Merge "Resive SliceManagerService#checkSlicePermission" (54c9196f) · Commits · e / os / android_frameworks_base

core/java/android/app/slice/ISliceManager.aidl

+1 −1

Original line number	Diff line number	Diff line
		@@ -33,7 +33,7 @@ interface ISliceManager {
		// Perms.
		void grantSlicePermission(String callingPkg, String toPkg, in Uri uri);
		void revokeSlicePermission(String callingPkg, String toPkg, in Uri uri);
		int checkSlicePermission(in Uri uri, String callingPkg, String pkg, int pid, int uid,
		int checkSlicePermission(in Uri uri, String callingPkg, int pid, int uid,
		in String[] autoGrantPermissions);
		void grantPermissionFromUser(in Uri uri, String pkg, String callingPkg, boolean allSlices);
		}

core/java/android/app/slice/SliceManager.java

+5 −9

Original line number	Diff line number	Diff line
		@@ -439,8 +439,8 @@ public class SliceManager {
		*/
		public @PermissionResult int checkSlicePermission(@NonNull Uri uri, int pid, int uid) {
		try {
		return mService.checkSlicePermission(uri, mContext.getPackageName(), null, pid, uid,
		null);
		return mService.checkSlicePermission(uri, mContext.getPackageName(), pid, uid,
		null /* autoGrantPermissions */);
		} catch (RemoteException e) {
		throw e.rethrowFromSystemServer();
		}
		@@ -488,17 +488,13 @@ public class SliceManager {
		* Does the permission check to see if a caller has access to a specific slice.
		* @hide
		*/
		public void enforceSlicePermission(Uri uri, String pkg, int pid, int uid,
		String[] autoGrantPermissions) {
		public void enforceSlicePermission(Uri uri, int pid, int uid, String[] autoGrantPermissions) {
		try {
		if (UserHandle.isSameApp(uid, Process.myUid())) {
		return;
		}
		if (pkg == null) {
		throw new SecurityException("No pkg specified");
		}
		int result = mService.checkSlicePermission(uri, mContext.getPackageName(), pkg, pid,
		uid, autoGrantPermissions);
		int result = mService.checkSlicePermission(uri, mContext.getPackageName(), pid, uid,
		autoGrantPermissions);
		if (result == PERMISSION_DENIED) {
		throw new SecurityException("User " + uid + " does not have slice permission for "
		+ uri + ".");

core/java/android/app/slice/SliceProvider.java

+2 −2

Original line number	Diff line number	Diff line
		@@ -452,8 +452,8 @@ public abstract class SliceProvider extends ContentProvider {
		String pkg = callingPkg != null ? callingPkg
		: getContext().getPackageManager().getNameForUid(callingUid);
		try {
		mSliceManager.enforceSlicePermission(sliceUri, pkg,
		callingPid, callingUid, mAutoGrantPermissions);
		mSliceManager.enforceSlicePermission(sliceUri, callingPid, callingUid,
		mAutoGrantPermissions);
		} catch (SecurityException e) {
		return createPermissionSlice(getContext(), sliceUri, pkg);
		}

services/core/java/com/android/server/slice/SliceManagerService.java

+10 −4

Original line number	Diff line number	Diff line
		@@ -65,7 +65,6 @@ import com.android.internal.app.AssistUtils;
		import com.android.server.LocalServices;
		import com.android.server.ServiceThread;
		import com.android.server.SystemService;
		import com.android.server.SystemService.TargetUser;

		import org.xmlpull.v1.XmlPullParser;
		import org.xmlpull.v1.XmlPullParserException;
		@@ -226,12 +225,18 @@ public class SliceManagerService extends ISliceManager.Stub {
		}

		@Override
		public int checkSlicePermission(Uri uri, String callingPkg, String pkg, int pid, int uid,
		public int checkSlicePermission(Uri uri, String callingPkg, int pid, int uid,
		String[] autoGrantPermissions) {
		return checkSlicePermissionInternal(uri, callingPkg, null /* pkg */, pid, uid,
		autoGrantPermissions);
		}

		private int checkSlicePermissionInternal(Uri uri, String callingPkg, String pkg, int pid,
		int uid, String[] autoGrantPermissions) {
		int userId = UserHandle.getUserId(uid);
		if (pkg == null) {
		for (String p : mContext.getPackageManager().getPackagesForUid(uid)) {
		if (checkSlicePermission(uri, callingPkg, p, pid, uid, autoGrantPermissions)
		if (checkSlicePermissionInternal(uri, callingPkg, p, pid, uid, autoGrantPermissions)
		== PERMISSION_GRANTED) {
		return PERMISSION_GRANTED;
		}
		@@ -395,7 +400,8 @@ public class SliceManagerService extends ISliceManager.Stub {
		}

		protected int checkAccess(String pkg, Uri uri, int uid, int pid) {
		return checkSlicePermission(uri, null, pkg, pid, uid, null);
		return checkSlicePermissionInternal(uri, null /* callingPkg */, pkg, pid, uid,
		null /* autoGrantPermissions */);
		}

		private String getProviderPkg(Uri uri, int user) {

services/tests/uiservicestests/src/com/android/server/slice/SliceManagerServiceTest.java

+2 −3

Original line number	Diff line number	Diff line
		@@ -122,8 +122,7 @@ public class SliceManagerServiceTest extends UiServiceTestCase {
		when(mContextSpy.checkPermission("perm2", Process.myPid(), Process.myUid()))
		.thenReturn(PERMISSION_GRANTED);
		mService.checkSlicePermission(TEST_URI, mContext.getPackageName(),
		mContext.getPackageName(), Process.myPid(),
		Process.myUid(), testPerms);
		Process.myPid(), Process.myUid(), testPerms);

		verify(mContextSpy).checkPermission(eq("perm1"), eq(Process.myPid()), eq(Process.myUid()));
		verify(mContextSpy).checkPermission(eq("perm2"), eq(Process.myPid()), eq(Process.myUid()));
		@@ -148,7 +147,7 @@ public class SliceManagerServiceTest extends UiServiceTestCase {

		private void grantSlicePermission() {
		doReturn(PERMISSION_GRANTED).when(mService).checkSlicePermission(
		eq(TEST_URI), anyString(), anyString(), anyInt(), anyInt(), any());
		eq(TEST_URI), anyString(), anyInt(), anyInt(), any());
		doReturn(PERMISSION_GRANTED).when(mService).checkAccess(
		anyString(), eq(TEST_URI), anyInt(), anyInt());
		}