Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5b91f32b authored by Azhara Assanova's avatar Azhara Assanova Committed by Thiébaud Weksteen
Browse files

Allow short strings for manifest permissions in @EnforcePermission

Short strings in this context are permission strings without the leading
"android.permission.", e.g. a short string for
"android.permission.MODIFY_AUDIO_ROUTING" is "MODIFY_AUDIO_ROUTING".

Bug: 270686198
Test: atest --host AndroidGlobalLintCheckerTest
Change-Id: Ic01049613316b79123ce2300511efb5fd8143d4c
Merged-In: Ic01049613316b79123ce2300511efb5fd8143d4c
parent aec895aa
Loading
Loading
Loading
Loading
+1 −0
Original line number Diff line number Diff line
@@ -30,6 +30,7 @@ const val BINDER_CLASS = "android.os.Binder"
const val IINTERFACE_INTERFACE = "android.os.IInterface"

const val AIDL_PERMISSION_HELPER_SUFFIX = "_enforcePermission"
const val PERMISSION_PREFIX_LITERAL = "android.permission."

/**
 * If a non java (e.g. c++) backend is enabled, the @EnforcePermission
+8 −2
Original line number Diff line number Diff line
@@ -97,7 +97,7 @@ class EnforcePermissionDetector : Detector(), SourceCodeScanner {
            val v1 = ConstantEvaluator.evaluate(context, value1)
            val v2 = ConstantEvaluator.evaluate(context, value2)
            if (v1 != null && v2 != null) {
                if (v1 != v2) {
                if (v1 != v2 && !isOneShortPermissionOfOther(v1, v2)) {
                    return false
                }
            } else {
@@ -109,7 +109,7 @@ class EnforcePermissionDetector : Detector(), SourceCodeScanner {
                for (j in children1.indices) {
                    val c1 = ConstantEvaluator.evaluate(context, children1[j])
                    val c2 = ConstantEvaluator.evaluate(context, children2[j])
                    if (c1 != c2) {
                    if (c1 != c2 && !isOneShortPermissionOfOther(c1, c2)) {
                        return false
                    }
                }
@@ -118,6 +118,12 @@ class EnforcePermissionDetector : Detector(), SourceCodeScanner {
        return true
    }

    private fun isOneShortPermissionOfOther(
        permission1: Any?,
        permission2: Any?
    ): Boolean = permission1 == (permission2 as? String)?.removePrefix(PERMISSION_PREFIX_LITERAL) ||
            permission2 == (permission1 as? String)?.removePrefix(PERMISSION_PREFIX_LITERAL)

    private fun compareMethods(
        context: JavaContext,
        element: UElement,
+61 −10
Original line number Diff line number Diff line
@@ -321,15 +321,50 @@ class EnforcePermissionDetectorTest : LintDetectorTest() {
            )
    }

    fun testDoesDetectIssuesShortStringsNotAllowed() {
    fun testDoesNotDetectIssuesShortStringsAllowedInChildAndParent() {
        lint().files(java(
            """
            package test.pkg;
            import android.annotation.EnforcePermission;
            public class TestClass121 extends IFooMethod.Stub {
                @Override
                @EnforcePermission("READ_PHONE_STATE")
                public void testMethod() {}
                @Override
                @EnforcePermission(android.Manifest.permission.READ_PHONE_STATE)
                public void testMethodParentShortPermission() {}
                @Override
                @EnforcePermission(anyOf={"INTERNET", "READ_PHONE_STATE"})
                public void testMethodAnyLiteral() {}
                @Override
                @EnforcePermission(anyOf={android.Manifest.permission.INTERNET, android.Manifest.permission.READ_PHONE_STATE})
                public void testMethodAnyLiteralParentsShortPermission() {}
            }
            """).indented(),
            *stubs
        )
            .run()
            .expectClean()
    }

    fun testDoesDetectIssuesWrongShortStringsInChildAndParent() {
        lint().files(java(
            """
            package test.pkg;
            import android.annotation.EnforcePermission;
            public class TestClass121 extends IFooMethod.Stub {
                @Override
                @EnforcePermission("READ_WRONG_PHONE_STATE")
                public void testMethod() {}
                @Override
                @EnforcePermission(android.Manifest.permission.READ_WRONG_PHONE_STATE)
                public void testMethodParentShortPermission() {}
                @Override
                @EnforcePermission(anyOf={"WRONG_INTERNET", "READ_PHONE_STATE"})
                public void testMethodAnyLiteral() {}
                @Override
                @EnforcePermission(anyOf={android.Manifest.permission.INTERNET, android.Manifest.permission.READ_WRONG_PHONE_STATE})
                public void testMethodAnyLiteralParentsShortPermission() {}
            }
            """).indented(),
            *stubs
@@ -337,14 +372,19 @@ class EnforcePermissionDetectorTest : LintDetectorTest() {
            .run()
            .expect(
                """
                src/test/pkg/TestClass121.java:6: Error: The method \
                TestClass121.testMethodAnyLiteral is annotated with @EnforcePermission(anyOf={"INTERNET", "READ_PHONE_STATE"}) \
                which differs from the overridden method Stub.testMethodAnyLiteral: \
                @android.annotation.EnforcePermission(anyOf={android.Manifest.permission.INTERNET, "android.permission.READ_PHONE_STATE"}). \
                The same annotation must be used for both methods. [MismatchingEnforcePermissionAnnotation]
            src/test/pkg/TestClass121.java:6: Error: The method TestClass121.testMethod is annotated with @EnforcePermission("READ_WRONG_PHONE_STATE") which differs from the overridden method Stub.testMethod: @android.annotation.EnforcePermission(android.Manifest.permission.READ_PHONE_STATE). The same annotation must be used for both methods. [MismatchingEnforcePermissionAnnotation]
                public void testMethod() {}
                            ~~~~~~~~~~
            src/test/pkg/TestClass121.java:9: Error: The method TestClass121.testMethodParentShortPermission is annotated with @EnforcePermission(android.Manifest.permission.READ_WRONG_PHONE_STATE) which differs from the overridden method Stub.testMethodParentShortPermission: @android.annotation.EnforcePermission("READ_PHONE_STATE"). The same annotation must be used for both methods. [MismatchingEnforcePermissionAnnotation]
                public void testMethodParentShortPermission() {}
                            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
            src/test/pkg/TestClass121.java:12: Error: The method TestClass121.testMethodAnyLiteral is annotated with @EnforcePermission(anyOf={"WRONG_INTERNET", "READ_PHONE_STATE"}) which differs from the overridden method Stub.testMethodAnyLiteral: @android.annotation.EnforcePermission(anyOf={android.Manifest.permission.INTERNET, "android.permission.READ_PHONE_STATE"}). The same annotation must be used for both methods. [MismatchingEnforcePermissionAnnotation]
                public void testMethodAnyLiteral() {}
                            ~~~~~~~~~~~~~~~~~~~~
                1 errors, 0 warnings
            src/test/pkg/TestClass121.java:15: Error: The method TestClass121.testMethodAnyLiteralParentsShortPermission is annotated with @EnforcePermission(anyOf={android.Manifest.permission.INTERNET, android.Manifest.permission.READ_WRONG_PHONE_STATE}) which differs from the overridden method Stub.testMethodAnyLiteralParentsShortPermission: @android.annotation.EnforcePermission(anyOf={"INTERNET", "READ_PHONE_STATE"}). The same annotation must be used for both methods. [MismatchingEnforcePermissionAnnotation]
                public void testMethodAnyLiteralParentsShortPermission() {}
                            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
            4 errors, 0 warnings
                """.addLineContinuation()
            )
    }
@@ -360,12 +400,18 @@ class EnforcePermissionDetectorTest : LintDetectorTest() {
            @android.annotation.EnforcePermission(android.Manifest.permission.READ_PHONE_STATE)
            public void testMethod() {}
            @Override
            @android.annotation.EnforcePermission("READ_PHONE_STATE")
            public void testMethodParentShortPermission() {}
            @Override
            @android.annotation.EnforcePermission(anyOf={android.Manifest.permission.INTERNET, android.Manifest.permission.READ_PHONE_STATE})
            public void testMethodAny() {}
            @Override
            @android.annotation.EnforcePermission(anyOf={android.Manifest.permission.INTERNET, "android.permission.READ_PHONE_STATE"})
            public void testMethodAnyLiteral() {}
            @Override
            @android.annotation.EnforcePermission(anyOf={"INTERNET", "READ_PHONE_STATE"})
            public void testMethodAnyLiteralParentsShortPermission() {}
            @Override
            @android.annotation.EnforcePermission(allOf={android.Manifest.permission.INTERNET, android.Manifest.permission.READ_PHONE_STATE})
            public void testMethodAll() {}
            @Override
@@ -374,10 +420,14 @@ class EnforcePermissionDetectorTest : LintDetectorTest() {
          }
          @android.annotation.EnforcePermission(android.Manifest.permission.READ_PHONE_STATE)
          public void testMethod();
          @android.annotation.EnforcePermission("READ_PHONE_STATE")
          public void testMethodParentShortPermission();
          @android.annotation.EnforcePermission(anyOf={android.Manifest.permission.INTERNET, android.Manifest.permission.READ_PHONE_STATE})
          public void testMethodAny() {}
          @android.annotation.EnforcePermission(anyOf={android.Manifest.permission.INTERNET, "android.permission.READ_PHONE_STATE"})
          public void testMethodAnyLiteral() {}
          @android.annotation.EnforcePermission(anyOf={"INTERNET", "READ_PHONE_STATE"})
          public void testMethodAnyLiteralParentsShortPermission() {}
          @android.annotation.EnforcePermission(allOf={android.Manifest.permission.INTERNET, android.Manifest.permission.READ_PHONE_STATE})
          public void testMethodAll() {}
          @android.annotation.EnforcePermission(allOf={android.Manifest.permission.INTERNET, "android.permission.READ_PHONE_STATE"})
@@ -404,6 +454,7 @@ class EnforcePermissionDetectorTest : LintDetectorTest() {
        package android.Manifest;
        class permission {
          public static final String READ_PHONE_STATE = "android.permission.READ_PHONE_STATE";
          public static final String READ_WRONG_PHONE_STATE = "android.permission.READ_WRONG_PHONE_STATE";
          public static final String NFC = "android.permission.NFC";
          public static final String INTERNET = "android.permission.INTERNET";
        }