Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b404eee1 authored by Thiébaud Weksteen's avatar Thiébaud Weksteen
Browse files

Add end-to-end tests for @EnforcePermission 

The current integration tests under system/tools/aidl mock
PermissionEnforcer and as such do not exercise the complete permission
checks. Set up a service app (service-app) which relies on the
annotation to protect its methods. A nested service is included to test
that permission checks propagate to same-process calls.

Bug: 269721152
Test: atest EnforcePermissionTests
Change-Id: I2d14f10333eabc385007216038dc487f83a4d21a
parent 8fa88e47

tests/EnforcePermission/Android.bp

0 → 100644
+22 −0
Original line number Diff line number Diff line 
// Copyright (C) 2023 The Android Open Source Project

//

// Licensed under the Apache License, Version 2.0 (the "License");

// you may not use this file except in compliance with the License.

// You may obtain a copy of the License at

//

//      http://www.apache.org/licenses/LICENSE-2.0

//

// Unless required by applicable law or agreed to in writing, software

// distributed under the License is distributed on an "AS IS" BASIS,

// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

// See the License for the specific language governing permissions and

// limitations under the License.



package {

    default_applicable_licenses: ["frameworks_base_license"],

}



filegroup {

    name: "frameworks-enforce-permission-test-aidl",

    srcs: ["aidl/**/*.aidl"],

}

tests/EnforcePermission/aidl/android/tests/enforcepermission/INested.aidl

0 → 100644
+25 −0
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2023 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */



package android.tests.enforcepermission;



interface INested {

    @EnforcePermission("ACCESS_NETWORK_STATE")

    void ProtectedByAccessNetworkState();



    @EnforcePermission("READ_SYNC_SETTINGS")

    void ProtectedByReadSyncSettings();

}

tests/EnforcePermission/aidl/android/tests/enforcepermission/IProtected.aidl

0 → 100644
+34 −0
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2023 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */



package android.tests.enforcepermission;



interface IProtected {

    @EnforcePermission("INTERNET")

    void ProtectedByInternet();



    @EnforcePermission("VIBRATE")

    void ProtectedByVibrate();



    @EnforcePermission("INTERNET")

    void ProtectedByInternetAndVibrateImplicitly();



    @EnforcePermission("INTERNET")

    void ProtectedByInternetAndAccessNetworkStateImplicitly();



    @EnforcePermission("INTERNET")

    void ProtectedByInternetAndReadSyncSettingsImplicitly();

}

tests/EnforcePermission/service-app/Android.bp

0 → 100644
+23 −0
Original line number Diff line number Diff line 
// Copyright (C) 2023 The Android Open Source Project

//

// Licensed under the Apache License, Version 2.0 (the "License");

// you may not use this file except in compliance with the License.

// You may obtain a copy of the License at

//

//      http://www.apache.org/licenses/LICENSE-2.0

//

// Unless required by applicable law or agreed to in writing, software

// distributed under the License is distributed on an "AS IS" BASIS,

// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

// See the License for the specific language governing permissions and

// limitations under the License.



android_test_helper_app {

    name: "EnforcePermissionTestHelper",

    srcs: [

        "src/**/*.java",

        ":frameworks-enforce-permission-test-aidl",

    ],

    platform_apis: true,

    certificate: "platform",

}

tests/EnforcePermission/service-app/AndroidManifest.xml

0 → 100644
+27 −0
Original line number Diff line number Diff line 
<?xml version="1.0" encoding="utf-8"?>

<!-- Copyright (C) 2023 The Android Open Source Project



     Licensed under the Apache License, Version 2.0 (the "License");

     you may not use this file except in compliance with the License.

     You may obtain a copy of the License at



          http://www.apache.org/licenses/LICENSE-2.0



     Unless required by applicable law or agreed to in writing, software

     distributed under the License is distributed on an "AS IS" BASIS,

     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

     See the License for the specific language governing permissions and

     limitations under the License.

-->

<manifest xmlns:android="http://schemas.android.com/apk/res/android"

  package="android.tests.enforcepermission.service">

    <application>

        <service

          android:name=".TestService"

          android:exported="true" />



        <service

          android:name=".NestedTestService"

          android:exported="true" />

    </application>

</manifest>