Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit aa032460 authored by Bernardo Rufino's avatar Bernardo Rufino
Browse files

Move getServiceForUserIfCallerHasPermission() to Trampoline 

From BMS.

Test: atest BackupManagerServiceTest TrampolineRoboTest TrampolineTest
Bug: 135661048
Change-Id: I7758e00635d385272b64bbc8d64dd0fd0ad600d2
parent 0948c30a

services/backup/java/com/android/server/backup/BackupManagerService.java

+0 −20
Original line number Diff line number Diff line
@@ -18,8 +18,6 @@ package com.android.server.backup; 


import static com.android.internal.util.Preconditions.checkNotNull;



import android.annotation.Nullable;

import android.annotation.UserIdInt;

import android.content.Context;

import android.os.IBinder;

import android.util.SparseArray;
@@ -55,24 +53,6 @@ public class BackupManagerService { 
        mServiceUsers = userServices;

    }



    /**

     * Returns the {@link UserBackupManagerService} instance for the specified user {@code userId}.

     * If the user is not registered with the service (either the user is locked or not eligible for

     * the backup service) then return {@code null}.

     *

     * @param userId The id of the user to retrieve its instance of {@link

     *     UserBackupManagerService}.

     * @param caller A {@link String} identifying the caller for logging purposes.

     * @throws SecurityException if {@code userId} is different from the calling user id and the

     *     caller does NOT have the android.permission.INTERACT_ACROSS_USERS_FULL permission.

     */

    @Nullable

    @VisibleForTesting

    UserBackupManagerService getServiceForUserIfCallerHasPermission(

            @UserIdInt int userId, String caller) {

        return mTrampoline.getServiceForUserIfCallerHasPermission(userId, caller);

    }



    /** Implementation to receive lifecycle event callbacks for system services. */

    public static class Lifecycle extends SystemService {

        public Lifecycle(Context context) {

services/robotests/backup/src/com/android/server/backup/BackupManagerServiceTest.java

+0 −48
Original line number Diff line number Diff line
@@ -21,7 +21,6 @@ import static android.Manifest.permission.INTERACT_ACROSS_USERS_FULL; 


import static com.google.common.truth.Truth.assertThat;



import static org.junit.Assert.assertEquals;

import static org.mockito.ArgumentMatchers.any;

import static org.mockito.ArgumentMatchers.anyString;

import static org.mockito.Mockito.doNothing;
@@ -158,53 +157,6 @@ public class BackupManagerServiceTest { 
                                mContext, /* trampoline */ null, new SparseArray<>()));

    }



    /**

     * Test that the backup services throws a {@link SecurityException} if the caller does not have

     * INTERACT_ACROSS_USERS_FULL permission and passes a different user id.

     */

    @Test

    public void testGetServiceForUser_withoutPermission_throwsSecurityExceptionForNonCallingUser() {

        registerUser(mUserOneId, mUserOneService);

        BackupManagerService backupManagerService = createService();

        setCallerAndGrantInteractUserPermission(mUserTwoId, /* shouldGrantPermission */ false);



        expectThrows(

                SecurityException.class,

                () ->

                        backupManagerService.getServiceForUserIfCallerHasPermission(

                                mUserOneId, "test"));

    }



    /**

     * Test that the backup services does not throw a {@link SecurityException} if the caller has

     * INTERACT_ACROSS_USERS_FULL permission and passes a different user id.

     */

    @Test

    public void testGetServiceForUserIfCallerHasPermission_withPermission_worksForNonCallingUser() {

        registerUser(mUserOneId, mUserOneService);

        BackupManagerService backupManagerService = createService();

        setCallerAndGrantInteractUserPermission(mUserTwoId, /* shouldGrantPermission */ true);



        assertEquals(

                mUserOneService,

                backupManagerService.getServiceForUserIfCallerHasPermission(mUserOneId, "test"));

    }



    /**

     * Test that the backup services does not throw a {@link SecurityException} if the caller does

     * not have INTERACT_ACROSS_USERS_FULL permission and passes in the calling user id.

     */

    @Test

    public void testGetServiceForUserIfCallerHasPermission_withoutPermission_worksForCallingUser() {

        registerUser(mUserOneId, mUserOneService);

        BackupManagerService backupManagerService = createService();

        setCallerAndGrantInteractUserPermission(mUserOneId, /* shouldGrantPermission */ false);



        assertEquals(

                mUserOneService,

                backupManagerService.getServiceForUserIfCallerHasPermission(mUserOneId, "test"));

    }



    // ---------------------------------------------

    //  Lifecycle tests

    // ---------------------------------------------

services/robotests/backup/src/com/android/server/backup/TrampolineRoboTest.java

+47 −0
Original line number Diff line number Diff line
@@ -1487,6 +1487,53 @@ public class TrampolineRoboTest { 
        mShadowContext.grantPermissions(PACKAGE_USAGE_STATS);

    }



    /**

     * Test that the backup services throws a {@link SecurityException} if the caller does not have

     * INTERACT_ACROSS_USERS_FULL permission and passes a different user id.

     */

    @Test

    public void testGetServiceForUser_withoutPermission_throwsSecurityExceptionForNonCallingUser() {

        Trampoline backupManagerService = createService();

        registerUser(backupManagerService, mUserOneId, mUserOneService);

        setCallerAndGrantInteractUserPermission(mUserTwoId, /* shouldGrantPermission */ false);



        expectThrows(

                SecurityException.class,

                () ->

                        backupManagerService.getServiceForUserIfCallerHasPermission(

                                mUserOneId, "test"));

    }



    /**

     * Test that the backup services does not throw a {@link SecurityException} if the caller has

     * INTERACT_ACROSS_USERS_FULL permission and passes a different user id.

     */

    @Test

    public void testGetServiceForUserIfCallerHasPermission_withPermission_worksForNonCallingUser() {

        Trampoline backupManagerService = createService();

        registerUser(backupManagerService, mUserOneId, mUserOneService);

        setCallerAndGrantInteractUserPermission(mUserTwoId, /* shouldGrantPermission */ true);



        assertEquals(

                mUserOneService,

                backupManagerService.getServiceForUserIfCallerHasPermission(mUserOneId, "test"));

    }



    /**

     * Test that the backup services does not throw a {@link SecurityException} if the caller does

     * not have INTERACT_ACROSS_USERS_FULL permission and passes in the calling user id.

     */

    @Test

    public void testGetServiceForUserIfCallerHasPermission_withoutPermission_worksForCallingUser() {

        Trampoline backupManagerService = createService();

        registerUser(backupManagerService, mUserOneId, mUserOneService);

        setCallerAndGrantInteractUserPermission(mUserOneId, /* shouldGrantPermission */ false);



        assertEquals(

                mUserOneService,

                backupManagerService.getServiceForUserIfCallerHasPermission(mUserOneId, "test"));

    }



    private Trampoline createService() {

        return new Trampoline(mContext);

    }