Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5c1a3ee2 authored by Anthony Stange's avatar Anthony Stange Committed by Automerger Merge Worker
Browse files

Merge "Modify logic handling denied auth state" into sc-dev am: 07033a21

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/13840986

Change-Id: Id6ea9a29205d26c2e89e738fd87376dd7f322d5a
parents a6d77a1e 07033a21
Loading
Loading
Loading
Loading
+0 −1
Original line number Diff line number Diff line
@@ -3658,7 +3658,6 @@ package android.hardware.location {
    field public static final int RESULT_FAILED_BAD_PARAMS = 2; // 0x2
    field public static final int RESULT_FAILED_BUSY = 4; // 0x4
    field public static final int RESULT_FAILED_HAL_UNAVAILABLE = 8; // 0x8
    field public static final int RESULT_FAILED_PERMISSION_DENIED = 9; // 0x9
    field public static final int RESULT_FAILED_SERVICE_INTERNAL_FAILURE = 7; // 0x7
    field public static final int RESULT_FAILED_TIMEOUT = 6; // 0x6
    field public static final int RESULT_FAILED_UNINITIALIZED = 3; // 0x3
+2 −0
Original line number Diff line number Diff line
@@ -146,6 +146,8 @@ public class ContextHubClient implements Closeable {
     * @return the result of sending the message defined as in ContextHubTransaction.Result
     *
     * @throws NullPointerException if NanoAppMessage is null
     * @throws SecurityException if this client doesn't have permissions to send a message to the
     * nanoapp.
     *
     * @see NanoAppMessage
     * @see ContextHubTransaction.Result
+4 −5
Original line number Diff line number Diff line
@@ -117,11 +117,10 @@ public class ContextHubClientCallback {
     * 4) {@link ContextHubClient} performs any cleanup required with the nanoapp
     * 5) Callback invoked with the nanoapp ID and {@link ContextHubManager#AUTHORIZATION_DENIED}.
     *    At this point, any further attempts of communication between the nanoapp and the
     *    {@link ContextHubClient} will be dropped by the contexthub and a return value of
     *    {@link ContextHubTransaction#RESULT_FAILED_PERMISSION_DENIED} will be used when calling
     *    {@link ContextHubClient#sendMessageToNanoApp}. The {@link ContextHubClient} should assume
     *    no communciation can happen again until {@link ContextHubManager#AUTHORIZATION_GRANTED} is
     *    received.
     *    {@link ContextHubClient} will be dropped by the contexthub and a security exception will
     *    be thrown when calling {@link ContextHubClient#sendMessageToNanoApp}. The
     *    {@link ContextHubClient} should assume no communciation can happen again until
     *    {@link ContextHubManager#AUTHORIZATION_GRANTED} is received.
     *
     * @param client the client that is associated with this callback
     * @param nanoAppId the ID of the nanoapp associated with the new
+1 −7
Original line number Diff line number Diff line
@@ -81,8 +81,7 @@ public class ContextHubTransaction<T> {
            RESULT_FAILED_AT_HUB,
            RESULT_FAILED_TIMEOUT,
            RESULT_FAILED_SERVICE_INTERNAL_FAILURE,
            RESULT_FAILED_HAL_UNAVAILABLE,
            RESULT_FAILED_PERMISSION_DENIED
            RESULT_FAILED_HAL_UNAVAILABLE
    })
    public @interface Result {}
    public static final int RESULT_SUCCESS = 0;
@@ -118,11 +117,6 @@ public class ContextHubTransaction<T> {
     * Failure mode when the Context Hub HAL was not available.
     */
    public static final int RESULT_FAILED_HAL_UNAVAILABLE = 8;
    /**
     * Failure mode when the user of the API doesn't have the required permissions to perform the
     * operation.
     */
    public static final int RESULT_FAILED_PERMISSION_DENIED = 9;

    /**
     * A class describing the response for a ContextHubTransaction.
+21 −1
Original line number Diff line number Diff line
@@ -25,6 +25,9 @@ import android.Manifest;
import android.annotation.Nullable;
import android.app.AppOpsManager;
import android.app.PendingIntent;
import android.compat.Compatibility;
import android.compat.annotation.ChangeId;
import android.compat.annotation.EnabledAfter;
import android.content.Context;
import android.content.Intent;
import android.hardware.contexthub.V1_0.ContextHubMsg;
@@ -38,6 +41,7 @@ import android.hardware.location.IContextHubTransactionCallback;
import android.hardware.location.NanoAppMessage;
import android.hardware.location.NanoAppState;
import android.os.Binder;
import android.os.Build;
import android.os.IBinder;
import android.os.Looper;
import android.os.RemoteException;
@@ -113,6 +117,14 @@ public class ContextHubClientBroker extends IContextHubClient.Stub
     */
    private static final String RECEIVE_MSG_NOTE = "NanoappMessageDelivery ";

    /**
     * For clients targeting S and above, a SecurityException is thrown when they are in the denied
     * authorization state and attempt to send a message to a nanoapp.
     */
    @ChangeId
    @EnabledAfter(targetSdkVersion = Build.VERSION_CODES.R)
    private static final long CHANGE_ID_AUTH_STATE_DENIED = 181350407L;

    /*
     * The context of the service.
     */
@@ -351,6 +363,8 @@ public class ContextHubClientBroker extends IContextHubClient.Stub
     *
     * @param message the message to send
     * @return the error code of sending the message
     * @throws SecurityException if this client doesn't have permissions to send a message to the
     * nanoapp
     */
    @ContextHubTransaction.Result
    @Override
@@ -362,7 +376,13 @@ public class ContextHubClientBroker extends IContextHubClient.Stub
            int authState = mMessageChannelNanoappIdMap.getOrDefault(
                    message.getNanoAppId(), AUTHORIZATION_UNKNOWN);
            if (authState == AUTHORIZATION_DENIED) {
                return ContextHubTransaction.RESULT_FAILED_PERMISSION_DENIED;
                if (Compatibility.isChangeEnabled(CHANGE_ID_AUTH_STATE_DENIED)) {
                    throw new SecurityException("Client doesn't have valid permissions to send"
                            + " message to " + message.getNanoAppId());
                }
                // Return a bland error code for apps targeting old SDKs since they wouldn't be able
                // to use an error code added in S.
                return ContextHubTransaction.RESULT_FAILED_UNKNOWN;
            } else if (authState == AUTHORIZATION_UNKNOWN) {
                // Only check permissions the first time a nanoapp is queried since nanoapp
                // permissions don't currently change at runtime. If the host permission changes