Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 91934801 authored by hyosun's avatar hyosun Committed by Hyosun Kim
Browse files

To read the group UUID, the calling app either needs carrier privileges or the... 

To read the group UUID, the calling app either needs carrier privileges or the READ_PHONE_STATE permission and access to device identifiers.

If the app has only the READ_PHONE_STATE permission, it can no longer read the group UUID.
When SubscriptionManager#getSubscriptionsInGroup is called, If the calling app has carrier permission or READ_PHONE_STATE permission and access to device identifiers, then returns a list.
If not, it will throw a SecurityException.

Bug: 213902861
Test: atest SubscriptionManagerTest
Test: atest SubscriptionControllerTest
Test: manual (b/213902861#comment54)
Change-Id: I4e764b1a5babfcacf675f6e83d2b1014ec570c1e
parent 68b9dc64

telephony/java/android/telephony/SubscriptionManager.java

+12 −2
Original line number Diff line number Diff line
@@ -3456,10 +3456,20 @@ public class SubscriptionManager { 
     * Get subscriptionInfo list of subscriptions that are in the same group of given subId.

     * See {@link #createSubscriptionGroup(List)} for more details.

     *

     * Caller will either have {@link android.Manifest.permission#READ_PHONE_STATE}

     * permission or had carrier privilege permission on the subscription.

     * Caller must have {@link android.Manifest.permission#READ_PHONE_STATE}

     * or carrier privilege permission on the subscription.

     * {@link TelephonyManager#hasCarrierPrivileges()}

     *

     * <p>Starting with API level 33, the caller also needs permission to access device identifiers

     * to get the list of subscriptions associated with a group UUID.

     * This method can be invoked if one of the following requirements is met:

     * <ul>

     *     <li>If the app has carrier privilege permission.

     *     {@link TelephonyManager#hasCarrierPrivileges()}

     *     <li>If the app has {@link android.Manifest.permission#READ_PHONE_STATE} permission and

     *     access to device identifiers.

     * </ul>

     *

     * @throws IllegalStateException if Telephony service is in bad state.

     * @throws SecurityException if the caller doesn't meet the requirements

     *             outlined above.