Merge "[RFPM02] Add Dependencies class for injection in tests."

    private final PackageManager mPackageManager;

    private final UserManager mUserManager;

    private final INetd mNetd;

    private final Dependencies mDeps;

    // Values are User IDs.

    @GuardedBy("this")

    @GuardedBy("this")

    private final Set<Integer> mAllApps = new HashSet<>();

    public PermissionMonitor(Context context, INetd netd) {

    /**

     * Dependencies of PermissionMonitor, for injection in tests.

     */

    @VisibleForTesting

    public static class Dependencies {

        /**

         * Get device first sdk version.

         */

        public int getDeviceFirstSdkInt() {

            return Build.VERSION.FIRST_SDK_INT;

        }

    }

    public PermissionMonitor(@NonNull final Context context, @NonNull final INetd netd) {

        this(context, netd, new Dependencies());

    }

    @VisibleForTesting

    PermissionMonitor(@NonNull final Context context, @NonNull final INetd netd,

            @NonNull final Dependencies deps) {

        mPackageManager = context.getPackageManager();

        mUserManager = (UserManager) context.getSystemService(Context.USER_SERVICE);

        mNetd = netd;

        mDeps = deps;

    }

    // Intended to be called only once at startup, after the system is ready. Installs a broadcast

        return appInfo.isVendor() || appInfo.isOem() || appInfo.isProduct();

    }

    @VisibleForTesting

    protected int getDeviceFirstSdkInt() {

        return Build.VERSION.FIRST_SDK_INT;

    }

    @VisibleForTesting

    boolean hasPermission(@NonNull final PackageInfo app, @NonNull final String permission) {

        if (app.requestedPermissions == null || app.requestedPermissionsFlags == null) {

        if (app.applicationInfo != null) {

            // Backward compatibility for b/114245686, on devices that launched before Q daemons

            // and apps running as the system UID are exempted from this check.

            if (app.applicationInfo.uid == SYSTEM_UID && getDeviceFirstSdkInt() < VERSION_Q) {

            if (app.applicationInfo.uid == SYSTEM_UID && mDeps.getDeviceFirstSdkInt() < VERSION_Q) {

                return true;

            }

    @Mock private INetd mNetdService;

    @Mock private PackageManagerInternal mMockPmi;

    @Mock private UserManager mUserManager;

    @Mock private PermissionMonitor.Dependencies mDeps;

    private PermissionMonitor mPermissionMonitor;

                        new UserInfo(MOCK_USER2, "", 0),

                }));

        mPermissionMonitor = spy(new PermissionMonitor(mContext, mNetdService));

        mPermissionMonitor = spy(new PermissionMonitor(mContext, mNetdService, mDeps));

        LocalServices.removeServiceForTest(PackageManagerInternal.class);

        LocalServices.addService(PackageManagerInternal.class, mMockPmi);

    @Test

    public void testHasRestrictedNetworkPermissionSystemUid() {

        doReturn(VERSION_P).when(mPermissionMonitor).getDeviceFirstSdkInt();

        doReturn(VERSION_P).when(mDeps).getDeviceFirstSdkInt();

        assertTrue(hasRestrictedNetworkPermission(PARTITION_SYSTEM, VERSION_P, SYSTEM_UID));

        assertTrue(hasRestrictedNetworkPermission(

                PARTITION_SYSTEM, VERSION_P, SYSTEM_UID, CONNECTIVITY_INTERNAL));

        assertTrue(hasRestrictedNetworkPermission(

                PARTITION_SYSTEM, VERSION_P, SYSTEM_UID, CONNECTIVITY_USE_RESTRICTED_NETWORKS));

        doReturn(VERSION_Q).when(mPermissionMonitor).getDeviceFirstSdkInt();

        doReturn(VERSION_Q).when(mDeps).getDeviceFirstSdkInt();

        assertFalse(hasRestrictedNetworkPermission(PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID));

        assertFalse(hasRestrictedNetworkPermission(

                PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID, CONNECTIVITY_INTERNAL));