NotificationManagerService.NotificationListeners; import com.android.server.pm.PackageManagerService; import com.android.server.pm.UserManagerInternal; import com.android.server.pm.permission.PermissionManagerServiceInternal; import com.android.server.policy.PermissionPolicyInternal; import com.android.server.statusbar.StatusBarManagerInternal; import com.android.server.uri.UriGrantsManagerInternal; Loading Loading @@ -307,9 +305,6 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { ActivityManager mActivityManager; @Mock TelecomManager mTelecomManager; @Mock PermissionManagerServiceInternal mPermissionInternal; @Mock Resources mResources; @Mock Loading Loading @@ -523,7 +518,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { mAppOpsManager, mAppOpsService, mUm, mHistoryManager, mStatsManager, mock(TelephonyManager.class), mAmi, mToastRateLimiter, mPermissionHelper, mock(UsageStatsManagerInternal.class), mTelecomManager, mLogger, mPermissionInternal); mTelecomManager, mLogger); // Return first true for RoleObserver main-thread check when(mMainLooper.isCurrentThread()).thenReturn(true).thenReturn(false); mService.onBootPhase(SystemService.PHASE_SYSTEM_SERVICES_READY, mMainLooper); Loading Loading @@ -4172,36 +4167,9 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { verify(mGroupHelper, never()).onNotificationPosted(any(), anyBoolean()); } @Test public void testNoNotificationDuringSetupPermission() throws Exception { when(mPermissionInternal.checkPermission(any(), any(), anyInt())) .thenReturn(PERMISSION_DENIED); Bundle extras = new Bundle(); extras.putBoolean(EXTRA_ALLOW_DURING_SETUP, true); Notification.Builder nb = new Notification.Builder(mContext, mTestNotificationChannel.getId()) .setContentTitle("foo") .addExtras(extras) .setSmallIcon(android.R.drawable.sym_def_app_icon); StatusBarNotification sbn = new StatusBarNotification(PKG, PKG, 1, "testNoNotificationDuringSetupPermission", mUid, 0, nb.build(), UserHandle.getUserHandleForUid(mUid), null, 0); NotificationRecord nr = new NotificationRecord(mContext, sbn, mTestNotificationChannel); mBinderService.enqueueNotificationWithTag(PKG, PKG, sbn.getTag(), nr.getSbn().getId(), nr.getSbn().getNotification(), nr.getSbn().getUserId()); waitForIdle(); NotificationRecord posted = mService.findNotificationLocked( PKG, nr.getSbn().getTag(), nr.getSbn().getId(), nr.getSbn().getUserId()); assertFalse(posted.getNotification().extras.containsKey(EXTRA_ALLOW_DURING_SETUP)); } @Test public void testNoFakeColorizedPermission() throws Exception { when(mPermissionInternal.checkPermission(any(), any(), anyInt())) .thenReturn(PERMISSION_DENIED); when(mPackageManagerClient.checkPermission(any(), any())).thenReturn(PERMISSION_DENIED); Notification.Builder nb = new Notification.Builder(mContext, mTestNotificationChannel.getId()) .setContentTitle("foo") Loading @@ -4226,7 +4194,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testMediaStyleRemote_hasPermission() throws RemoteException { String deviceName = "device"; when(mPermissionInternal.checkPermission( when(mPackageManager.checkPermission( eq(android.Manifest.permission.MEDIA_CONTENT_CONTROL), any(), anyInt())) .thenReturn(PERMISSION_GRANTED); Notification.MediaStyle style = new Notification.MediaStyle(); Loading Loading @@ -4255,7 +4223,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testMediaStyleRemote_noPermission() throws RemoteException { String deviceName = "device"; when(mPermissionInternal.checkPermission( when(mPackageManager.checkPermission( eq(android.Manifest.permission.MEDIA_CONTENT_CONTROL), any(), anyInt())) .thenReturn(PERMISSION_DENIED); Notification.MediaStyle style = new Notification.MediaStyle(); Loading Loading @@ -4283,7 +4251,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testSubstituteAppName_hasPermission() throws RemoteException { String subName = "Substitute Name"; when(mPermissionInternal.checkPermission( when(mPackageManager.checkPermission( eq(android.Manifest.permission.SUBSTITUTE_NOTIFICATION_APP_NAME), any(), anyInt())) .thenReturn(PERMISSION_GRANTED); Bundle extras = new Bundle(); Loading @@ -4310,7 +4278,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testSubstituteAppName_noPermission() throws RemoteException { when(mPermissionInternal.checkPermission( when(mPackageManager.checkPermission( eq(android.Manifest.permission.SUBSTITUTE_NOTIFICATION_APP_NAME), any(), anyInt())) .thenReturn(PERMISSION_DENIED); Bundle extras = new Bundle(); Loading Loading @@ -5820,7 +5788,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testCanUseManagedServices_hasPermission() throws Exception { when(mPermissionInternal.checkPermission("perm", "pkg", 0)) when(mPackageManager.checkPermission("perm", "pkg", 0)) .thenReturn(PackageManager.PERMISSION_GRANTED); assertEquals(true, mService.canUseManagedServices("pkg", 0, "perm")); Loading @@ -5828,7 +5796,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { @Test public void testCanUseManagedServices_noPermission() throws Exception { when(mPermissionInternal.checkPermission("perm", "pkg", 0)) when(mPackageManager.checkPermission("perm", "pkg", 0)) .thenReturn(PackageManager.PERMISSION_DENIED); assertEquals(false, mService.canUseManagedServices("pkg", 0, "perm")); Loading Loading @@ -6783,7 +6751,7 @@ public class NotificationManagerServiceTest extends UiServiceTestCase { private void setIfPackageHasPermissionToAvoidToastRateLimiting( String pkg, boolean hasPermission) throws Exception { when(mPermissionInternal.checkPermission(android.Manifest.permission.UNLIMITED_TOASTS, when(mPackageManager.checkPermission(android.Manifest.permission.UNLIMITED_TOASTS, pkg, UserHandle.getUserId(mUid))) .thenReturn(hasPermission ? PERMISSION_GRANTED : PERMISSION_DENIED); } Loading
services/tests/uiservicestests/src/com/android/server/notification/RoleObserverTest.java +2 −4 Original line number Diff line number Diff line Loading @@ -72,7 +72,6 @@ import com.android.server.UiServiceTestCase; import com.android.server.lights.LightsManager; import com.android.server.notification.NotificationManagerService.NotificationAssistants; import com.android.server.notification.NotificationManagerService.NotificationListeners; import com.android.server.pm.permission.PermissionManagerServiceInternal; import com.android.server.uri.UriGrantsManagerInternal; import com.android.server.utils.quota.MultiRateLimiter; import com.android.server.wm.ActivityTaskManagerInternal; Loading Loading @@ -170,8 +169,7 @@ public class RoleObserverTest extends UiServiceTestCase { mock(ActivityManagerInternal.class), mock(MultiRateLimiter.class), mock(PermissionHelper.class), mock(UsageStatsManagerInternal.class), mock (TelecomManager.class), mock(NotificationChannelLogger.class), mock(PermissionManagerServiceInternal.class)); mock(NotificationChannelLogger.class)); } catch (SecurityException e) { if (!e.getMessage().contains("Permission Denial: not allowed to send broadcast")) { throw e; Loading
