Loading core/java/android/app/admin/DevicePolicyManager.java +4 −0 Original line number Diff line number Diff line Loading @@ -13088,6 +13088,10 @@ public class DevicePolicyManager { * @see #getCrossProfileCalendarPackages(ComponentName) * @hide */ @RequiresPermission(anyOf = { permission.INTERACT_ACROSS_USERS_FULL, permission.INTERACT_ACROSS_USERS }, conditional = true) public boolean isPackageAllowedToAccessCalendar(@NonNull String packageName) { throwIfParentInstance("isPackageAllowedToAccessCalendar"); if (mService != null) { services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +14 −1 Original line number Diff line number Diff line Loading @@ -16067,7 +16067,20 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkArgumentNonnegative(userHandle, "Invalid userId"); final CallerIdentity caller = getCallerIdentity(); Preconditions.checkCallAuthorization(hasCrossUsersPermission(caller, userHandle)); final int packageUid = mInjector.binderWithCleanCallingIdentity(() -> { try { return mInjector.getPackageManager().getPackageUidAsUser(packageName, userHandle); } catch (NameNotFoundException e) { Slogf.w(LOG_TAG, e, "Couldn't find package %s in user %d", packageName, userHandle); return -1; } }); if (caller.getUid() != packageUid) { Preconditions.checkCallAuthorization( hasCallingOrSelfPermission(permission.INTERACT_ACROSS_USERS) || hasCallingOrSelfPermission(permission.INTERACT_ACROSS_USERS_FULL)); } synchronized (getLockObject()) { if (mInjector.settingsSecureGetIntForUser( services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java +31 −0 Original line number Diff line number Diff line Loading @@ -6524,6 +6524,8 @@ public class DevicePolicyManagerTest extends DpmTestBase { when(getServices().settings.settingsSecureGetIntForUser( Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED, 0, CALLER_USER_HANDLE)).thenReturn(1); mContext.permissions.add(permission.INTERACT_ACROSS_USERS); assertThat(dpm.isPackageAllowedToAccessCalendar("TEST_PACKAGE")).isFalse(); } Loading @@ -6535,6 +6537,8 @@ public class DevicePolicyManagerTest extends DpmTestBase { when(getServices().settings.settingsSecureGetIntForUser( Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED, 0, CALLER_USER_HANDLE)).thenReturn(0); mContext.permissions.add(permission.INTERACT_ACROSS_USERS); assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isFalse(); } Loading @@ -6546,6 +6550,33 @@ public class DevicePolicyManagerTest extends DpmTestBase { when(getServices().settings.settingsSecureGetIntForUser( Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED, 0, CALLER_USER_HANDLE)).thenReturn(1); mContext.permissions.add(permission.INTERACT_ACROSS_USERS); assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isTrue(); } @Test public void testIsPackageAllowedToAccessCalendar_requiresPermission() { final String testPackage = "TEST_PACKAGE"; assertExpectException(SecurityException.class, /* messageRegex= */ null, () -> dpm.isPackageAllowedToAccessCalendar(testPackage)); } @Test public void testIsPackageAllowedToAccessCalendar_samePackageAndSameUser_noPermissionRequired() throws Exception { final String testPackage = "TEST_PACKAGE"; setAsProfileOwner(admin1); dpm.setCrossProfileCalendarPackages(admin1, null); when(getServices().settings.settingsSecureGetIntForUser( Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED, 0, CALLER_USER_HANDLE)).thenReturn(1); doReturn(mContext.binder.callingUid) .when(getServices().packageManager).getPackageUidAsUser( eq(testPackage), anyInt()); assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isTrue(); } Loading Loading
core/java/android/app/admin/DevicePolicyManager.java +4 −0 Original line number Diff line number Diff line Loading @@ -13088,6 +13088,10 @@ public class DevicePolicyManager { * @see #getCrossProfileCalendarPackages(ComponentName) * @hide */ @RequiresPermission(anyOf = { permission.INTERACT_ACROSS_USERS_FULL, permission.INTERACT_ACROSS_USERS }, conditional = true) public boolean isPackageAllowedToAccessCalendar(@NonNull String packageName) { throwIfParentInstance("isPackageAllowedToAccessCalendar"); if (mService != null) {
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +14 −1 Original line number Diff line number Diff line Loading @@ -16067,7 +16067,20 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { Preconditions.checkArgumentNonnegative(userHandle, "Invalid userId"); final CallerIdentity caller = getCallerIdentity(); Preconditions.checkCallAuthorization(hasCrossUsersPermission(caller, userHandle)); final int packageUid = mInjector.binderWithCleanCallingIdentity(() -> { try { return mInjector.getPackageManager().getPackageUidAsUser(packageName, userHandle); } catch (NameNotFoundException e) { Slogf.w(LOG_TAG, e, "Couldn't find package %s in user %d", packageName, userHandle); return -1; } }); if (caller.getUid() != packageUid) { Preconditions.checkCallAuthorization( hasCallingOrSelfPermission(permission.INTERACT_ACROSS_USERS) || hasCallingOrSelfPermission(permission.INTERACT_ACROSS_USERS_FULL)); } synchronized (getLockObject()) { if (mInjector.settingsSecureGetIntForUser(
services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java +31 −0 Original line number Diff line number Diff line Loading @@ -6524,6 +6524,8 @@ public class DevicePolicyManagerTest extends DpmTestBase { when(getServices().settings.settingsSecureGetIntForUser( Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED, 0, CALLER_USER_HANDLE)).thenReturn(1); mContext.permissions.add(permission.INTERACT_ACROSS_USERS); assertThat(dpm.isPackageAllowedToAccessCalendar("TEST_PACKAGE")).isFalse(); } Loading @@ -6535,6 +6537,8 @@ public class DevicePolicyManagerTest extends DpmTestBase { when(getServices().settings.settingsSecureGetIntForUser( Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED, 0, CALLER_USER_HANDLE)).thenReturn(0); mContext.permissions.add(permission.INTERACT_ACROSS_USERS); assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isFalse(); } Loading @@ -6546,6 +6550,33 @@ public class DevicePolicyManagerTest extends DpmTestBase { when(getServices().settings.settingsSecureGetIntForUser( Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED, 0, CALLER_USER_HANDLE)).thenReturn(1); mContext.permissions.add(permission.INTERACT_ACROSS_USERS); assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isTrue(); } @Test public void testIsPackageAllowedToAccessCalendar_requiresPermission() { final String testPackage = "TEST_PACKAGE"; assertExpectException(SecurityException.class, /* messageRegex= */ null, () -> dpm.isPackageAllowedToAccessCalendar(testPackage)); } @Test public void testIsPackageAllowedToAccessCalendar_samePackageAndSameUser_noPermissionRequired() throws Exception { final String testPackage = "TEST_PACKAGE"; setAsProfileOwner(admin1); dpm.setCrossProfileCalendarPackages(admin1, null); when(getServices().settings.settingsSecureGetIntForUser( Settings.Secure.CROSS_PROFILE_CALENDAR_ENABLED, 0, CALLER_USER_HANDLE)).thenReturn(1); doReturn(mContext.binder.callingUid) .when(getServices().packageManager).getPackageUidAsUser( eq(testPackage), anyInt()); assertThat(dpm.isPackageAllowedToAccessCalendar(testPackage)).isTrue(); } Loading
